channel.c 38.6 KB
Newer Older
Niels Möller's avatar
Niels Möller committed
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
/* channel.c
 *
 * $Id$
 */

/* lsh, an implementation of the ssh protocol
 *
 * Copyright (C) 1998 Niels Mller
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License as
 * published by the Free Software Foundation; either version 2 of the
 * License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
J.H.M. Dassen's avatar
J.H.M. Dassen committed
22
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
Niels Möller's avatar
Niels Möller committed
23
24
25
26
27
 */

#include "channel.h"

#include "format.h"
28
#include "io.h"
Niels Möller's avatar
Niels Möller committed
29
#include "read_data.h"
Niels Möller's avatar
Niels Möller committed
30
31
32
33
34
#include "ssh.h"
#include "werror.h"
#include "xalloc.h"

#include <assert.h>
35
#include <string.h>
Niels Möller's avatar
Niels Möller committed
36

37
#define GABA_DEFINE
38
#include "channel.h.x"
39
#undef GABA_DEFINE
40

41
42
#include "channel.c.x"

43
/* GABA:
44
45
   (class
     (name connection_service)
46
     (super command)
47
48
49
50
     (vars
       ; Supported global requests 
       (global_requests object alist)

51
       (channel_types object alist) ))
52
53
54
55

       ; Initialize connection (for instance, request channels to be 
       ; opened or services to be forwarded).

56
       ; (start object connection_startup)))
57
58
*/

59
/* GABA:
60
61
   (class
     (name global_request_handler)
62
     (super packet_handler)
63
64
65
66
     (vars
       (global_requests object alist)))
*/

67
/* GABA:
68
69
   (class
     (name channel_open_handler)
70
     (super packet_handler)
71
72
73
74
     (vars
       (channel_types object alist)))
*/

75
/* GABA:
76
77
78
79
80
81
82
83
84
   (class
     (name channel_open_response)
     (super channel_open_callback)
     (vars
       (remote_channel_number simple UINT32)
       (window_size simple UINT32)
       (max_packet simple UINT32)))
*/

Niels Möller's avatar
Niels Möller committed
85
86
87
88
89
struct lsh_string *format_global_failure(void)
{
  return ssh_format("%c", SSH_MSG_REQUEST_FAILURE);
}

90
91
92
93
94
struct lsh_string *format_global_success(void)
{
  return ssh_format("%c", SSH_MSG_REQUEST_SUCCESS);
}

95
96
struct lsh_string *format_open_confirmation(struct ssh_channel *channel,
					    UINT32 channel_number,
97
					    const char *format, ...)
98
99
100
101
102
103
{
  va_list args;
  UINT32 l1, l2;
  struct lsh_string *packet;

#define CONFIRM_FORMAT "%c%i%i%i%i"
104
105
#define CONFIRM_ARGS \
  SSH_MSG_CHANNEL_OPEN_CONFIRMATION, channel->channel_number, \
106
107
108
109
110
111
112
113
114
115
116
117
118
  channel_number, channel->rec_window_size, channel->rec_max_packet
    
  l1 = ssh_format_length(CONFIRM_FORMAT, CONFIRM_ARGS);

  va_start(args, format);
  l2 = ssh_vformat_length(format, args);
  va_end(args);

  packet = lsh_string_alloc(l1 + l2);

  ssh_format_write(CONFIRM_FORMAT, l1, packet->data, CONFIRM_ARGS);

  va_start(args, format);
119
  ssh_vformat_write(format, l2, packet->data+l1, args);
120
121
122
123
124
125
126
  va_end(args);

  return packet;
#undef CONFIRM_FORMAT
#undef CONFIRM_ARGS
}

Niels Möller's avatar
Niels Möller committed
127
struct lsh_string *format_open_failure(UINT32 channel, UINT32 reason,
128
				       const char *msg, const char *language)
Niels Möller's avatar
Niels Möller committed
129
130
131
132
133
{
  return ssh_format("%c%i%i%z%z", SSH_MSG_CHANNEL_OPEN_FAILURE,
		    channel, reason, msg, language);
}

134
135
136
137
138
struct lsh_string *format_channel_success(UINT32 channel)
{
  return ssh_format("%c%i", SSH_MSG_CHANNEL_SUCCESS, channel);
}

Niels Möller's avatar
Niels Möller committed
139
140
141
142
143
struct lsh_string *format_channel_failure(UINT32 channel)
{
  return ssh_format("%c%i", SSH_MSG_CHANNEL_FAILURE, channel);
}

144
145
146
147
148
149
150
151
152
153
struct lsh_string *prepare_window_adjust(struct ssh_channel *channel,
					 UINT32 add)
{
  channel->rec_window_size += add;
  
  return ssh_format("%c%i%i",
		    SSH_MSG_CHANNEL_WINDOW_ADJUST,
		    channel->channel_number, add);
}

