channel.c 56.2 KB
Newer Older
Niels Möller's avatar
Niels Möller committed
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
/* channel.c
 *
 * $Id$
 */

/* lsh, an implementation of the ssh protocol
 *
 * Copyright (C) 1998 Niels Mller
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License as
 * published by the Free Software Foundation; either version 2 of the
 * License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
J.H.M. Dassen's avatar
J.H.M. Dassen committed
22
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
Niels Möller's avatar
Niels Möller committed
23
24
25
26
27
 */

#include "channel.h"

#include "format.h"
28
#include "io.h"
Niels Möller's avatar
Niels Möller committed
29
#include "read_data.h"
Niels Möller's avatar
Niels Möller committed
30
31
32
33
34
#include "ssh.h"
#include "werror.h"
#include "xalloc.h"

#include <assert.h>
35
#include <string.h>
Niels Möller's avatar
Niels Möller committed
36

37
#define GABA_DEFINE
38
#include "channel.h.x"
39
#undef GABA_DEFINE
40

41
42
#include "channel.c.x"

43
44
struct exception *
make_channel_open_exception(UINT32 error_code, const char *msg)
Niels Möller's avatar
Niels Möller committed
45
46
{
  NEW(channel_open_exception, self);
Niels Möller's avatar
Niels Möller committed
47
48
49
50
51
52
53
54
55
56
57
58
59
60

#define MAX_ERROR 4
  static const char *msgs[MAX_ERROR + 1] = {
    "",
    "Administratively prohibited",
    "Connect failed",
    "Unknown channel type",
    "Resource shortage"
  };

  assert(error_code > 0);
  assert(error_code <= MAX_ERROR);
#undef MAX_ERROR
  
Niels Möller's avatar
Niels Möller committed
61
  self->super.type = EXC_CHANNEL_OPEN;
Niels Möller's avatar
Niels Möller committed
62
  self->super.msg = msg ? msg : msgs[error_code];
Niels Möller's avatar
Niels Möller committed
63
64
65
66
67
  self->error_code = error_code;

  return &self->super;
}

68

69
70
struct lsh_string *
format_global_failure(void)
Niels Möller's avatar
Niels Möller committed
71
72
73
74
{
  return ssh_format("%c", SSH_MSG_REQUEST_FAILURE);
}

75
76
struct lsh_string *
format_global_success(void)
77
78
79
80
{
  return ssh_format("%c", SSH_MSG_REQUEST_SUCCESS);
}

81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
/* The advertised rec_max_size must be a little smaller than SSH_MAX_PACKET,
 * to make sure that our peer won't send us packets exceeding our limit for
 * the connection. */

/* NOTE: It would make some sense to use the connection's
 * rec_max_packet instead of the SSH_MAX_PACKET constant. */

#define SSH_MAX_DATA_SIZE (SSH_MAX_PACKET - SSH_CHANNEL_MAX_PACKET_FUZZ)

static void
check_rec_max_packet(struct ssh_channel *channel)
{
  /* Never advertise a larger rec_max_packet than we're willing to
   * handle. */

  if (channel->rec_max_packet > SSH_MAX_DATA_SIZE)
    {
      debug("check_rec_max_packet: Reduced rec_max_packet from %i to %i.\n",
	    channel->rec_max_packet, SSH_MAX_DATA_SIZE);
      channel->rec_max_packet = SSH_MAX_DATA_SIZE;
    }
}

104
105
106
107
struct lsh_string *
format_open_confirmation(struct ssh_channel *channel,
			 UINT32 channel_number,
			 const char *format, ...)
108
109
110
111
{
  va_list args;
  UINT32 l1, l2;
  struct lsh_string *packet;
112
  
113
#define CONFIRM_FORMAT "%c%i%i%i%i"
114
115
#define CONFIRM_ARGS \
  SSH_MSG_CHANNEL_OPEN_CONFIRMATION, channel->channel_number, \
116
117
  channel_number, channel->rec_window_size, channel->rec_max_packet
    
118
119
  check_rec_max_packet(channel);

120
  debug("format_open_confirmation: rec_window_size = %i,\n"
121
	"                          rec_max_packet = %i,\n",
122
       channel->rec_window_size,
123
       channel->rec_max_packet);
124
125
126
127
128
129
130
131
132
133
134
  l1 = ssh_format_length(CONFIRM_FORMAT, CONFIRM_ARGS);

  va_start(args, format);
  l2 = ssh_vformat_length(format, args);
  va_end(args);

  packet = lsh_string_alloc(l1 + l2);

  ssh_format_write(CONFIRM_FORMAT, l1, packet->data, CONFIRM_ARGS);

  va_start(args, format);
135
  ssh_vformat_write(format, l2, packet->data+l1, args);
136
137
138
139
140
141
142
  va_end(args);

  return packet;
#undef CONFIRM_FORMAT
#undef CONFIRM_ARGS
}

143
144
145
struct lsh_string *
format_open_failure(UINT32 channel, UINT32 reason,
		    const char *msg, const char *language)
Niels Möller's avatar
Niels Möller committed
146
147
148
149
150
{
  return ssh_format("%c%i%i%z%z", SSH_MSG_CHANNEL_OPEN_FAILURE,
		    channel, reason, msg, language);
}

151
152
struct lsh_string *
format_channel_success(UINT32 channel)
153
154
155
156
{
  return ssh_format("%c%i", SSH_MSG_CHANNEL_SUCCESS, channel);
}

157
158
struct lsh_string *
format_channel_failure(UINT32 channel)
Niels Möller's avatar
Niels Möller committed
159
160
161
162
{
  return ssh_format("%c%i", SSH_MSG_CHANNEL_FAILURE, channel);
}

