channel.c 38.6 KB
Newer Older
Niels Möller's avatar
Niels Möller committed
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
/* channel.c
 *
 * $Id$
 */

/* lsh, an implementation of the ssh protocol
 *
 * Copyright (C) 1998 Niels Mller
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License as
 * published by the Free Software Foundation; either version 2 of the
 * License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
J.H.M. Dassen's avatar
J.H.M. Dassen committed
22
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
Niels Möller's avatar
Niels Möller committed
23
24
25
26
27
 */

#include "channel.h"

#include "format.h"
28
#include "io.h"
Niels Möller's avatar
Niels Möller committed
29
#include "read_data.h"
Niels Möller's avatar
Niels Möller committed
30
31
32
33
34
#include "ssh.h"
#include "werror.h"
#include "xalloc.h"

#include <assert.h>
35
#include <string.h>
Niels Möller's avatar
Niels Möller committed
36

37
#define GABA_DEFINE
38
#include "channel.h.x"
39
#undef GABA_DEFINE
40

41
42
#include "channel.c.x"

43
/* GABA:
44
45
   (class
     (name connection_service)
46
     (super command)
47
48
49
50
     (vars
       ; Supported global requests 
       (global_requests object alist)

51
       (channel_types object alist) ))
52
53
54
55

       ; Initialize connection (for instance, request channels to be 
       ; opened or services to be forwarded).

56
       ; (start object connection_startup)))
57
58
*/

59
/* GABA:
60
61
   (class
     (name global_request_handler)
62
     (super packet_handler)
63
64
65
66
     (vars
       (global_requests object alist)))
*/

67
/* GABA:
68
69
   (class
     (name channel_open_handler)
70
     (super packet_handler)
71
72
73
74
     (vars
       (channel_types object alist)))
*/

75
/* GABA:
76
77
78
79
80
81
82
83
84
   (class
     (name channel_open_response)
     (super channel_open_callback)
     (vars
       (remote_channel_number simple UINT32)
       (window_size simple UINT32)
       (max_packet simple UINT32)))
*/

Niels Möller's avatar
Niels Möller committed
85
86
87
88
89
struct lsh_string *format_global_failure(void)
{
  return ssh_format("%c", SSH_MSG_REQUEST_FAILURE);
}

90
91
92
93
94
struct lsh_string *format_global_success(void)
{
  return ssh_format("%c", SSH_MSG_REQUEST_SUCCESS);
}

95
96
struct lsh_string *format_open_confirmation(struct ssh_channel *channel,
					    UINT32 channel_number,
97
					    const char *format, ...)
98
99
100
101
102
103
{
  va_list args;
  UINT32 l1, l2;
  struct lsh_string *packet;

#define CONFIRM_FORMAT "%c%i%i%i%i"
104
105
#define CONFIRM_ARGS \
  SSH_MSG_CHANNEL_OPEN_CONFIRMATION, channel->channel_number, \
106
107
108
109
110
111
112
113
114
115
116
117
118
  channel_number, channel->rec_window_size, channel->rec_max_packet
    
  l1 = ssh_format_length(CONFIRM_FORMAT, CONFIRM_ARGS);

  va_start(args, format);
  l2 = ssh_vformat_length(format, args);
  va_end(args);

  packet = lsh_string_alloc(l1 + l2);

  ssh_format_write(CONFIRM_FORMAT, l1, packet->data, CONFIRM_ARGS);

  va_start(args, format);
119
  ssh_vformat_write(format, l2, packet->data+l1, args);
120
121
122
123
124
125
126
  va_end(args);

  return packet;
#undef CONFIRM_FORMAT
#undef CONFIRM_ARGS
}

Niels Möller's avatar
Niels Möller committed
127
struct lsh_string *format_open_failure(UINT32 channel, UINT32 reason,
128
				       const char *msg, const char *language)
Niels Möller's avatar
Niels Möller committed
129
130
131
132
133
{
  return ssh_format("%c%i%i%z%z", SSH_MSG_CHANNEL_OPEN_FAILURE,
		    channel, reason, msg, language);
}

134
135
136
137
138
struct lsh_string *format_channel_success(UINT32 channel)
{
  return ssh_format("%c%i", SSH_MSG_CHANNEL_SUCCESS, channel);
}

Niels Möller's avatar
Niels Möller committed
139
140
141
142
143
struct lsh_string *format_channel_failure(UINT32 channel)
{
  return ssh_format("%c%i", SSH_MSG_CHANNEL_FAILURE, channel);
}

144
145
146
147
148
149
150
151
152
153
struct lsh_string *prepare_window_adjust(struct ssh_channel *channel,
					 UINT32 add)
{
  channel->rec_window_size += add;
  
  return ssh_format("%c%i%i",
		    SSH_MSG_CHANNEL_WINDOW_ADJUST,
		    channel->channel_number, add);
}

154
/* Channel objects */
Niels Möller's avatar
Niels Möller committed
155
156
157
158
159

#define INITIAL_CHANNELS 32
/* Arbitrary limit */
#define MAX_CHANNELS (1L<<17)

Niels Möller's avatar
Niels Möller committed
160
struct channel_table *make_channel_table(void)
Niels Möller's avatar
Niels Möller committed
161
{
162
  NEW(channel_table, table);
Niels Möller's avatar
Niels Möller committed
163

164
  table->channels = lsh_space_alloc(sizeof(struct ssh_channel *)
165
				      * INITIAL_CHANNELS);
166
167
168
169
  table->allocated_channels = INITIAL_CHANNELS;
  table->next_channel = 0;
  table->used_channels = 0;
  table->max_channels = MAX_CHANNELS;
Niels Möller's avatar
Niels Möller committed
170

Niels Möller's avatar
Niels Möller committed
171
  table->pending_close = 0;
172
173
174

  object_queue_init(&table->active_global_requests);
  object_queue_init(&table->pending_global_requests);
Niels Möller's avatar
Niels Möller committed
175
  