154
/* Channel objects */
Niels Möller's avatar
Niels Möller committed
155
156
157
158
159

#define INITIAL_CHANNELS 32
/* Arbitrary limit */
#define MAX_CHANNELS (1L<<17)

Niels Möller's avatar
Niels Möller committed
160
struct channel_table *make_channel_table(void)
Niels Möller's avatar
Niels Möller committed
161
{
162
  NEW(channel_table, table);
Niels Möller's avatar
Niels Möller committed
163

164
  table->channels = lsh_space_alloc(sizeof(struct ssh_channel *)
165
				      * INITIAL_CHANNELS);
166
167
168
169
  table->allocated_channels = INITIAL_CHANNELS;
  table->next_channel = 0;
  table->used_channels = 0;
  table->max_channels = MAX_CHANNELS;
Niels Möller's avatar
Niels Möller committed
170

Niels Möller's avatar
Niels Möller committed
171
  table->pending_close = 0;
172

173
174
175
  object_queue_init(&table->local_ports);
  object_queue_init(&table->remote_ports);
  
176
177
  object_queue_init(&table->active_global_requests);
  object_queue_init(&table->pending_global_requests);
Niels Möller's avatar
Niels Möller committed
178
  
179
  return table;
Niels Möller's avatar
Niels Möller committed
180
181
182
};

/* Returns -1 if allocation fails */
183
184
185
/* NOTE: This function returns locally chosen channel numbers, which
 * are always small integers. So there's no problem fitting them in
 * a signed int. */
186
int alloc_channel(struct channel_table *table)
Niels Möller's avatar
Niels Möller committed
187
{
188
  UINT32 i;
189
  
190
  for(i = table->next_channel; i < table->used_channels; i++)
Niels Möller's avatar
Niels Möller committed
191
    {
192
      if (!table->channels[i])
Niels Möller's avatar
Niels Möller committed
193
	{
194
	  table->next_channel = i+1;
Niels Möller's avatar
Niels Möller committed
195
196
197
	  return i;
	}
    }
198
  if (i == table->max_channels)
Niels Möller's avatar
Niels Möller committed
199
    return -1;
200

201
  if (i == table->allocated_channels) 
Niels Möller's avatar
Niels Möller committed
202
    {
203
      int new_size = table->allocated_channels * 2;
Niels Möller's avatar
Niels Möller committed
204
      struct ssh_channel **new
205
	= lsh_space_alloc(sizeof(struct ssh_channel *) * new_size);
Niels Möller's avatar
Niels Möller committed
206

207
208
      memcpy(new, table->channels,
	     sizeof(struct ssh_channel *) * table->used_channels);
Niels Möller's avatar
Niels Möller committed
209
      
210
211
      table->channels = new;
      table->allocated_channels = new_size;
Niels Möller's avatar
Niels Möller committed
212
213
    }

214
  table->next_channel = table->used_channels = i+1;
Niels Möller's avatar
Niels Möller committed
215
216
217
218

  return i;
}

219
void dealloc_channel(struct channel_table *table, int i)
Niels Möller's avatar
Niels Möller committed
220
221
{
  assert(i >= 0);
222
  assert( (unsigned) i < table->used_channels);
Niels Möller's avatar
Niels Möller committed
223
  
224
225
  table->channels[i] = NULL;

226
  if ( (unsigned) i < table->next_channel)
227
228
229
    table->next_channel = i;
}

230
231
/* Returns -1 if no channel number can be allocated. See also the note
 * for alloc_channel(). */
232
233
234
235
236
237
int register_channel(struct channel_table *table, struct ssh_channel *channel)
{
  int n = alloc_channel(table);

  if (n >= 0)
    table->channels[n] = channel;
Niels Möller's avatar
Niels Möller committed
238

239
  return n;
Niels Möller's avatar
Niels Möller committed
240
241
}

242
struct ssh_channel *lookup_channel(struct channel_table *table, UINT32 i)
Niels Möller's avatar
Niels Möller committed
243
{
244
245
  return (i < table->used_channels)
    ? table->channels[i] : NULL;
Niels Möller's avatar
Niels Möller committed
246
247
}

248
249
250
251
252
253
254
255
256
257
/* FIXME: It seems suboptimal to send a window adjust message for *every* write that we do.
 * A better scheme might be as follows:
 *
 * Delay window adjust messages, keeping track of both the locally
 * maintained window size, which is updated after each write, and the
 * size that has been reported to the remote end. When the difference
 * between these two values gets large enough (say, larger than one
 * half or one third of the maximum window size), we send a
 * window_adjust message to sync them. */
static void adjust_rec_window(struct flow_controlled *f, UINT32 written)
258
{
259
260
261
262
263
264
265
266
  CAST_SUBTYPE(ssh_channel, channel, f);

  int res = A_WRITE(channel->write,
		    prepare_window_adjust
		    (channel, written));
  if (res)
    werror("adjust_rec_window: Writing window adjust message failed, ignoring\n"
	   "  (res = %i)\n", res);
267
268
}