163
164
165
struct lsh_string *
prepare_window_adjust(struct ssh_channel *channel,
		      UINT32 add)
166
167
168
169
170
171
172
173
{
  channel->rec_window_size += add;
  
  return ssh_format("%c%i%i",
		    SSH_MSG_CHANNEL_WINDOW_ADJUST,
		    channel->channel_number, add);
}

Niels Möller's avatar
Niels Möller committed
174
175
176
177
178
/* GABA:
   (class
     (name exc_finish_channel_handler)
     (super exception_handler)
     (vars
179
       (connection object ssh_connection)
180
181
       ; Non-zero if the channel has already been deallocated.
       (dead . int)
Niels Möller's avatar
Niels Möller committed
182
183
184
185
       ; Local channel number 
       (channel_number . UINT32)))
*/

186
187
188
static void
do_exc_finish_channel_handler(struct exception_handler *s,
			      const struct exception *e)
Niels Möller's avatar
Niels Möller committed
189
190
191
192
193
{
  CAST(exc_finish_channel_handler, self, s);

  switch (e->type)
    {
Niels Möller's avatar
Niels Möller committed
194
    case EXC_FINISH_PENDING:
195
196
      if (self->dead)
	werror("channel.c: EXC_FINISH_PENDING on dead channel.\n");
Niels Möller's avatar
Niels Möller committed
197

198
      self->connection->table->pending_close = 1;
199
200
201
202
203

      /* NOTE: We don't need to raise a EXC_FINISH_READ here. Only
       * code in a live channel is supposed to raise
       * EXC_FINISH_PENDING. The typical caller is a channel's
       * CHANNEL_CLOSE callback that is called below. */
Niels Möller's avatar
Niels Möller committed
204
205
      break;
      
Niels Möller's avatar
Niels Möller committed
206
207
    case EXC_FINISH_CHANNEL:
      /* NOTE: This type of exception must be handled only once.
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
       * However, there is at least one case where it is difficult to
       * ensure that the exception is raised only once.
       *
       * For instance, in do_channel_close, the CHANNEL_EOF callback
       * can decide to call close_channel, which might raise this
       * exception. When control gets back to do_channel_close, and
       * CHANNEL_SENT_CLOSE is true, it raises the exception again.
       *
       * To get this right, we set a flag when the channel is
       * deallocated. */
      if (self->dead)
	debug("EXC_FINISH_CHANNEL on dead channel.\n");
      else
	{
	  struct ssh_channel *channel
223
	    = self->connection->table->channels[self->channel_number];
224
225
226
227
228
229
230
231

	  assert(channel);
	  assert(channel->resources->super.alive);

	  if (channel->close)
	    CHANNEL_CLOSE(channel);
	
	  KILL_RESOURCE_LIST(channel->resources);
Niels Möller's avatar
Niels Möller committed
232
	
233
	  dealloc_channel(self->connection->table, self->channel_number);
234
235
	  self->dead = 1;

236
	  if (self->connection->table->pending_close &&
237
	      !self->connection->table->channel_count)
238
239
	    {
	      /* FIXME: Send a SSH_DISCONNECT_BY_APPLICATION message? */
240
	      EXCEPTION_RAISE(self->connection->e, &finish_read_exception);
241
242
	    }
	}
Niels Möller's avatar
Niels Möller committed
243
244
245
246
247
248
249
      break;
    default:
      EXCEPTION_RAISE(self->super.parent, e);
    }
}

static struct exception_handler *
250
make_exc_finish_channel_handler(struct ssh_connection *connection,
Niels Möller's avatar
Niels Möller committed
251
				UINT32 channel_number,
252
253
				struct exception_handler *e,
				const char *context)
Niels Möller's avatar
Niels Möller committed
254
255
256
257
{
  NEW(exc_finish_channel_handler, self);
  self->super.parent = e;
  self->super.raise = do_exc_finish_channel_handler;
258
  self->super.context = context;
Niels Möller's avatar
Niels Möller committed
259

260
  self->connection = connection;
261
  self->channel_number = channel_number;
262
  self->dead = 0;
263
  
Niels Möller's avatar
Niels Möller committed
264
  return &self->super;
Niels Möller's avatar
Niels Möller committed
265
266
267
}
				

268
/* Channel objects */
Niels Möller's avatar
Niels Möller committed
269
270
271
272
273

#define INITIAL_CHANNELS 32
/* Arbitrary limit */
#define MAX_CHANNELS (1L<<17)

274
275
struct channel_table *
make_channel_table(void)
Niels Möller's avatar
Niels Möller committed
276
{
277
  NEW(channel_table, table);
Niels Möller's avatar
Niels Möller committed
278

279
  table->channels = lsh_space_alloc(sizeof(struct ssh_channel *)
280
				      * INITIAL_CHANNELS);
Niels Möller's avatar
Niels Möller committed
281
282
  table->in_use = lsh_space_alloc(INITIAL_CHANNELS);
  
283
284
  table->allocated_channels = INITIAL_CHANNELS;
  table->used_channels = 0;
285
286
287
  table->next_channel = 0;
  table->channel_count = 0;
  
288
  table->max_channels = MAX_CHANNELS;
Niels Möller's avatar
Niels Möller committed
289

Niels Möller's avatar
Niels Möller committed
290
  table->pending_close = 0;
291

292
293
  table->global_requests = make_alist(0, -1);
  table->channel_types = make_alist(0, -1);
294
  table->open_fallback = NULL;
295
  
296
297
  object_queue_init(&table->local_ports);
  object_queue_init(&table->remote_ports);
298
  table->x11_display = NULL;
299
  