176
  return table;
Niels Möller's avatar
Niels Möller committed
177
178
179
};

/* Returns -1 if allocation fails */
180
181
182
/* NOTE: This function returns locally chosen channel numbers, which
 * are always small integers. So there's no problem fitting them in
 * a signed int. */
183
int alloc_channel(struct channel_table *table)
Niels Möller's avatar
Niels Möller committed
184
{
185
  UINT32 i;
186
  
187
  for(i = table->next_channel; i < table->used_channels; i++)
Niels Möller's avatar
Niels Möller committed
188
    {
189
      if (!table->channels[i])
Niels Möller's avatar
Niels Möller committed
190
	{
191
	  table->next_channel = i+1;
Niels Möller's avatar
Niels Möller committed
192
193
194
	  return i;
	}
    }
195
  if (i == table->max_channels)
Niels Möller's avatar
Niels Möller committed
196
    return -1;
197

198
  if (i == table->allocated_channels) 
Niels Möller's avatar
Niels Möller committed
199
    {
200
      int new_size = table->allocated_channels * 2;
Niels Möller's avatar
Niels Möller committed
201
      struct ssh_channel **new
202
	= lsh_space_alloc(sizeof(struct ssh_channel *) * new_size);
Niels Möller's avatar
Niels Möller committed
203

204
205
      memcpy(new, table->channels,
	     sizeof(struct ssh_channel *) * table->used_channels);
Niels Möller's avatar
Niels Möller committed
206
      
207
208
      table->channels = new;
      table->allocated_channels = new_size;
Niels Möller's avatar
Niels Möller committed
209
210
    }

211
  table->next_channel = table->used_channels = i+1;
Niels Möller's avatar
Niels Möller committed
212
213
214
215

  return i;
}

216
void dealloc_channel(struct channel_table *table, int i)
Niels Möller's avatar
Niels Möller committed
217
218
{
  assert(i >= 0);
219
  assert( (unsigned) i < table->used_channels);
Niels Möller's avatar
Niels Möller committed
220
  
221
222
  table->channels[i] = NULL;

223
  if ( (unsigned) i < table->next_channel)
224
225
226
    table->next_channel = i;
}

227
228
/* Returns -1 if no channel number can be allocated. See also the note
 * for alloc_channel(). */
229
230
231
232
233
234
int register_channel(struct channel_table *table, struct ssh_channel *channel)
{
  int n = alloc_channel(table);

  if (n >= 0)
    table->channels[n] = channel;
Niels Möller's avatar
Niels Möller committed
235

236
  return n;
Niels Möller's avatar
Niels Möller committed
237
238
}

239
struct ssh_channel *lookup_channel(struct channel_table *table, UINT32 i)
Niels Möller's avatar
Niels Möller committed
240
{
241
242
  return (i < table->used_channels)
    ? table->channels[i] : NULL;
Niels Möller's avatar
Niels Möller committed
243
244
}

245
246
247
248
249
250
251
252
253
254
/* FIXME: It seems suboptimal to send a window adjust message for *every* write that we do.
 * A better scheme might be as follows:
 *
 * Delay window adjust messages, keeping track of both the locally
 * maintained window size, which is updated after each write, and the
 * size that has been reported to the remote end. When the difference
 * between these two values gets large enough (say, larger than one
 * half or one third of the maximum window size), we send a
 * window_adjust message to sync them. */
static void adjust_rec_window(struct flow_controlled *f, UINT32 written)
255
{
256
257
258
259
260
261
262
263
  CAST_SUBTYPE(ssh_channel, channel, f);

  int res = A_WRITE(channel->write,
		    prepare_window_adjust
		    (channel, written));
  if (res)
    werror("adjust_rec_window: Writing window adjust message failed, ignoring\n"
	   "  (res = %i)\n", res);
264
265
}

266
267
/* Process channel-related status codes. Used by the packet handlers,
 * before returning. */
Niels Möller's avatar
Niels Möller committed
268
269
270
271
static int channel_process_status(struct channel_table *table,
				  int channel,
				  int status)
{
272
273
274
275
  struct ssh_channel *c = table->channels[channel];
  
  while (!LSH_CLOSEDP(status))
    {
276
277
278
279
280
281
282
      if (status & LSH_CHANNEL_CLOSE)
	{ /* Close the channel now */ 
	  if (!c->flags & CHANNEL_SENT_CLOSE)
	    status |= channel_close(c);
	  break;
	}
      
283
284
285
286
287
288
289
290
291
      if (status & LSH_CHANNEL_READY_SEND)
	{
	  status &= ~ LSH_CHANNEL_READY_SEND;
	  if (c->send_window_size)
	    status |= CHANNEL_SEND(c);
	}
      else if (status & LSH_CHANNEL_READY_REC)
	{
	  status &= ~ LSH_CHANNEL_READY_REC;
292
293
294
	  status |= A_WRITE(c->write,
			    prepare_window_adjust
			    (c, c->max_window - c->rec_window_size));
295
296
297
298
299
	}
      else
	break;
    }
	
Niels Möller's avatar
Niels Möller committed
300
301
302
303
  if (status & LSH_CHANNEL_FINISHED)
    {
      /* Clear this bit */
      status &= ~LSH_CHANNEL_FINISHED;
304

305
      if (c->close)
306
	status |= CHANNEL_CLOSE(c);
Niels Möller's avatar
Niels Möller committed
307
308
309
310
      
      dealloc_channel(table, channel);
    }

311
312
313
314
315
316
317
  if (status & LSH_CHANNEL_PENDING_CLOSE)
    table->pending_close = 1;
  
  /* If this was the last channel, close connection */
  if (table->pending_close && !table->next_channel)
    status |= LSH_CLOSE;

Niels Möller's avatar
Niels Möller committed
318
319
  return status;
}
Niels Möller's avatar
Niels Möller committed
320

321
322
323
324
325
326
327
/* Ugly macros to make it a little simpler to free the input packet at
 * the right time. */