269
270
/* Process channel-related status codes. Used by the packet handlers,
 * before returning. */
Niels Möller's avatar
Niels Möller committed
271
272
273
274
static int channel_process_status(struct channel_table *table,
				  int channel,
				  int status)
{
275
276
277
278
  struct ssh_channel *c = table->channels[channel];
  
  while (!LSH_CLOSEDP(status))
    {
279
280
281
282
283
284
285
      if (status & LSH_CHANNEL_CLOSE)
	{ /* Close the channel now */ 
	  if (!c->flags & CHANNEL_SENT_CLOSE)
	    status |= channel_close(c);
	  break;
	}
      
286
287
288
289
290
291
292
293
294
      if (status & LSH_CHANNEL_READY_SEND)
	{
	  status &= ~ LSH_CHANNEL_READY_SEND;
	  if (c->send_window_size)
	    status |= CHANNEL_SEND(c);
	}
      else if (status & LSH_CHANNEL_READY_REC)
	{
	  status &= ~ LSH_CHANNEL_READY_REC;
295
296
297
	  status |= A_WRITE(c->write,
			    prepare_window_adjust
			    (c, c->max_window - c->rec_window_size));
298
299
300
301
302
	}
      else
	break;
    }
	
Niels Möller's avatar
Niels Möller committed
303
304
305
306
  if (status & LSH_CHANNEL_FINISHED)
    {
      /* Clear this bit */
      status &= ~LSH_CHANNEL_FINISHED;
307

308
      if (c->close)
309
	status |= CHANNEL_CLOSE(c);
Niels Möller's avatar
Niels Möller committed
310
311
312
313
      
      dealloc_channel(table, channel);
    }

314
315
316
317
318
319
320
  if (status & LSH_CHANNEL_PENDING_CLOSE)
    table->pending_close = 1;
  
  /* If this was the last channel, close connection */
  if (table->pending_close && !table->next_channel)
    status |= LSH_CLOSE;

Niels Möller's avatar
Niels Möller committed
321
322
  return status;
}
Niels Möller's avatar
Niels Möller committed
323

324
325
326
327
328
329
330
/* Ugly macros to make it a little simpler to free the input packet at
 * the right time. */

#define START int foo_res
#define RETURN(x) do { foo_res = (x); goto foo_finish; } while(0)
#define END(s) foo_finish: do { lsh_string_free((s)); return foo_res; } while(0)

Niels Möller's avatar
Niels Möller committed
331
/* Channel related messages */
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363

/* GABA:
   (class
     (name global_request_status)
     (vars
       ; -1 for still active requests,
       ; 0 for failure,
       ; 1 for success
       (status . int)))
*/

static struct global_request_status *make_global_request_status(void)
{
  NEW(global_request_status, self);
  self->status = -1;

  return self;
}

/* GABA:
   (class
     (name global_request_response)
     (super global_request_callback)
     (vars
       (active object global_request_status)))
*/

static int
do_global_request_response(struct global_request_callback *c,
			   int success)
{
  CAST(global_request_response, self, c);
364
  struct object_queue *q = &self->super.connection->channels->active_global_requests;
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405

  int res = 0;
  
  assert( self->active->status == -1);
  assert( (success == 0) || (success == 1) );
  assert( !object_queue_is_empty(q));
	  
  self->active->status = success;

  for (;;)
    {
      CAST(global_request_status, n, object_queue_peek_head(q));
      if (!n || (n->status < 0))
	return res;

      object_queue_remove_head(q);
      
      res |= A_WRITE(self->super.connection->write,
		     (n->status
		      ? format_global_success()
		      : format_global_failure()));
      
      if (LSH_CLOSEDP(res))
	return res;
    }
}

static struct global_request_callback *
make_global_request_response(struct ssh_connection *connection,
			     struct global_request_status *active)
{
  NEW(global_request_response, self);

  self->super.connection = connection;
  self->super.response = do_global_request_response;

  self->active = active;

  return &self->super;
}
     
Niels Möller's avatar
Niels Möller committed
406
407
408
409
static int do_global_request(struct packet_handler *c,
			     struct ssh_connection *connection,
			     struct lsh_string *packet)
{
410
  CAST(global_request_handler, closure, c);
Niels Möller's avatar
Niels Möller committed
411
412

  struct simple_buffer buffer;
413
  unsigned msg_number;
Niels Möller's avatar
Niels Möller committed
414
415
  int name;
  int want_reply;
416
  START;
Niels Möller's avatar
Niels Möller committed
417
418
419
420
421
422
423
424
425
  
  simple_buffer_init(&buffer, packet->length, packet->data);

  if (parse_uint8(&buffer, &msg_number)
      && (msg_number == SSH_MSG_GLOBAL_REQUEST)
      && parse_atom(&buffer, &name)
      && parse_boolean(&buffer, &want_reply))
    {
      struct global_request *req;
426
427
      struct global_request_callback *c = NULL;
      