300
301
  object_queue_init(&table->active_global_requests);
  object_queue_init(&table->pending_global_requests);
Niels Möller's avatar
Niels Möller committed
302
  
303
  return table;
304
}
Niels Möller's avatar
Niels Möller committed
305
306

/* Returns -1 if allocation fails */
307
308
309
/* NOTE: This function returns locally chosen channel numbers, which
 * are always small integers. So there's no problem fitting them in
 * a signed int. */
310
311
int
alloc_channel(struct channel_table *table)
Niels Möller's avatar
Niels Möller committed
312
{
313
  UINT32 i;
314
  
315
  for(i = table->next_channel; i < table->used_channels; i++)
Niels Möller's avatar
Niels Möller committed
316
    {
317
      if (table->in_use[i] == CHANNEL_FREE)
Niels Möller's avatar
Niels Möller committed
318
	{
Niels Möller's avatar
Niels Möller committed
319
	  assert(!table->channels[i]);
320
	  table->in_use[i] = CHANNEL_RESERVED;
321
	  table->next_channel = i+1;
322

323
	  goto success;
Niels Möller's avatar
Niels Möller committed
324
325
	}
    }
326
  if (i == table->max_channels)
Niels Möller's avatar
Niels Möller committed
327
    return -1;
328

329
  if (i == table->allocated_channels) 
Niels Möller's avatar
Niels Möller committed
330
    {
331
      UINT32 new_size = table->allocated_channels * 2;
Niels Möller's avatar
Niels Möller committed
332
      struct ssh_channel **new_channels;
Niels Möller's avatar
Niels Möller committed
333
      UINT8 *new_in_use;
Niels Möller's avatar
Niels Möller committed
334

Niels Möller's avatar
Niels Möller committed
335
336
337
      new_channels = lsh_space_alloc(sizeof(struct ssh_channel *)
				     * new_size);
      memcpy(new_channels, table->channels,
338
	     sizeof(struct ssh_channel *) * table->used_channels);
Niels Möller's avatar
Niels Möller committed
339
340
341
      lsh_space_free(table->channels);
      table->channels = new_channels;

342
      /* FIXME: Use realloc(). */
Niels Möller's avatar
Niels Möller committed
343
344
345
346
347
      new_in_use = lsh_space_alloc(new_size);
      memcpy(new_in_use, table->in_use, table->used_channels);
      lsh_space_free(table->in_use);
      table->in_use = new_in_use;

348
      table->allocated_channels = new_size;
Niels Möller's avatar
Niels Möller committed
349
350
    }

351
  table->next_channel = table->used_channels = i+1;
Niels Möller's avatar
Niels Möller committed
352

353
  table->in_use[i] = CHANNEL_RESERVED;
354
355
  table->channels[i] = NULL;
  
356
357
 success:
  table->channel_count++;
358
  verbose("Allocated local channel number %i\n", i);
359

Niels Möller's avatar
Niels Möller committed
360
361
362
  return i;
}

363
364
void
dealloc_channel(struct channel_table *table, int i)
Niels Möller's avatar
Niels Möller committed
365
366
{
  assert(i >= 0);
367
  assert( (unsigned) i < table->used_channels);
368
369
  assert(table->channel_count);
  
370
  verbose("Deallocating local channel %i\n", i);
371
  table->channels[i] = NULL;
372
  table->in_use[i] = CHANNEL_FREE;
373
374

  table->channel_count--;
Niels Möller's avatar
Niels Möller committed
375
  
376
  if ( (unsigned) i < table->next_channel)
377
378
379
    table->next_channel = i;
}

380
381
382
383
384
385
386
387
388
389
390
391
392
393
void
use_channel(struct ssh_connection *connection,
	    UINT32 local_channel_number)
{
  struct channel_table *table = connection->table;
  struct ssh_channel *channel = table->channels[local_channel_number];

  assert(channel);
  assert(table->in_use[local_channel_number] == CHANNEL_RESERVED);
  
  table->in_use[local_channel_number] = CHANNEL_IN_USE;
  verbose("Taking channel %i in use, (local %i).\n",
	  channel->channel_number, local_channel_number);
}
394

395
void
396
register_channel(UINT32 local_channel_number,
397
398
		 struct ssh_channel *channel,
		 int take_into_use)
399
{
400
  struct channel_table *table = channel->connection->table;
401
  
402
  assert(table->in_use[local_channel_number] == CHANNEL_RESERVED);
Niels Möller's avatar
Niels Möller committed
403
  assert(!table->channels[local_channel_number]);
404

405
406
407
  verbose("Registering local channel %i.\n",
	  local_channel_number);
  
408
  /* NOTE: Is this the right place to install this exception handler? */
409
  channel->e =
410
    make_exc_finish_channel_handler(channel->connection,
411
				    local_channel_number,
412
413
				    (channel->e ? channel->e
				     : channel->connection->e),
414
415
416
				    HANDLER_CONTEXT);

  table->channels[local_channel_number] = channel;
417

418
  if (take_into_use)
419
    use_channel(channel->connection, local_channel_number);
420
  
421
  remember_resource(channel->connection->resources,
422
		    &channel->resources->super);
Niels Möller's avatar
Niels Möller committed
423
424
}

425
426
427
428
429
430
431
432
433
434
struct ssh_channel *
lookup_channel(struct channel_table *table, UINT32 i)
{
  return ( (i < table->used_channels)
	   && (table->in_use[i] == CHANNEL_IN_USE))
    ? table->channels[i] : NULL;
}

struct ssh_channel *
lookup_channel_reserved(struct channel_table *table, UINT32 i)
Niels Möller's avatar
Niels Möller committed
435
{
436
437
  return ( (i < table->used_channels)
	   && (table->in_use[i] == CHANNEL_RESERVED))
438
    ? table->channels[i] : NULL;
Niels Möller's avatar
Niels Möller committed
439
440
}