#define START int foo_res
#define RETURN(x) do { foo_res = (x); goto foo_finish; } while(0)
#define END(s) foo_finish: do { lsh_string_free((s)); return foo_res; } while(0)

Niels Möller's avatar
Niels Möller committed
328
/* Channel related messages */
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360

/* GABA:
   (class
     (name global_request_status)
     (vars
       ; -1 for still active requests,
       ; 0 for failure,
       ; 1 for success
       (status . int)))
*/

static struct global_request_status *make_global_request_status(void)
{
  NEW(global_request_status, self);
  self->status = -1;

  return self;
}

/* GABA:
   (class
     (name global_request_response)
     (super global_request_callback)
     (vars
       (active object global_request_status)))
*/

static int
do_global_request_response(struct global_request_callback *c,
			   int success)
{
  CAST(global_request_response, self, c);
361
  struct object_queue *q = &self->super.connection->channels->active_global_requests;
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402

  int res = 0;
  
  assert( self->active->status == -1);
  assert( (success == 0) || (success == 1) );
  assert( !object_queue_is_empty(q));
	  
  self->active->status = success;

  for (;;)
    {
      CAST(global_request_status, n, object_queue_peek_head(q));
      if (!n || (n->status < 0))
	return res;

      object_queue_remove_head(q);
      
      res |= A_WRITE(self->super.connection->write,
		     (n->status
		      ? format_global_success()
		      : format_global_failure()));
      
      if (LSH_CLOSEDP(res))
	return res;
    }
}

static struct global_request_callback *
make_global_request_response(struct ssh_connection *connection,
			     struct global_request_status *active)
{
  NEW(global_request_response, self);

  self->super.connection = connection;
  self->super.response = do_global_request_response;

  self->active = active;

  return &self->super;
}
     
Niels Möller's avatar
Niels Möller committed
403
404
405
406
static int do_global_request(struct packet_handler *c,
			     struct ssh_connection *connection,
			     struct lsh_string *packet)
{
407
  CAST(global_request_handler, closure, c);
Niels Möller's avatar
Niels Möller committed
408
409

  struct simple_buffer buffer;
410
  unsigned msg_number;
Niels Möller's avatar
Niels Möller committed
411
412
  int name;
  int want_reply;
413
  START;
Niels Möller's avatar
Niels Möller committed
414
415
416
417
418
419
420
421
422
  
  simple_buffer_init(&buffer, packet->length, packet->data);

  if (parse_uint8(&buffer, &msg_number)
      && (msg_number == SSH_MSG_GLOBAL_REQUEST)
      && parse_atom(&buffer, &name)
      && parse_boolean(&buffer, &want_reply))
    {
      struct global_request *req;
423
424
      struct global_request_callback *c = NULL;
      
Niels Möller's avatar
Niels Möller committed
425
      if (!name || !(req = ALIST_GET(closure->global_requests, name)))
426
427
	RETURN (A_WRITE(connection->write,
		       format_global_failure()));
Niels Möller's avatar
Niels Möller committed
428

429
430
431
432
      if (want_reply)
	{
	  struct global_request_status *a = make_global_request_status();

433
	  object_queue_add_tail(&connection->channels->active_global_requests,
434
435
436
437
438
				&a->super);
	  
	  c = make_global_request_response(connection, a);
	}
      RETURN (GLOBAL_REQUEST(req, connection, &buffer, c));
Niels Möller's avatar
Niels Möller committed
439
    }
440
  RETURN (LSH_FAIL | LSH_DIE);
Niels Möller's avatar
Niels Möller committed
441

442
  END (packet);
Niels Möller's avatar
Niels Möller committed
443
444
}

445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
/* Callback given to the CHANNEL_OPEN method */
static int do_channel_open_response(struct channel_open_callback *c,
                                    struct ssh_channel *channel,
                                    UINT32 error, char *error_msg,
                                    struct lsh_string *args)
{
  CAST(channel_open_response, closure, c);
  
  int local_channel_number;

  if (!channel)
    {
      if (error)
        return A_WRITE(closure->super.connection->write,
                       format_open_failure(closure->remote_channel_number,
                                           error, error_msg, ""));
        /* The request was invalid */
        return LSH_FAIL | LSH_DIE;
    }

  if ( (local_channel_number
            = register_channel(closure->super.connection->channels,
			       channel)) < 0)
    {
      werror("Could not allocate a channel number for opened channel!\n");
      return A_WRITE(closure->super.connection->write,
                     format_open_failure(closure->remote_channel_number,
                                         SSH_OPEN_RESOURCE_SHORTAGE,
                                         "Could not allocate a channel number "
                                         "(shouldn't happen...)", ""));
    }

477
  /* FIXME: This copying could just as well be done by the
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
   * CHANNEL_OPEN handler? Then we can remove the corresponding fields
   * from the closure as well. */
  channel->send_window_size = closure->window_size;
  channel->send_max_packet = closure->max_packet;
  channel->channel_number = closure->remote_channel_number;

  /* FIXME: Is the channel->write field really needed? */
  channel->write = closure->super.connection->write;

  return A_WRITE(closure->super.connection->write,
                 args
                 ? format_open_confirmation(channel, local_channel_number,
                                            "%lfS", args)
                 : format_open_confirmation(channel, local_channel_number,
                                            ""));
}

static struct channel_open_response *
make_channel_open_response(struct ssh_connection* connection,
			   UINT32 remote_channel_number,
			   UINT32 window_size,
			   UINT32 max_packet)
{
  NEW(channel_open_response, closure);

  closure->super.response = do_channel_open_response;
  closure->super.connection = connection;
  closure->remote_channel_number = remote_channel_number;
  closure->window_size = window_size;
  closure->max_packet = max_packet;

  return closure;
}
511

512

513
514
515
516
517
518
519
520
521
522
523
#if 0
/* ;;GABA:
   (class
     (name channel_open_continuation)
     (super command_continuation)
     (vars
       (connection object ssh_connection)
       (remote_channel_number simple UINT32)
       (window_size simple UINT32)
       (max_packet simple UINT32)))
*/
524