Niels Möller's avatar
Niels Möller committed
428
      if (!name || !(req = ALIST_GET(closure->global_requests, name)))
429
430
	RETURN (A_WRITE(connection->write,
		       format_global_failure()));
Niels Möller's avatar
Niels Möller committed
431

432
433
434
435
      if (want_reply)
	{
	  struct global_request_status *a = make_global_request_status();

436
	  object_queue_add_tail(&connection->channels->active_global_requests,
437
438
439
440
441
				&a->super);
	  
	  c = make_global_request_response(connection, a);
	}
      RETURN (GLOBAL_REQUEST(req, connection, &buffer, c));
Niels Möller's avatar
Niels Möller committed
442
    }
443
  RETURN (LSH_FAIL | LSH_DIE);
Niels Möller's avatar
Niels Möller committed
444

445
  END (packet);
Niels Möller's avatar
Niels Möller committed
446
447
}

448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
/* Callback given to the CHANNEL_OPEN method */
static int do_channel_open_response(struct channel_open_callback *c,
                                    struct ssh_channel *channel,
                                    UINT32 error, char *error_msg,
                                    struct lsh_string *args)
{
  CAST(channel_open_response, closure, c);
  
  int local_channel_number;

  if (!channel)
    {
      if (error)
        return A_WRITE(closure->super.connection->write,
                       format_open_failure(closure->remote_channel_number,
                                           error, error_msg, ""));
464
465
      /* The request was invalid */
      return LSH_FAIL | LSH_DIE;
466
467
468
469
470
471
472
473
474
475
476
477
478
479
    }

  if ( (local_channel_number
            = register_channel(closure->super.connection->channels,
			       channel)) < 0)
    {
      werror("Could not allocate a channel number for opened channel!\n");
      return A_WRITE(closure->super.connection->write,
                     format_open_failure(closure->remote_channel_number,
                                         SSH_OPEN_RESOURCE_SHORTAGE,
                                         "Could not allocate a channel number "
                                         "(shouldn't happen...)", ""));
    }

480
  /* FIXME: This copying could just as well be done by the
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
   * CHANNEL_OPEN handler? Then we can remove the corresponding fields
   * from the closure as well. */
  channel->send_window_size = closure->window_size;
  channel->send_max_packet = closure->max_packet;
  channel->channel_number = closure->remote_channel_number;

  /* FIXME: Is the channel->write field really needed? */
  channel->write = closure->super.connection->write;

  return A_WRITE(closure->super.connection->write,
                 args
                 ? format_open_confirmation(channel, local_channel_number,
                                            "%lfS", args)
                 : format_open_confirmation(channel, local_channel_number,
                                            ""));
}

static struct channel_open_response *
make_channel_open_response(struct ssh_connection* connection,
			   UINT32 remote_channel_number,
			   UINT32 window_size,
			   UINT32 max_packet)
{
  NEW(channel_open_response, closure);

  closure->super.response = do_channel_open_response;
  closure->super.connection = connection;
  closure->remote_channel_number = remote_channel_number;
  closure->window_size = window_size;
  closure->max_packet = max_packet;

  return closure;
}
514

515

516
517
518
519
520
521
522
523
524
525
526
#if 0
/* ;;GABA:
   (class
     (name channel_open_continuation)
     (super command_continuation)
     (vars
       (connection object ssh_connection)
       (remote_channel_number simple UINT32)
       (window_size simple UINT32)
       (max_packet simple UINT32)))
*/
527

528
529
530
531
532
533
534
535
static int do_channel_open_continue(struct command_continuation *c,
				    struct lsh_object *result)
{
  CAST(channel_open_continuation, self, c);
  CAST_SUBTYPE(channel);
}
#endif
				    