441

442
443
/* FIXME: It seems suboptimal to send a window adjust message for
 * *every* write that we do. A better scheme might be as follows:
444
445
446
447
448
449
450
 *
 * Delay window adjust messages, keeping track of both the locally
 * maintained window size, which is updated after each write, and the
 * size that has been reported to the remote end. When the difference
 * between these two values gets large enough (say, larger than one
 * half or one third of the maximum window size), we send a
 * window_adjust message to sync them. */
451
452
static void
adjust_rec_window(struct flow_controlled *f, UINT32 written)
453
{
454
455
  CAST_SUBTYPE(ssh_channel, channel, f);

456
457
458
459
  /* NOTE: The channel object (referenced as a flow-control callback)
   * may live longer than the actual channel. */
  if (! (channel->flags & (CHANNEL_RECEIVED_EOF | CHANNEL_RECEIVED_CLOSE
			   | CHANNEL_SENT_CLOSE)))
460
    C_WRITE(channel->connection,
461
	    prepare_window_adjust(channel, written));
462
463
}

464
465
466
void
channel_start_receive(struct ssh_channel *channel,
		      UINT32 initial_window_size)
467
{
468
  if (channel->rec_window_size < initial_window_size)
469
    C_WRITE(channel->connection,
470
471
	    prepare_window_adjust
	    (channel, initial_window_size - channel->rec_window_size));
472
473
}

Niels Möller's avatar
Niels Möller committed
474
/* Channel related messages */
475
476
477

/* GABA:
   (class
478
     (name request_status)
479
480
481
482
483
484
485
     (vars
       ; -1 for still active requests,
       ; 0 for failure,
       ; 1 for success
       (status . int)))
*/

486
487
static struct request_status *
make_request_status(void)
488
{
489
  NEW(request_status, self);
490
491
492
493
494
495
496
  self->status = -1;

  return self;
}

/* GABA:
   (class
497
498
     (name global_request_continuation)
     (super command_continuation)
499
     (vars
500
501
       (connection object ssh_connection)
       (active object request_status)))
502
503
*/

504
505
506
static void 
send_global_request_responses(struct ssh_connection *connection, 
			      struct object_queue *q)
507
{
508
509
510
511
512
513
   for (;;)
     {
       CAST(request_status, n, object_queue_peek_head(q));
       if (!n || (n->status < 0))
	 break;
 
514
      object_queue_remove_head(q);
Niels Möller's avatar
Niels Möller committed
515

516
      C_WRITE(connection,
Niels Möller's avatar
Niels Möller committed
517
518
	      (n->status
	       ? format_global_success()
519
	       : format_global_failure()));
520
521
522
    }
}

523
524
525
static void
do_global_request_response(struct command_continuation *s,
			   struct lsh_object *x UNUSED)
526
{
527
528
  CAST(global_request_continuation, self, s);
  struct object_queue *q = &self->connection->table->active_global_requests;
529

530
531
532
533
  assert(self->active->status == -1);
  assert(!object_queue_is_empty(q));
	  
  self->active->status = 1;
534

535
536
  send_global_request_responses(self->connection, q);
}
537

538
539
540
541
542
543
544
545
546
547
static struct command_continuation *
make_global_request_response(struct ssh_connection *connection,
			     struct request_status *active)
{
  NEW(global_request_continuation, self);

  self->super.c = do_global_request_response;
  self->connection = connection;
  self->active = active;
   
548
549
  return &self->super;
}
550
551
552
553
554
555
556
557
558
559
560
561
562


/* GABA:
   (class
     (name global_request_exception_handler)
     (super exception_handler)
     (vars
       (connection object ssh_connection)
       (active object request_status)))
*/

/* NOTE: We handle *only* EXC_GLOBAL_REQUEST */
static void 
563
do_exc_global_request_handler(struct exception_handler *c,
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
			  const struct exception *e)
{
  CAST(global_request_exception_handler, self, c);
  if (e->type == EXC_GLOBAL_REQUEST)
    {
      struct object_queue *q = &self->connection->table->active_global_requests;
      
      assert(self->active->status == -1);
      assert(!object_queue_is_empty(q));

      self->active->status = 0;
  
      send_global_request_responses(self->connection, q);
    }
  else
    EXCEPTION_RAISE(c->parent, e);
}

static struct exception_handler *
make_global_request_exception_handler(struct ssh_connection *connection,
				      struct request_status *active,
				      struct exception_handler *h,
				      const char *context)
Niels Möller's avatar
Niels Möller committed
587
{
588
589
  NEW(global_request_exception_handler, self);

590
  self->super.raise = do_exc_global_request_handler;
591
592
593
594
595
596
  self->super.context = context;
  self->super.parent = h;
  self->active = active;
  self->connection = connection;
  return &self->super;
}
Niels Möller's avatar
Niels Möller committed
597