525
526
527
528
529
530
531
532
static int do_channel_open_continue(struct command_continuation *c,
				    struct lsh_object *result)
{
  CAST(channel_open_continuation, self, c);
  CAST_SUBTYPE(channel);
}
#endif
				    
Niels Möller's avatar
Niels Möller committed
533
534
535
536
static int do_channel_open(struct packet_handler *c,
			   struct ssh_connection *connection,
			   struct lsh_string *packet)
{
537
  CAST(channel_open_handler, closure, c);
Niels Möller's avatar
Niels Möller committed
538
539

  struct simple_buffer buffer;
540
  unsigned msg_number;
Niels Möller's avatar
Niels Möller committed
541
  int type;
542
543
544
  UINT32 remote_channel_number;
  UINT32 window_size;
  UINT32 max_packet;
545
  START;
Niels Möller's avatar
Niels Möller committed
546
547
548
549
550
551
  
  simple_buffer_init(&buffer, packet->length, packet->data);

  if (parse_uint8(&buffer, &msg_number)
      && (msg_number == SSH_MSG_CHANNEL_OPEN)
      && parse_atom(&buffer, &type)
552
553
554
      && parse_uint32(&buffer, &remote_channel_number)
      && parse_uint32(&buffer, &window_size)
      && parse_uint32(&buffer, &max_packet))
Niels Möller's avatar
Niels Möller committed
555
556
    {
      struct channel_open *open;
557
558
      struct channel_open_response *response;
      int res;
559
      
560
      if (connection->channels->pending_close)
Niels Möller's avatar
Niels Möller committed
561
	/* We are waiting for channels to close. Don't open any new ones. */
562
563
564
565
566
	RETURN
	  (A_WRITE(connection->write,
		   format_open_failure(remote_channel_number,
				       SSH_OPEN_ADMINISTRATIVELY_PROHIBITED,
				       "Waiting for channels to close.", "")));
Niels Möller's avatar
Niels Möller committed
567
568
      
      if (!type || !(open = ALIST_GET(closure->channel_types, type)))
569
570
571
572
	RETURN (A_WRITE(connection->write,
			format_open_failure(remote_channel_number,
					    SSH_OPEN_UNKNOWN_CHANNEL_TYPE,
					    "Unknown channel type", "")));
573

574
575
576
577
578
579
580
581
      response = make_channel_open_response(connection,
					    remote_channel_number,
					    window_size, max_packet);
      /* NOTE: If the channel could be opened immediately, this method
       * will call response right away. */
      res = CHANNEL_OPEN(open, connection, &buffer, &response->super);

      RETURN (res);
Niels Möller's avatar
Niels Möller committed
582
    }
583
  RETURN (LSH_FAIL | LSH_DIE);
Niels Möller's avatar
Niels Möller committed
584

585
  END(packet);
Niels Möller's avatar
Niels Möller committed
586
587
}     

588
static int do_channel_request(struct packet_handler *closure UNUSED,
Niels Möller's avatar
Niels Möller committed
589
590
591
592
			      struct ssh_connection *connection,
			      struct lsh_string *packet)
{
  struct simple_buffer buffer;
593
  unsigned msg_number;
Niels Möller's avatar
Niels Möller committed
594
595
596
  UINT32 channel_number;
  int type;
  int want_reply;
597
598
  START;
  
Niels Möller's avatar
Niels Möller committed
599
600
601
602
603
604
605
606
  simple_buffer_init(&buffer, packet->length, packet->data);

  if (parse_uint8(&buffer, &msg_number)
      && (msg_number == SSH_MSG_CHANNEL_REQUEST)
      && parse_uint32(&buffer, &channel_number)
      && parse_atom(&buffer, &type)
      && parse_boolean(&buffer, &want_reply))
    {
607
      struct ssh_channel *channel = lookup_channel(connection->channels,
Niels Möller's avatar
Niels Möller committed
608
609
						   channel_number);

610
611
612
613
      /* NOTE: We can't free packet yet, because it is not yet fully
       * parsed. There may be some more arguments, which are parsed by
       * the CHANNEL_REQUEST method below. */

Niels Möller's avatar
Niels Möller committed
614
615
616
617
      if (channel)
	{
	  struct channel_request *req;

618
619
	  if (type && channel->request_types 
	      && ( (req = ALIST_GET(channel->request_types, type)) ))
620
621
622
623
	    RETURN
	      (channel_process_status
	       (connection->channels, channel_number,
		CHANNEL_REQUEST(req, channel, connection, want_reply, &buffer)));
624
	  else
625
626
627
628
	    RETURN (want_reply
		    ? A_WRITE(connection->write,
			      format_channel_failure(channel->channel_number))
		    : LSH_OK | LSH_GOON);
629
	  
Niels Möller's avatar
Niels Möller committed
630
	}
631
      werror("SSH_MSG_CHANNEL_REQUEST on nonexistant channel %i\n",
Niels Möller's avatar
Niels Möller committed
632
633
	     channel_number);

634
635
636
637
    }
  RETURN (LSH_FAIL | LSH_DIE);
  
  END(packet);
Niels Möller's avatar
Niels Möller committed
638
639
}
      
640
641
static int do_window_adjust(struct packet_handler *closure UNUSED,
			    struct ssh_connection *connection,
642
			    struct lsh_string *packet)
Niels Möller's avatar
Niels Möller committed
643
644
{
  struct simple_buffer buffer;
645
  unsigned msg_number;
Niels Möller's avatar
Niels Möller committed
646
647
648
649
650
651
652
  UINT32 channel_number;
  UINT32 size;

  simple_buffer_init(&buffer, packet->length, packet->data);

  if (parse_uint8(&buffer, &msg_number)
      && (msg_number == SSH_MSG_CHANNEL_WINDOW_ADJUST)
653
      && parse_uint32(&buffer, &channel_number)
Niels Möller's avatar
Niels Möller committed
654
655
656
      && parse_uint32(&buffer, &size)
      && parse_eod(&buffer))
    {
657
      struct ssh_channel *channel = lookup_channel(connection->channels,
Niels Möller's avatar
Niels Möller committed
658
659
660
661
						   channel_number);

      lsh_string_free(packet);
      