Niels Möller's avatar
Niels Möller committed
536
537
538
539
static int do_channel_open(struct packet_handler *c,
			   struct ssh_connection *connection,
			   struct lsh_string *packet)
{
540
  CAST(channel_open_handler, closure, c);
Niels Möller's avatar
Niels Möller committed
541
542

  struct simple_buffer buffer;
543
  unsigned msg_number;
Niels Möller's avatar
Niels Möller committed
544
  int type;
545
546
547
  UINT32 remote_channel_number;
  UINT32 window_size;
  UINT32 max_packet;
548
  START;
Niels Möller's avatar
Niels Möller committed
549
550
551
552
553
554
  
  simple_buffer_init(&buffer, packet->length, packet->data);

  if (parse_uint8(&buffer, &msg_number)
      && (msg_number == SSH_MSG_CHANNEL_OPEN)
      && parse_atom(&buffer, &type)
555
556
557
      && parse_uint32(&buffer, &remote_channel_number)
      && parse_uint32(&buffer, &window_size)
      && parse_uint32(&buffer, &max_packet))
Niels Möller's avatar
Niels Möller committed
558
559
    {
      struct channel_open *open;
560
561
      struct channel_open_response *response;
      int res;
562
      
563
      if (connection->channels->pending_close)
Niels Möller's avatar
Niels Möller committed
564
	/* We are waiting for channels to close. Don't open any new ones. */
565
566
567
568
569
	RETURN
	  (A_WRITE(connection->write,
		   format_open_failure(remote_channel_number,
				       SSH_OPEN_ADMINISTRATIVELY_PROHIBITED,
				       "Waiting for channels to close.", "")));
Niels Möller's avatar
Niels Möller committed
570
571
      
      if (!type || !(open = ALIST_GET(closure->channel_types, type)))
572
573
574
575
	RETURN (A_WRITE(connection->write,
			format_open_failure(remote_channel_number,
					    SSH_OPEN_UNKNOWN_CHANNEL_TYPE,
					    "Unknown channel type", "")));
576

577
578
579
580
581
582
583
584
      response = make_channel_open_response(connection,
					    remote_channel_number,
					    window_size, max_packet);
      /* NOTE: If the channel could be opened immediately, this method
       * will call response right away. */
      res = CHANNEL_OPEN(open, connection, &buffer, &response->super);

      RETURN (res);
Niels Möller's avatar
Niels Möller committed
585
    }
586
  RETURN (LSH_FAIL | LSH_DIE);
Niels Möller's avatar
Niels Möller committed
587

588
  END(packet);
Niels Möller's avatar
Niels Möller committed
589
590
}     

591
static int do_channel_request(struct packet_handler *closure UNUSED,
Niels Möller's avatar
Niels Möller committed
592
593
594
595
			      struct ssh_connection *connection,
			      struct lsh_string *packet)
{
  struct simple_buffer buffer;
596
  unsigned msg_number;
Niels Möller's avatar
Niels Möller committed
597
598
599
  UINT32 channel_number;
  int type;
  int want_reply;
600
601
  START;
  
Niels Möller's avatar
Niels Möller committed
602
603
604
605
606
607
608
609
  simple_buffer_init(&buffer, packet->length, packet->data);

  if (parse_uint8(&buffer, &msg_number)
      && (msg_number == SSH_MSG_CHANNEL_REQUEST)
      && parse_uint32(&buffer, &channel_number)
      && parse_atom(&buffer, &type)
      && parse_boolean(&buffer, &want_reply))
    {
610
      struct ssh_channel *channel = lookup_channel(connection->channels,
Niels Möller's avatar
Niels Möller committed
611
612
						   channel_number);

613
614
615
616
      /* NOTE: We can't free packet yet, because it is not yet fully
       * parsed. There may be some more arguments, which are parsed by
       * the CHANNEL_REQUEST method below. */

Niels Möller's avatar
Niels Möller committed
617
618
619
620
      if (channel)
	{
	  struct channel_request *req;

621
622
	  if (type && channel->request_types 
	      && ( (req = ALIST_GET(channel->request_types, type)) ))
623
624
625
626
	    RETURN
	      (channel_process_status
	       (connection->channels, channel_number,
		CHANNEL_REQUEST(req, channel, connection, want_reply, &buffer)));
627
	  else
628
629
630
631
	    RETURN (want_reply
		    ? A_WRITE(connection->write,
			      format_channel_failure(channel->channel_number))
		    : LSH_OK | LSH_GOON);
632
	  
Niels Möller's avatar
Niels Möller committed
633
	}
634
      werror("SSH_MSG_CHANNEL_REQUEST on nonexistant channel %i\n",
Niels Möller's avatar
Niels Möller committed
635
636
	     channel_number);

637
638
639
640
    }
  RETURN (LSH_FAIL | LSH_DIE);
  