598
DEFINE_PACKET_HANDLER(static, global_request_handler, connection, packet)
599
{
Niels Möller's avatar
Niels Möller committed
600
  struct simple_buffer buffer;
601
  unsigned msg_number;
Niels Möller's avatar
Niels Möller committed
602
603
604
605
606
607
608
609
610
611
  int name;
  int want_reply;
  
  simple_buffer_init(&buffer, packet->length, packet->data);

  if (parse_uint8(&buffer, &msg_number)
      && (msg_number == SSH_MSG_GLOBAL_REQUEST)
      && parse_atom(&buffer, &name)
      && parse_boolean(&buffer, &want_reply))
    {
612
      struct global_request *req = NULL;
613
614
      struct command_continuation *c = &discard_continuation;
      struct exception_handler *e = connection->e;
615
616
617
618
619
620
621
622
623

      if (name && connection->table->global_requests)
	{
	  CAST_SUBTYPE(global_request, r,
		       ALIST_GET(connection->table->global_requests,
				 name));
	  req = r;
	}
      if (!req)
624
	{
Niels Möller's avatar
Niels Möller committed
625
626
	  C_WRITE(connection, format_global_failure());
	  return;
Niels Möller's avatar
Niels Möller committed
627
628
629
630
631
	}
      else
	{
	  if (want_reply)
	    {
632
	      struct request_status *a = make_request_status();
Niels Möller's avatar
Niels Möller committed
633
	      
Niels Möller's avatar
Niels Möller committed
634
	      object_queue_add_tail(&connection->table->active_global_requests,
Niels Möller's avatar
Niels Möller committed
635
636
637
				    &a->super);
	      
	      c = make_global_request_response(connection, a);
638
639
640
641
642
643
644
645
646
647
648
	      e = make_global_request_exception_handler(connection, a, e, HANDLER_CONTEXT);
	    }
	  else
	    {
	      /* We should ignore failures. */
	      static struct report_exception_info global_req_ignore =
		STATIC_REPORT_EXCEPTION_INFO(EXC_ALL, EXC_GLOBAL_REQUEST,
					     "Ignored:");
	      
	      e = make_report_exception_handler(&global_req_ignore,
						e, HANDLER_CONTEXT);
Niels Möller's avatar
Niels Möller committed
649
	    }
650
	  GLOBAL_REQUEST(req, connection, name, want_reply, &buffer, c, e);
651
	}
Niels Möller's avatar
Niels Möller committed
652
    }
Niels Möller's avatar
Niels Möller committed
653
  else
654
    PROTOCOL_ERROR(connection->e, "Invalid SSH_MSG_GLOBAL_REQUEST message.");
Niels Möller's avatar
Niels Möller committed
655
656
}

657
658
DEFINE_PACKET_HANDLER(static, global_success_handler,
		      connection, packet)
659
660
{
  if (packet->length != 1)
Niels Möller's avatar
Niels Möller committed
661
    {
662
      PROTOCOL_ERROR(connection->e, "Invalid GLOBAL_REQUEST_SUCCESS message.");
663
      return;
Niels Möller's avatar
Niels Möller committed
664
    }
665
666
667

  assert(packet->data[0] == SSH_MSG_REQUEST_SUCCESS);

Niels Möller's avatar
Niels Möller committed
668
  if (object_queue_is_empty(&connection->table->pending_global_requests))
669
670
    {
      werror("do_global_request_success: Unexpected message, ignoring.\n");
Niels Möller's avatar
Niels Möller committed
671
      return;
672
673
    }
  {
674
    CAST_SUBTYPE(command_context, ctx,
Niels Möller's avatar
Niels Möller committed
675
676
		 object_queue_remove_head(&connection->table->pending_global_requests));
    COMMAND_RETURN(ctx->c, connection);
677
678
679
  }
}

680
681
682
struct exception global_request_exception =
STATIC_EXCEPTION(EXC_GLOBAL_REQUEST, "Global request failed");

683
684
DEFINE_PACKET_HANDLER(static, global_failure_handler,
		      connection, packet)
685
686
{
  if (packet->length != 1)
Niels Möller's avatar
Niels Möller committed
687
    {
688
      PROTOCOL_ERROR(connection->e, "Invalid GLOBAL_REQUEST_FAILURE message.");
689
      return;
Niels Möller's avatar
Niels Möller committed
690
    }
691
692
693

  assert(packet->data[0] == SSH_MSG_REQUEST_FAILURE);

Niels Möller's avatar
Niels Möller committed
694
  if (object_queue_is_empty(&connection->table->pending_global_requests))
695
696
697
    {
      werror("do_global_request_failure: Unexpected message, ignoring.\n");
    }
Niels Möller's avatar
Niels Möller committed
698
699
700
701
702
703
  else
    {
      CAST_SUBTYPE(command_context, ctx,
		   object_queue_remove_head(&connection->table->pending_global_requests));
      EXCEPTION_RAISE(ctx->e, &global_request_exception);
    }
704
705
}

706
707
708
709
710
711
712
713
714
715
716
717
718
719
/* FIXME: Don't store the channel here, instead have it passed as the
 * argument of the continuation. This might also allow some
 * unification with the handling of global_requests. */

/* GABA:
   (class
     (name channel_request_continuation)
     (super command_continuation)
     (vars
       (channel object ssh_channel)
       (active object request_status)))
*/

static void
720
send_channel_request_responses(struct ssh_channel *channel,
721
722
723
724
725
726
727
728
729
730
			       struct object_queue *q)
{
  for (;;)
    {
      CAST(request_status, n, object_queue_peek_head(q));
      if (!n || (n->status < 0))
	break;

      object_queue_remove_head(q);

731
      C_WRITE(channel->connection,
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
	      (n->status
	       ? format_channel_success(channel->channel_number)
	       : format_channel_failure(channel->channel_number)));
    }
}

static void
do_channel_request_response(struct command_continuation *s,
			    struct lsh_object *x UNUSED)
{
  CAST(channel_request_continuation, self, s);
  struct object_queue *q = &self->channel->active_requests;

  assert(self->active->status == -1);
  assert(!object_queue_is_empty(q));
	  
  self->active->status = 1;