Niels Möller's avatar
Niels Möller committed
662
      if (channel
663
664
	  && !(channel->flags & (CHANNEL_RECEIVED_EOF
				 | CHANNEL_RECEIVED_CLOSE)))
Niels Möller's avatar
Niels Möller committed
665
	{
Niels Möller's avatar
Niels Möller committed
666
667
668
669
	  if (! (channel->flags & CHANNEL_SENT_CLOSE))
	    {
	      channel->send_window_size += size;
	      if (channel->send_window_size && channel->send)
670
		return channel_process_status(connection->channels,
Niels Möller's avatar
Niels Möller committed
671
672
					      channel_number,
					      CHANNEL_SEND(channel));
Niels Möller's avatar
Niels Möller committed
673
	    }
Niels Möller's avatar
Niels Möller committed
674
675
676
677
	  return LSH_OK | LSH_GOON;
	}
      /* FIXME: What to do now? Should unknown channel numbers be
       * ignored silently? */
678
679
      werror("SSH_MSG_CHANNEL_WINDOW_ADJUST on nonexistant or closed "
	     "channel %i\n", channel_number);
Niels Möller's avatar
Niels Möller committed
680
681
682
683
684
685
686
      return LSH_FAIL | LSH_DIE;
    }
  lsh_string_free(packet);

  return LSH_FAIL | LSH_DIE;
}

687
688
static int do_channel_data(struct packet_handler *closure UNUSED,
			   struct ssh_connection *connection,
Niels Möller's avatar
Niels Möller committed
689
690
691
			   struct lsh_string *packet)
{
  struct simple_buffer buffer;
692
  unsigned msg_number;
Niels Möller's avatar
Niels Möller committed
693
694
695
696
697
698
699
  UINT32 channel_number;
  struct lsh_string *data;
  
  simple_buffer_init(&buffer, packet->length, packet->data);

  if (parse_uint8(&buffer, &msg_number)
      && (msg_number == SSH_MSG_CHANNEL_DATA)
700
      && parse_uint32(&buffer, &channel_number)
Niels Möller's avatar
Niels Möller committed
701
702
703
      && ( (data = parse_string_copy(&buffer)) )
      && parse_eod(&buffer))
    {
704
      struct ssh_channel *channel = lookup_channel(connection->channels,
Niels Möller's avatar
Niels Möller committed
705
706
707
708
						   channel_number);

      lsh_string_free(packet);
      
709
      if (channel && channel->receive
710
711
	  && !(channel->flags & (CHANNEL_RECEIVED_EOF
				 | CHANNEL_RECEIVED_CLOSE)))
Niels Möller's avatar
Niels Möller committed
712
	{
Niels Möller's avatar
Niels Möller committed
713
	  if (channel->flags & CHANNEL_SENT_CLOSE)
Niels Möller's avatar
Niels Möller committed
714
	    {
715
	      werror("Ignoring data on channel which is closing\n");
Niels Möller's avatar
Niels Möller committed
716
	      return LSH_OK | LSH_GOON;
Niels Möller's avatar
Niels Möller committed
717
	    }
Niels Möller's avatar
Niels Möller committed
718
719
	  else
	    {
720
721
	      int res = 0;
	      
Niels Möller's avatar
Niels Möller committed
722
723
724
	      if (data->length > channel->rec_window_size)
		{
		  /* Truncate data to fit window */
725
		  werror("Channel data overflow. Extra data ignored.\n"); 
Niels Möller's avatar
Niels Möller committed
726
727
		  data->length = channel->rec_window_size;
		}
728
729
730
731

	      if (!data->length)
		/* Ignore data packet */
		return 0;
732
733
	      channel->rec_window_size -= data->length;

734
#if 0
735
	      /* FIXME: Unconditionally adjusting the receive window
736
	       * breaks flow control. We better let the channel's
737
	       * receive method decide whether or not to receive more
738
739
	       * data. */
	      res = adjust_rec_window(channel);
740

741
742
	      if (LSH_CLOSEDP(res))
		return res;
743
744
#endif
	      
Niels Möller's avatar
Niels Möller committed
745
	      return channel_process_status(
746
		connection->channels, channel_number,
747
		res | CHANNEL_RECEIVE(channel, 
Niels Möller's avatar
Niels Möller committed
748
				      CHANNEL_DATA, data));
Niels Möller's avatar
Niels Möller committed
749
750
	    }
	  return LSH_OK | LSH_GOON;
Niels Möller's avatar
Niels Möller committed
751
752
	}
	  
753
      werror("Data on closed or non-existant channel %i\n",
Niels Möller's avatar
Niels Möller committed
754
755
756
757
758
759
760
761
762
	     channel_number);
      lsh_string_free(data);
      return LSH_FAIL | LSH_DIE;
    }
  lsh_string_free(packet);
  
  return LSH_FAIL | LSH_DIE;
}

763
764
static int do_channel_extended_data(struct packet_handler *closure UNUSED,
				    struct ssh_connection *connection,
Niels Möller's avatar
Niels Möller committed
765
766
767
				    struct lsh_string *packet)
{
  struct simple_buffer buffer;
768
  unsigned msg_number;
Niels Möller's avatar
Niels Möller committed
769
770
771
772
773
774
775
776
  UINT32 channel_number;
  UINT32 type;
  struct lsh_string *data;
  
  simple_buffer_init(&buffer, packet->length, packet->data);

  if (parse_uint8(&buffer, &msg_number)
      && (msg_number == SSH_MSG_CHANNEL_EXTENDED_DATA)
777
      && parse_uint32(&buffer, &channel_number)
Niels Möller's avatar
Niels Möller committed
778
779
780
781
      && parse_uint32(&buffer, &type)
      && ( (data = parse_string_copy(&buffer)) )
      && parse_eod(&buffer))
    {
782
      struct ssh_channel *channel = lookup_channel(connection->channels,
Niels Möller's avatar
Niels Möller committed
783
784
785
786
						   channel_number);

      lsh_string_free(packet);
      