  END(packet);
Niels Möller's avatar
Niels Möller committed
641
642
}
      
643
644
static int do_window_adjust(struct packet_handler *closure UNUSED,
			    struct ssh_connection *connection,
645
			    struct lsh_string *packet)
Niels Möller's avatar
Niels Möller committed
646
647
{
  struct simple_buffer buffer;
648
  unsigned msg_number;
Niels Möller's avatar
Niels Möller committed
649
650
651
652
653
654
655
  UINT32 channel_number;
  UINT32 size;

  simple_buffer_init(&buffer, packet->length, packet->data);

  if (parse_uint8(&buffer, &msg_number)
      && (msg_number == SSH_MSG_CHANNEL_WINDOW_ADJUST)
656
      && parse_uint32(&buffer, &channel_number)
Niels Möller's avatar
Niels Möller committed
657
658
659
      && parse_uint32(&buffer, &size)
      && parse_eod(&buffer))
    {
660
      struct ssh_channel *channel = lookup_channel(connection->channels,
Niels Möller's avatar
Niels Möller committed
661
662
663
664
						   channel_number);

      lsh_string_free(packet);
      
Niels Möller's avatar
Niels Möller committed
665
      if (channel
666
667
	  && !(channel->flags & (CHANNEL_RECEIVED_EOF
				 | CHANNEL_RECEIVED_CLOSE)))
Niels Möller's avatar
Niels Möller committed
668
	{
Niels Möller's avatar
Niels Möller committed
669
670
671
672
	  if (! (channel->flags & CHANNEL_SENT_CLOSE))
	    {
	      channel->send_window_size += size;
	      if (channel->send_window_size && channel->send)
673
		return channel_process_status(connection->channels,
Niels Möller's avatar
Niels Möller committed
674
675
					      channel_number,
					      CHANNEL_SEND(channel));
Niels Möller's avatar
Niels Möller committed
676
	    }
Niels Möller's avatar
Niels Möller committed
677
678
679
680
	  return LSH_OK | LSH_GOON;
	}
      /* FIXME: What to do now? Should unknown channel numbers be
       * ignored silently? */
681
682
      werror("SSH_MSG_CHANNEL_WINDOW_ADJUST on nonexistant or closed "
	     "channel %i\n", channel_number);
Niels Möller's avatar
Niels Möller committed
683
684
685
686
687
688
689
      return LSH_FAIL | LSH_DIE;
    }
  lsh_string_free(packet);

  return LSH_FAIL | LSH_DIE;
}

690
691
static int do_channel_data(struct packet_handler *closure UNUSED,
			   struct ssh_connection *connection,
Niels Möller's avatar
Niels Möller committed
692
693
694
			   struct lsh_string *packet)
{
  struct simple_buffer buffer;
695
  unsigned msg_number;
Niels Möller's avatar
Niels Möller committed
696
697
698
699
700
701
702
  UINT32 channel_number;
  struct lsh_string *data;
  
  simple_buffer_init(&buffer, packet->length, packet->data);

  if (parse_uint8(&buffer, &msg_number)
      && (msg_number == SSH_MSG_CHANNEL_DATA)
703
      && parse_uint32(&buffer, &channel_number)
Niels Möller's avatar
Niels Möller committed
704
705
706
      && ( (data = parse_string_copy(&buffer)) )
      && parse_eod(&buffer))
    {
707
      struct ssh_channel *channel = lookup_channel(connection->channels,
Niels Möller's avatar
Niels Möller committed
708
709
710
711
						   channel_number);

      lsh_string_free(packet);
      
712
      if (channel && channel->receive
713
714
	  && !(channel->flags & (CHANNEL_RECEIVED_EOF
				 | CHANNEL_RECEIVED_CLOSE)))
Niels Möller's avatar
Niels Möller committed
715
	{
Niels Möller's avatar
Niels Möller committed
716
	  if (channel->flags & CHANNEL_SENT_CLOSE)
Niels Möller's avatar
Niels Möller committed
717
	    {
718
	      werror("Ignoring data on channel which is closing\n");
Niels Möller's avatar
Niels Möller committed
719
	      return LSH_OK | LSH_GOON;
Niels Möller's avatar
Niels Möller committed
720
	    }
Niels Möller's avatar
Niels Möller committed
721
722
	  else
	    {
723
724
	      int res = 0;
	      
Niels Möller's avatar
Niels Möller committed
725
726
727
	      if (data->length > channel->rec_window_size)
		{
		  /* Truncate data to fit window */
728
		  werror("Channel data overflow. Extra data ignored.\n"); 
Niels Möller's avatar
Niels Möller committed
729
730
		  data->length = channel->rec_window_size;
		}
731
732
733
734

	      if (!data->length)
		/* Ignore data packet */
		return 0;
735
736
	      channel->rec_window_size -= data->length;

737
#if 0
738
	      /* FIXME: Unconditionally adjusting the receive window
739
	       * breaks flow control. We better let the channel's
740
	       * receive method decide whether or not to receive more
741
742
	       * data. */
	      res = adjust_rec_window(channel);
743