750
  send_channel_request_responses(self->channel, q);
751
752
753
}

static struct command_continuation *
754
make_channel_request_response(struct ssh_channel *channel,
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
			      struct request_status *active)
{
  NEW(channel_request_continuation, self);

  self->super.c = do_channel_request_response;
  self->channel = channel;
  self->active = active;

  return &self->super;
}

/* GABA:
   (class
     (name channel_request_exception_handler)
     (super exception_handler)
     (vars
       (channel object ssh_channel)
       (active object request_status)))
*/

/* NOTE: We handle *only* EXC_CHANNEL_REQUEST */
static void 
777
778
do_exc_channel_request_handler(struct exception_handler *c,
			       const struct exception *e)
779
780
781
782
783
784
785
786
787
788
789
{
  CAST(channel_request_exception_handler, self, c);
  if (e->type == EXC_CHANNEL_REQUEST)
    {
      struct object_queue *q = &self->channel->active_requests;

      assert(self->active->status == -1);
      assert(!object_queue_is_empty(q));
      
      self->active->status = 0;
      
790
      send_channel_request_responses(self->channel, q);
791
792
793
794
795
796
    }
  else
    EXCEPTION_RAISE(c->parent, e);
}

static struct exception_handler *
797
make_channel_request_exception_handler(struct ssh_channel *channel,
798
799
800
801
802
803
				       struct request_status *active,
				       struct exception_handler *h,
				       const char *context)
{
  NEW(channel_request_exception_handler, self);

804
  self->super.raise = do_exc_channel_request_handler;
805
806
  self->super.parent = h;
  self->super.context = context;
807

808
809
810
811
812
813
  self->channel = channel;
  self->active = active;

  return &self->super;
}

814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
static int
parse_channel_request(struct simple_buffer *buffer,
		      UINT32 *channel_number,
		      struct channel_request_info *info)
{
  unsigned msg_number;

  if (parse_uint8(buffer, &msg_number)
      && (msg_number == SSH_MSG_CHANNEL_REQUEST)
      && parse_uint32(buffer, channel_number)
      && parse_string(buffer,
		      &info->type_length, &info->type_data)
      && parse_boolean(buffer, &info->want_reply))
    {
      info->type = lookup_atom(info->type_length, info->type_data);
      return 1;
    }
  else
    return 0;
}

835
836
DEFINE_PACKET_HANDLER(static, channel_request_handler,
		      connection, packet)
837
838
{
  struct simple_buffer buffer;
839
  struct channel_request_info info;
840
841
842
843
  UINT32 channel_number;
  
  simple_buffer_init(&buffer, packet->length, packet->data);

844
  if (parse_channel_request(&buffer, &channel_number, &info))
845
846
847
848
849
850
851
852
853
854
    {
      struct ssh_channel *channel = lookup_channel(connection->table,
						   channel_number);

      /* NOTE: We can't free packet yet, because it is not yet fully
       * parsed. There may be some more arguments, which are parsed by
       * the CHANNEL_REQUEST method below. */

      if (channel)
	{
855
	  struct channel_request *req = NULL;
856
857
858
	  struct command_continuation *c = &discard_continuation;
	  struct exception_handler *e = channel->e;

859
	  if (info.type && channel->request_types)
860
861
	    {
	      CAST_SUBTYPE(channel_request, r,
862
			   ALIST_GET(channel->request_types, info.type));
863
864
	      req = r;
	    }
865
866
867
	  if (!req)
	    req = channel->request_fallback;
	  
868
	  if (req)
869
	    {
870
	      if (info.want_reply)
871
872
873
874
875
876
		{
		  struct request_status *a = make_request_status();
		  
		  object_queue_add_tail(&channel->active_requests,
					&a->super);
		  
877
878
		  c = make_channel_request_response(channel, a);
		  e = make_channel_request_exception_handler(channel, a, e, HANDLER_CONTEXT);
879
880
881
882
883
884
885
886
887
888
889
890
		}
	      else
		{
		  /* We should ignore failures. */
		  static struct report_exception_info channel_req_ignore =
		    STATIC_REPORT_EXCEPTION_INFO(EXC_ALL, EXC_CHANNEL_REQUEST,
						 "Ignored:");
		  
		  e = make_report_exception_handler(&channel_req_ignore,
						    e, HANDLER_CONTEXT);
		}
	      
891
	      CHANNEL_REQUEST(req, channel, &info, &buffer, c, e);
892
893
894
	    }
	  else
	    {
895
	      if (info.want_reply)
896
897
898
899
900
901
		C_WRITE(connection,
			format_channel_failure(channel->channel_number));
	    }
	}
      else
	{
902
903
	  werror("SSH_MSG_CHANNEL_REQUEST on nonexistant channel %i: %xS\n",
		 channel_number, packet);
904
905
906
907
908
909
910
	}
    }
  else
    PROTOCOL_ERROR(connection->e, "Invalid SSH_MSG_CHANNEL_REQUEST message.");
}


Niels Möller's avatar
Niels Möller committed
911
/* GABA:
912
913
914
915
916
   (class
     (name channel_open_continuation)
     (super command_continuation)
     (vars
       (connection object ssh_connection)
Niels Möller's avatar
Niels Möller committed
917
918
       (local_channel_number . UINT32)
       (remote_channel_number . UINT32)
919
920
       (send_window_size . UINT32)
       (send_max_packet . UINT32)))
921
*/
922

Niels Möller's avatar
Niels Möller committed
923
924
925
static void
do_channel_open_continue(struct command_continuation *c,
			 struct lsh_object *value)
926
927
{
  CAST(channel_open_continuation, self, c);
Niels Möller's avatar
Niels Möller committed
928
929
930
931
932
933
934
  CAST_SUBTYPE(ssh_channel, channel, value);

  assert(channel);