787
      if (channel && channel->receive
788
789
	  && !(channel->flags & (CHANNEL_RECEIVED_EOF
				 | CHANNEL_RECEIVED_CLOSE)))
Niels Möller's avatar
Niels Möller committed
790
	{
Niels Möller's avatar
Niels Möller committed
791
	  if (channel->flags & CHANNEL_SENT_CLOSE)
Niels Möller's avatar
Niels Möller committed
792
	    {
793
	      werror("Ignoring extended data on channel which is closing\n");
Niels Möller's avatar
Niels Möller committed
794
	      return LSH_OK | LSH_GOON;
Niels Möller's avatar
Niels Möller committed
795
	    }
Niels Möller's avatar
Niels Möller committed
796
	  else
Niels Möller's avatar
Niels Möller committed
797
	    {
798
799
	      int res = 0;
	      
Niels Möller's avatar
Niels Möller committed
800
801
802
	      if (data->length > channel->rec_window_size)
		{
		  /* Truncate data to fit window */
803
		  werror("Channel extended data overflow. "
Niels Möller's avatar
Niels Möller committed
804
805
806
807
808
			 "Extra data ignored.\n");
		  data->length = channel->rec_window_size;
		}
	      
	      channel->rec_window_size -= data->length;
809

810
#if 0
811
812
813
814
815
816
	      /* FIXME: Like for do_channel_data(), unconditionally
	       * adjusting the window breaks flow control. */
	      res = adjust_rec_window(channel);

	      if (LSH_CLOSEDP(res))
		return res;
817
#endif
818

Niels Möller's avatar
Niels Möller committed
819
820
821
	      switch(type)
		{
		case SSH_EXTENDED_DATA_STDERR:
Niels Möller's avatar
Niels Möller committed
822
		  return channel_process_status(
823
		    connection->channels, channel_number,
824
		    res | CHANNEL_RECEIVE(channel, 
Niels Möller's avatar
Niels Möller committed
825
					  CHANNEL_STDERR_DATA, data));
Niels Möller's avatar
Niels Möller committed
826
		default:
827
		  werror("Unknown type %i of extended data.\n",
Niels Möller's avatar
Niels Möller committed
828
829
830
831
			 type);
		  lsh_string_free(data);
		  return LSH_FAIL | LSH_DIE;
		}
Niels Möller's avatar
Niels Möller committed
832
833
	    }
	}
834
      werror("Extended data on closed or non-existant channel %i\n",
Niels Möller's avatar
Niels Möller committed
835
836
837
838
839
840
841
842
843
	     channel_number);
      lsh_string_free(data);
      return LSH_FAIL | LSH_DIE;
    }
  lsh_string_free(packet);
  
  return LSH_FAIL | LSH_DIE;
}

844
845
static int do_channel_eof(struct packet_handler *closure UNUSED,
			  struct ssh_connection *connection,
846
			  struct lsh_string *packet)
Niels Möller's avatar
Niels Möller committed
847
848
{
  struct simple_buffer buffer;
849
  unsigned msg_number;
Niels Möller's avatar
Niels Möller committed
850
851
852
853
854
855
  UINT32 channel_number;
  
  simple_buffer_init(&buffer, packet->length, packet->data);

  if (parse_uint8(&buffer, &msg_number)
      && (msg_number == SSH_MSG_CHANNEL_EOF)
856
      && parse_uint32(&buffer, &channel_number)
Niels Möller's avatar
Niels Möller committed
857
858
      && parse_eod(&buffer))
    {
859
      struct ssh_channel *channel = lookup_channel(connection->channels,
Niels Möller's avatar
Niels Möller committed
860
861
862
863
						   channel_number);

      lsh_string_free(packet);

Niels Möller's avatar
Niels Möller committed
864
865
      if (channel)
	{
866
867
	  int res = 0;
	  
868
	  if (channel->flags & (CHANNEL_RECEIVED_EOF | CHANNEL_RECEIVED_CLOSE))
Niels Möller's avatar
Niels Möller committed
869
	    {
870
	      werror("Receiving EOF on channel on closed channel.\n");
Niels Möller's avatar
Niels Möller committed
871
872
873
	      return LSH_FAIL | LSH_DIE;
	    }

874
	  channel->flags |= CHANNEL_RECEIVED_EOF;
Niels Möller's avatar
Niels Möller committed
875

876
877
	  if (channel->eof)
	    res = CHANNEL_EOF(channel);
878
879
880
	  else
	    /* FIXME: What is a reasonable default behaviour?
	     * Closing the channel may be the right thing to do. */
881
882
883
	    if (! (channel->flags & CHANNEL_SENT_CLOSE))
	      res |= channel_close(channel);
#if 0
884
885
886
	  if (!LSH_CLOSEDP(res)
	      && ! (channel->flags & CHANNEL_SENT_CLOSE)
	      && (channel->flags & CHANNEL_SENT_EOF))
Niels Möller's avatar
Niels Möller committed
887
888
889
	    {
	      /* Both parties have sent EOF. Initiate close, if we
	       * havn't done that already. */
890
891
	      
	      res |= channel_close(channel);
Niels Möller's avatar
Niels Möller committed
892
	    }
893
#endif      
894
	  return channel_process_status(connection->channels, channel_number,
895
896
					res);