744
745
	      if (LSH_CLOSEDP(res))
		return res;
746
747
#endif
	      
Niels Möller's avatar
Niels Möller committed
748
	      return channel_process_status(
749
		connection->channels, channel_number,
750
		res | CHANNEL_RECEIVE(channel, 
Niels Möller's avatar
Niels Möller committed
751
				      CHANNEL_DATA, data));
Niels Möller's avatar
Niels Möller committed
752
753
	    }
	  return LSH_OK | LSH_GOON;
Niels Möller's avatar
Niels Möller committed
754
755
	}
	  
756
      werror("Data on closed or non-existant channel %i\n",
Niels Möller's avatar
Niels Möller committed
757
758
759
760
761
762
763
764
765
	     channel_number);
      lsh_string_free(data);
      return LSH_FAIL | LSH_DIE;
    }
  lsh_string_free(packet);
  
  return LSH_FAIL | LSH_DIE;
}

766
767
static int do_channel_extended_data(struct packet_handler *closure UNUSED,
				    struct ssh_connection *connection,
Niels Möller's avatar
Niels Möller committed
768
769
770
				    struct lsh_string *packet)
{
  struct simple_buffer buffer;
771
  unsigned msg_number;
Niels Möller's avatar
Niels Möller committed
772
773
774
775
776
777
778
779
  UINT32 channel_number;
  UINT32 type;
  struct lsh_string *data;
  
  simple_buffer_init(&buffer, packet->length, packet->data);

  if (parse_uint8(&buffer, &msg_number)
      && (msg_number == SSH_MSG_CHANNEL_EXTENDED_DATA)
780
      && parse_uint32(&buffer, &channel_number)
Niels Möller's avatar
Niels Möller committed
781
782
783
784
      && parse_uint32(&buffer, &type)
      && ( (data = parse_string_copy(&buffer)) )
      && parse_eod(&buffer))
    {
785
      struct ssh_channel *channel = lookup_channel(connection->channels,
Niels Möller's avatar
Niels Möller committed
786
787
788
789
						   channel_number);

      lsh_string_free(packet);
      
790
      if (channel && channel->receive
791
792
	  && !(channel->flags & (CHANNEL_RECEIVED_EOF
				 | CHANNEL_RECEIVED_CLOSE)))
Niels Möller's avatar
Niels Möller committed
793
	{
Niels Möller's avatar
Niels Möller committed
794
	  if (channel->flags & CHANNEL_SENT_CLOSE)
Niels Möller's avatar
Niels Möller committed
795
	    {
796
	      werror("Ignoring extended data on channel which is closing\n");
Niels Möller's avatar
Niels Möller committed
797
	      return LSH_OK | LSH_GOON;
Niels Möller's avatar
Niels Möller committed
798
	    }
Niels Möller's avatar
Niels Möller committed
799
	  else
Niels Möller's avatar
Niels Möller committed
800
	    {
801
802
	      int res = 0;
	      
Niels Möller's avatar
Niels Möller committed
803
804
805
	      if (data->length > channel->rec_window_size)
		{
		  /* Truncate data to fit window */
806
		  werror("Channel extended data overflow. "
Niels Möller's avatar
Niels Möller committed
807
808
809
810
811
			 "Extra data ignored.\n");
		  data->length = channel->rec_window_size;
		}
	      
	      channel->rec_window_size -= data->length;
812

813
#if 0
814
815
816
817
818
819
	      /* FIXME: Like for do_channel_data(), unconditionally
	       * adjusting the window breaks flow control. */
	      res = adjust_rec_window(channel);

	      if (LSH_CLOSEDP(res))
		return res;
820
#endif
821

Niels Möller's avatar
Niels Möller committed
822
823
824
	      switch(type)
		{
		case SSH_EXTENDED_DATA_STDERR:
Niels Möller's avatar
Niels Möller committed
825
		  return channel_process_status(
826
		    connection->channels, channel_number,
827
		    res | CHANNEL_RECEIVE(channel, 
Niels Möller's avatar
Niels Möller committed
828
					  CHANNEL_STDERR_DATA, data));
Niels Möller's avatar
Niels Möller committed
829
		default:
830
		  werror("Unknown type %i of extended data.\n",
Niels Möller's avatar
Niels Möller committed
831
832
833
834
			 type);
		  lsh_string_free(data);
		  return LSH_FAIL | LSH_DIE;
		}
Niels Möller's avatar
Niels Möller committed
835
836
	    }
	}
837
      werror("Extended data on closed or non-existant channel %i\n",
Niels Möller's avatar
Niels Möller committed
838
839
840
841
842
843
844
845
846
	     channel_number);
      lsh_string_free(data);
      return LSH_FAIL | LSH_DIE;
    }
  lsh_string_free(packet);
  