  /* FIXME: This copying could just as well be done by the
   * CHANNEL_OPEN handler? Then we can remove the corresponding fields
   * from the closure as well. */
935
936
  channel->send_window_size = self->send_window_size;
  channel->send_max_packet = self->send_max_packet;
Niels Möller's avatar
Niels Möller committed
937
938
  channel->channel_number = self->remote_channel_number;

939
940
941
942
  channel->connection = self->connection;
  
  register_channel(self->local_channel_number,
		   channel,
943
		   1);
Niels Möller's avatar
Niels Möller committed
944
945
946
947
948

  /* FIXME: Doesn't support sending extra arguments with the
   * confirmation message. */

  C_WRITE(self->connection,
Niels Möller's avatar
Niels Möller committed
949
	  format_open_confirmation(channel, self->local_channel_number, ""));
950
}
Niels Möller's avatar
Niels Möller committed
951

Niels Möller's avatar
Niels Möller committed
952
static struct command_continuation *
Niels Möller's avatar
Niels Möller committed
953
954
955
make_channel_open_continuation(struct ssh_connection *connection,
			       UINT32 local_channel_number,
			       UINT32 remote_channel_number,
956
957
			       UINT32 send_window_size,
			       UINT32 send_max_packet)
Niels Möller's avatar
Niels Möller committed
958
959
{
  NEW(channel_open_continuation, self);
Niels Möller's avatar
Niels Möller committed
960

Niels Möller's avatar
Niels Möller committed
961
962
963
964
  self->super.c = do_channel_open_continue;
  self->connection = connection;
  self->local_channel_number = local_channel_number;
  self->remote_channel_number = remote_channel_number;
965
966
  self->send_window_size = send_window_size;
  self->send_max_packet = send_max_packet;
Niels Möller's avatar
Niels Möller committed
967

Niels Möller's avatar
Niels Möller committed
968
  return &self->super;
Niels Möller's avatar
Niels Möller committed
969
970
971
972
973
974
975
976
977
}
			       
/* GABA:
   (class
     (name exc_channel_open_handler)
     (super exception_handler)
     (vars
       (connection object ssh_connection)
       (local_channel_number . UINT32)
Niels Möller's avatar
Niels Möller committed
978
       (remote_channel_number . UINT32)))
Niels Möller's avatar
Niels Möller committed
979
980
*/

981
982
983
static void
do_exc_channel_open_handler(struct exception_handler *s,
			    const struct exception *e)
Niels Möller's avatar
Niels Möller committed
984
985
986
987
988
989
990
991
{
  CAST(exc_channel_open_handler, self, s);

  switch (e->type)
    {
    case EXC_CHANNEL_OPEN:
      {
	CAST_SUBTYPE(channel_open_exception, exc, e);
Niels Möller's avatar
Niels Möller committed
992
	struct channel_table *table = self->connection->table;
Niels Möller's avatar
Niels Möller committed
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
	
	assert(table->in_use[self->local_channel_number]);
	assert(!table->channels[self->local_channel_number]);

	dealloc_channel(table, self->local_channel_number);
	
        C_WRITE(self->connection,
		format_open_failure(self->remote_channel_number,
				    exc->error_code, e->msg, ""));
	break;
      }
    default:
      EXCEPTION_RAISE(self->super.parent, e);
    }      
}

static struct exception_handler *
make_exc_channel_open_handler(struct ssh_connection *connection,
			      UINT32 local_channel_number,
			      UINT32 remote_channel_number,
1013
1014
			      struct exception_handler *parent,
			      const char *context)
Niels Möller's avatar
Niels Möller committed
1015
{
Niels Möller's avatar
Niels Möller committed
1016
  NEW(exc_channel_open_handler, self);
Niels Möller's avatar
Niels Möller committed
1017
  self->super.parent = parent;
Niels Möller's avatar
Niels Möller committed
1018
  self->super.raise = do_exc_channel_open_handler;
1019
1020
  self->super.context = context;
  
Niels Möller's avatar
Niels Möller committed
1021
  self->connection = connection;
Niels Möller's avatar
Niels Möller committed
1022
1023
1024
1025
1026
1027
  self->local_channel_number = local_channel_number;
  self->remote_channel_number = remote_channel_number;

  return &self->super;
}

1028
1029
1030
1031
1032
1033
1034
1035
static int
parse_channel_open(struct simple_buffer *buffer,
		   struct channel_open_info *info)
{
  unsigned msg_number;

  if (parse_uint8(buffer, &msg_number)
      && (msg_number == SSH_MSG_CHANNEL_OPEN)
1036
      && parse_string(buffer, &info->type_length, &info->type_data)
1037
1038
1039
1040
      && parse_uint32(buffer, &info->remote_channel_number)
      && parse_uint32(buffer, &info->send_window_size)
      && parse_uint32(buffer, &info->send_max_packet))
    {
1041
      info->type = lookup_atom(info->type_length, info->type_data);
1042
1043

      /* We don't support larger packets than the default,
1044
1045
       * SSH_MAX_PACKET. */
      if (info->send_max_packet > SSH_MAX_PACKET)
1046
1047
	{
	  werror("do_channel_open: The remote end asked for really large packets.\n");
1048
	  info->send_max_packet = SSH_MAX_PACKET;
1049
1050
1051
1052
1053
1054
1055
1056
1057
	}

      return 1;
    }
  else
    return 0;
}


1058
1059
DEFINE_PACKET_HANDLER(static, channel_open_handler,
		      connection, packet)
Niels Möller's avatar
Niels Möller committed
1060
1061
{
  struct simple_buffer buffer;
1062
1063
  struct channel_open_info info;
  