Niels Möller's avatar
Niels Möller committed
897
	}
898
      werror("EOF on non-existant channel %i\n",
Niels Möller's avatar
Niels Möller committed
899
900
	     channel_number);
      return LSH_FAIL | LSH_DIE;
Niels Möller's avatar
Niels Möller committed
901
    }
Niels Möller's avatar
Niels Möller committed
902
      
Niels Möller's avatar
Niels Möller committed
903
904
905
906
  lsh_string_free(packet);
  return LSH_FAIL | LSH_DIE;
}

907
908
static int do_channel_close(struct packet_handler *closure UNUSED,
			    struct ssh_connection *connection,
Niels Möller's avatar
Niels Möller committed
909
910
911
			    struct lsh_string *packet)
{
  struct simple_buffer buffer;
912
  unsigned msg_number;
Niels Möller's avatar
Niels Möller committed
913
914
915
916
917
918
  UINT32 channel_number;
  
  simple_buffer_init(&buffer, packet->length, packet->data);

  if (parse_uint8(&buffer, &msg_number)
      && (msg_number == SSH_MSG_CHANNEL_CLOSE)
919
      && parse_uint32(&buffer, &channel_number)
Niels Möller's avatar
Niels Möller committed
920
921
      && parse_eod(&buffer))
    {
922
      struct ssh_channel *channel = lookup_channel(connection->channels,
Niels Möller's avatar
Niels Möller committed
923
924
925
926
						   channel_number);

      lsh_string_free(packet);
      
Niels Möller's avatar
Niels Möller committed
927
928
      if (channel)
	{
929
930
	  int res = 0;
	  
931
	  if (channel->flags & CHANNEL_RECEIVED_CLOSE)
Niels Möller's avatar
Niels Möller committed
932
	    {
933
	      werror("Receiving multiple CLOSE on channel.\n");
Niels Möller's avatar
Niels Möller committed
934
935
936
	      return LSH_FAIL | LSH_DIE;
	    }

937
	  channel->flags |= CHANNEL_RECEIVED_CLOSE;
Niels Möller's avatar
Niels Möller committed
938
	  
939
	  if (! (channel->flags & (CHANNEL_RECEIVED_EOF | CHANNEL_SENT_EOF)))
Niels Möller's avatar
Niels Möller committed
940
	    {
941
	      werror("Unexpected channel CLOSE.\n");
Niels Möller's avatar
Niels Möller committed
942
	    }
943

944
	  if (! (channel->flags & (CHANNEL_RECEIVED_EOF))
945
	      && channel->eof)
946
	    res = CHANNEL_EOF(channel);
Niels Möller's avatar
Niels Möller committed
947
	  
Niels Möller's avatar
Niels Möller committed
948
	  return channel_process_status(
949
	    connection->channels, channel_number,
950
951
952
953
	    ( ( (channel->flags & (CHANNEL_SENT_CLOSE))
		? LSH_OK | LSH_CHANNEL_FINISHED
		: channel_close(channel))
	      | res));
Niels Möller's avatar
Niels Möller committed
954
	}
955
      werror("CLOSE on non-existant channel %i\n",
Niels Möller's avatar
Niels Möller committed
956
957
	     channel_number);
      return LSH_FAIL | LSH_DIE;
Niels Möller's avatar
Niels Möller committed
958
959
960
961
962
963
      
    }
  lsh_string_free(packet);
  return LSH_FAIL | LSH_DIE;
}

964
static int do_channel_open_confirm(struct packet_handler *closure UNUSED,
Niels Möller's avatar
Niels Möller committed
965
966
				   struct ssh_connection *connection,
				   struct lsh_string *packet)
Niels Möller's avatar
Niels Möller committed
967
968
{
  struct simple_buffer buffer;
969
  unsigned msg_number;
Niels Möller's avatar
Niels Möller committed
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
  UINT32 local_channel_number;
  UINT32 remote_channel_number;  
  UINT32 window_size;
  UINT32 max_packet;
  
  simple_buffer_init(&buffer, packet->length, packet->data);

  if (parse_uint8(&buffer, &msg_number)
      && (msg_number == SSH_MSG_CHANNEL_OPEN_CONFIRMATION)
      && parse_uint32(&buffer, &local_channel_number)
      && parse_uint32(&buffer, &remote_channel_number)
      && parse_uint32(&buffer, &window_size)
      && parse_uint32(&buffer, &max_packet)
      && parse_eod(&buffer))
    {
985
      struct ssh_channel *channel = lookup_channel(connection->channels,
Niels Möller's avatar
Niels Möller committed
986
987
988
989
						   local_channel_number);

      lsh_string_free(packet);

990
      if (channel && channel->open_continuation)
Niels Möller's avatar
Niels Möller committed
991
992
993
994
995
	{
	  channel->channel_number = remote_channel_number;
	  channel->send_window_size = window_size;
	  channel->send_max_packet = max_packet;

996
997
998
999
	  return channel_process_status
	    (connection->channels,
	     local_channel_number,
	     COMMAND_RETURN(channel->open_continuation, channel));
Niels Möller's avatar
Niels Möller committed
1000
	}
1001
      werror("Unexpected SSH_MSG_CHANNEL_OPEN_CONFIRMATION on channel %i\n",
Niels Möller's avatar
Niels Möller committed
1002
1003
1004
1005
1006
1007
1008
	     local_channel_number);
      return LSH_FAIL | LSH_DIE;
    }
  lsh_string_free(packet);
  return LSH_FAIL | LSH_DIE;
}

1009
1010
static int do_channel_open_failure(struct packet_handler *closure UNUSED,
			      struct ssh_connection *connection,
Niels Möller's avatar
Niels Möller committed
1011
1012
1013
			      struct lsh_string *packet)
{
  struct simple_buffer buffer;
1014
  unsigned msg_number;
Niels Möller's avatar
Niels Möller committed
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
  UINT32 channel_number;
  UINT32 reason;

  UINT8 *msg;
  UINT32 length;