Niels Möller's avatar
Niels Möller committed
1064
  simple_buffer_init(&buffer, packet->length, packet->data);
1065

1066
  if (parse_channel_open(&buffer, &info))
Niels Möller's avatar
Niels Möller committed
1067
    {
1068
      struct channel_open *open = NULL;
Niels Möller's avatar
Niels Möller committed
1069

Niels Möller's avatar
Niels Möller committed
1070
1071
1072
1073
      /* NOTE: We can't free the packet yet, as the buffer is passed
       * to the CHANNEL_OPEN method later. */

      if (connection->table->pending_close)
Niels Möller's avatar
Niels Möller committed
1074
1075
1076
1077
	{
	  /* We are waiting for channels to close. Don't open any new ones. */

	  C_WRITE(connection,
1078
		  format_open_failure(info.remote_channel_number,
Niels Möller's avatar
Niels Möller committed
1079
1080
1081
1082
1083
				      SSH_OPEN_ADMINISTRATIVELY_PROHIBITED,
				      "Waiting for channels to close.", ""));
	}
      else
	{
1084
	  if (info.type)
1085
	    {
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
	      CAST_SUBTYPE(channel_open, o,
			   ALIST_GET(connection->table->channel_types,
				     info.type));
	      open = o;
	    }

	  if (!open)
	    open = connection->table->open_fallback;
	  
	  if (!open)
	    {
	      C_WRITE(connection,
		      format_open_failure(info.remote_channel_number,
					  SSH_OPEN_UNKNOWN_CHANNEL_TYPE,
					  "Unknown channel type", ""));
	    }
	  else
	    {
	      int local_number = alloc_channel(connection->table);

	      if (local_number < 0)
		C_WRITE(connection,
			format_open_failure(info.remote_channel_number,
					    SSH_OPEN_RESOURCE_SHORTAGE,
					    "Channel limit exceeded.", ""));

	      CHANNEL_OPEN(open, connection,
			   &info,
			   &buffer,
			   make_channel_open_continuation(connection,
							  local_number,
							  info.remote_channel_number,
							  info.send_window_size,
							  info.send_max_packet),
			   make_exc_channel_open_handler(connection,
							 local_number,
							 info.remote_channel_number,
							 connection->e,
							 HANDLER_CONTEXT));

1126
	    }
Niels Möller's avatar
Niels Möller committed
1127
	}
Niels Möller's avatar
Niels Möller committed
1128
    }
Niels Möller's avatar
Niels Möller committed
1129
  else
1130
    PROTOCOL_ERROR(connection->e, "Invalid SSH_MSG_CHANNEL_OPEN message.");
Niels Möller's avatar
Niels Möller committed
1131
1132
}     

1133
1134
DEFINE_PACKET_HANDLER(static, window_adjust_handler,
		      connection, packet)
Niels Möller's avatar
Niels Möller committed
1135
1136
{
  struct simple_buffer buffer;
1137
  unsigned msg_number;
Niels Möller's avatar
Niels Möller committed
1138
1139
1140
1141
1142
1143
1144
  UINT32 channel_number;
  UINT32 size;

  simple_buffer_init(&buffer, packet->length, packet->data);

  if (parse_uint8(&buffer, &msg_number)
      && (msg_number == SSH_MSG_CHANNEL_WINDOW_ADJUST)
1145
      && parse_uint32(&buffer, &channel_number)
Niels Möller's avatar
Niels Möller committed
1146
1147
1148
      && parse_uint32(&buffer, &size)
      && parse_eod(&buffer))
    {
Niels Möller's avatar
Niels Möller committed
1149
      struct ssh_channel *channel = lookup_channel(connection->table,
Niels Möller's avatar
Niels Möller committed
1150
1151
						   channel_number);

Niels Möller's avatar
Niels Möller committed
1152
      if (channel
1153
	  && !(channel->flags & CHANNEL_RECEIVED_CLOSE))
Niels Möller's avatar
Niels Möller committed
1154
	{
1155
	  if (! (channel->flags & (CHANNEL_SENT_CLOSE | CHANNEL_SENT_EOF)))
Niels Möller's avatar
Niels Möller committed
1156
1157
	    {
	      channel->send_window_size += size;
1158
1159
1160
1161
1162
	      if (channel->send_window_size && channel->send_adjust)
		{
		  assert(channel->send_window_size);
		  CHANNEL_SEND_ADJUST(channel, size);
		}
Niels Möller's avatar
Niels Möller committed
1163
	    }
Niels Möller's avatar
Niels Möller committed
1164
	}
Niels Möller's avatar
Niels Möller committed
1165
1166
1167
1168
      else
	{
	  werror("SSH_MSG_CHANNEL_WINDOW_ADJUST on nonexistant or closed "
		 "channel %i\n", channel_number);
1169
	  PROTOCOL_ERROR(connection->e, "Unexpected CHANNEL_WINDOW_ADJUST");
Niels Möller's avatar
Niels Möller committed
1170
1171
1172
	}
    }
  else
1173
    PROTOCOL_ERROR(connection->e, "Invalid CHANNEL_WINDOW_ADJUST message.");
Niels Möller's avatar
Niels Möller committed
1174
1175
}

1176
1177
DEFINE_PACKET_HANDLER(static, channel_data_handler,
		      connection, packet)
Niels Möller's avatar
Niels Möller committed
1178
1179
{
  struct simple_buffer buffer;
1180
  unsigned msg_number;
Niels Möller's avatar
Niels Möller committed
1181
1182
1183
1184
1185
1186
1187
  UINT32 channel_number;
  struct lsh_string *data;
  
  simple_buffer_init(&buffer, packet->length, packet-><