  UINT8 *language;
  UINT32 language_length;
  
  simple_buffer_init(&buffer, packet->length, packet->data);

  if (parse_uint8(&buffer, &msg_number)
      && (msg_number == SSH_MSG_CHANNEL_OPEN_FAILURE)
      && parse_uint32(&buffer, &channel_number)
      && parse_uint32(&buffer, &reason)
      && parse_string(&buffer, &length, &msg)
      && parse_string(&buffer, &language_length, &language)
      && parse_eod(&buffer))
    {
1034
      struct ssh_channel *channel = lookup_channel(connection->channels,
Niels Möller's avatar
Niels Möller committed
1035
1036
1037
1038
						   channel_number);

      /* lsh_string_free(packet); */

1039
      if (channel && channel->open_continuation)
Niels Möller's avatar
Niels Möller committed
1040
	{
1041
	  int res = COMMAND_RETURN(channel->open_continuation, NULL);
Niels Möller's avatar
Niels Möller committed
1042
1043

	  lsh_string_free(packet);
Niels Möller's avatar
Niels Möller committed
1044

1045
	  return channel_process_status(connection->channels, channel_number,
Niels Möller's avatar
Niels Möller committed
1046
					res | LSH_CHANNEL_FINISHED);
Niels Möller's avatar
Niels Möller committed
1047
	}
1048
      werror("Unexpected SSH_MSG_CHANNEL_OPEN_FAILURE on channel %i\n",
Niels Möller's avatar
Niels Möller committed
1049
1050
1051
1052
1053
1054
1055
1056
1057
	     channel_number);
      lsh_string_free(packet);
      
      return LSH_FAIL | LSH_DIE;
    }
  lsh_string_free(packet);
  return LSH_FAIL | LSH_DIE;
}

1058
1059
static int do_channel_success(struct packet_handler *closure UNUSED,
			      struct ssh_connection *connection,
1060
1061
1062
			      struct lsh_string *packet)
{
  struct simple_buffer buffer;
1063
  unsigned msg_number;
1064
  UINT32 channel_number;
1065
1066
  struct ssh_channel *channel;
      
1067
1068
1069
1070
  simple_buffer_init(&buffer, packet->length, packet->data);

  if (parse_uint8(&buffer, &msg_number)
      && (msg_number == SSH_MSG_CHANNEL_SUCCESS)
1071
      && parse_uint32(&buffer, &channel_number)
1072
      && parse_eod(&buffer)
1073
      && (channel = lookup_channel(connection->channels, channel_number)))
1074
1075
    {
      lsh_string_free(packet);
1076

1077
      if (object_queue_is_empty(&channel->pending_requests))
1078
	{
1079
	  werror("do_channel_success: Unexpected message. Ignoring.\n");
1080
1081
	  return LSH_OK | LSH_GOON;
	}
1082
      {
Niels Möller's avatar
Niels Möller committed
1083
	CAST_SUBTYPE(command_continuation, c,
1084
1085
1086
1087
	     object_queue_remove_head(&channel->pending_requests));
	return channel_process_status(connection->channels, channel_number,
				      COMMAND_RETURN(c, channel));
      }
1088
1089
1090
1091
1092
    }
  lsh_string_free(packet);
  return LSH_FAIL | LSH_DIE;
}

1093
1094
static int do_channel_failure(struct packet_handler *closure UNUSED,
			      struct ssh_connection *connection,
1095
1096
1097
			      struct lsh_string *packet)
{
  struct simple_buffer buffer;
1098
  unsigned msg_number;
1099
  UINT32 channel_number;
1100
  struct ssh_channel *channel;
1101
1102
1103
1104
1105
  
  simple_buffer_init(&buffer, packet->length, packet->data);

  if (parse_uint8(&buffer, &msg_number)
      && (msg_number == SSH_MSG_CHANNEL_FAILURE)
1106
      && parse_uint32(&buffer, &channel_number)
1107
      && parse_eod(&buffer)
1108
      && (channel = lookup_channel(connection->channels, channel_number)))
1109
1110
1111
    {
      lsh_string_free(packet);
      
1112
      if (object_queue_is_empty(&channel->pending_requests))
1113
1114
1115
1116
	{
	  werror("do_channel_failure: No handler. Ignoring.\n");
	  return LSH_OK | LSH_GOON;
	}
1117
      {
Niels Möller's avatar
Niels Möller committed
1118
	CAST_SUBTYPE(command_continuation, c,
1119
1120
1121
1122
1123
	     object_queue_remove_head(&channel->pending_requests));

	return channel_process_status(connection->channels, channel_number,
				      COMMAND_RETURN(c, NULL));
      }
1124
1125
1126
1127
1128
    }
  lsh_string_free(packet);
  return LSH_FAIL | LSH_DIE;
}

1129
1130
1131
static int do_connection_service(struct command *s,
				 struct lsh_object *x,
				 struct command_continuation *c)
Niels Möller's avatar
Niels Möller committed
1132
{
1133
  CAST(connection_service, self, s);
1134
  CAST(ssh_connection, connection, x);
1135

1136
  struct channel_table *table;
Niels Möller's avatar
Niels Möller committed
1137
  
1138
1139
  NEW(global_request_handler, globals);
  NEW(channel_open_handler, open);
1140
  NEW(packet_handler, request);
Niels Möller's avatar
Niels Möller committed
1141

1142
1143
1144
  NEW(packet_handler, adjust);
  NEW(packet_handler, data);
  NEW(packet_handler, extended);
Niels Möller's avatar
Niels Möller committed
1145

1146
1147
  NEW(packet_handler, eof);
  NEW(packet_handler, close);
1148

1149
1150
  NEW(packet_handler, open_confirm);
  NEW(packet_handler, open_failure);
Niels Möller's avatar
Niels Möller committed
1151

1152
1153
  NEW(packet_handler, channel_success);
  NEW(packet_handler, channel_failure);
Niels Möller's avatar
Niels Möller committed
1154