  return LSH_FAIL | LSH_DIE;
}

847
848
static int do_channel_eof(struct packet_handler *closure UNUSED,
			  struct ssh_connection *connection,
849
			  struct lsh_string *packet)
Niels Möller's avatar
Niels Möller committed
850
851
{
  struct simple_buffer buffer;
852
  unsigned msg_number;
Niels Möller's avatar
Niels Möller committed
853
854
855
856
857
858
  UINT32 channel_number;
  
  simple_buffer_init(&buffer, packet->length, packet->data);

  if (parse_uint8(&buffer, &msg_number)
      && (msg_number == SSH_MSG_CHANNEL_EOF)
859
      && parse_uint32(&buffer, &channel_number)
Niels Möller's avatar
Niels Möller committed
860
861
      && parse_eod(&buffer))
    {
862
      struct ssh_channel *channel = lookup_channel(connection->channels,
Niels Möller's avatar
Niels Möller committed
863
864
865
866
						   channel_number);

      lsh_string_free(packet);

Niels Möller's avatar
Niels Möller committed
867
868
      if (channel)
	{
869
870
	  int res = 0;
	  
871
	  if (channel->flags & (CHANNEL_RECEIVED_EOF | CHANNEL_RECEIVED_CLOSE))
Niels Möller's avatar
Niels Möller committed
872
	    {
873
	      werror("Receiving EOF on channel on closed channel.\n");
Niels Möller's avatar
Niels Möller committed
874
875
876
	      return LSH_FAIL | LSH_DIE;
	    }

877
	  channel->flags |= CHANNEL_RECEIVED_EOF;
Niels Möller's avatar
Niels Möller committed
878

879
880
	  if (channel->eof)
	    res = CHANNEL_EOF(channel);
881
882
883
	  else
	    /* FIXME: What is a reasonable default behaviour?
	     * Closing the channel may be the right thing to do. */
884
885
886
	    if (! (channel->flags & CHANNEL_SENT_CLOSE))
	      res |= channel_close(channel);
#if 0
887
888
889
	  if (!LSH_CLOSEDP(res)
	      && ! (channel->flags & CHANNEL_SENT_CLOSE)
	      && (channel->flags & CHANNEL_SENT_EOF))
Niels Möller's avatar
Niels Möller committed
890
891
892
	    {
	      /* Both parties have sent EOF. Initiate close, if we
	       * havn't done that already. */
893
894
	      
	      res |= channel_close(channel);
Niels Möller's avatar
Niels Möller committed
895
	    }
896
#endif      
897
	  return channel_process_status(connection->channels, channel_number,
898
899
					res);

Niels Möller's avatar
Niels Möller committed
900
	}
901
      werror("EOF on non-existant channel %i\n",
Niels Möller's avatar
Niels Möller committed
902
903
	     channel_number);
      return LSH_FAIL | LSH_DIE;
Niels Möller's avatar
Niels Möller committed
904
    }
Niels Möller's avatar
Niels Möller committed
905
      
Niels Möller's avatar
Niels Möller committed
906
907
908
909
  lsh_string_free(packet);
  return LSH_FAIL | LSH_DIE;
}

910
911
static int do_channel_close(struct packet_handler *closure UNUSED,
			    struct ssh_connection *connection,
Niels Möller's avatar
Niels Möller committed
912
913
914
			    struct lsh_string *packet)
{
  struct simple_buffer buffer;
915
  unsigned msg_number;
Niels Möller's avatar
Niels Möller committed
916
917
918
919
920
921
  UINT32 channel_number;
  
  simple_buffer_init(&buffer, packet->length, packet->data);

  if (parse_uint8(&buffer, &msg_number)
      && (msg_number == SSH_MSG_CHANNEL_CLOSE)
922
      && parse_uint32(&buffer, &channel_number)
Niels Möller's avatar
Niels Möller committed
923
924
      && parse_eod(&buffer))
    {
925
      struct ssh_channel *channel = lookup_channel(connection->channels,
Niels Möller's avatar
Niels Möller committed
926
927
928
929
						   channel_number);

      lsh_string_free(packet);
      
Niels Möller's avatar
Niels Möller committed
930
931
      if (channel)
	{
932
933
	  int res = 0;
	  
934
	  if (channel->flags & CHANNEL_RECEIVED_CLOSE)
Niels Möller's avatar
Niels Möller committed
935
	    {
936
	      werror("Receiving multiple CLOSE on channel.\n");
Niels Möller's avatar
Niels Möller committed
937
938
939
	      return LSH_FAIL | LSH_DIE;
	    }

940
	  channel->flags |= CHANNEL_RECEIVED_CLOSE;
Niels Möller's avatar
Niels Möller committed
941
	  
942
	  if (! (channel->flags & (CHANNEL_RECEIVED_EOF | CHANNEL_SENT_EOF)))
Niels Möller's avatar
Niels Möller committed
943
	    {
944
	      werror("Unexpected channel CLOSE.\n");
Niels Möller's avatar
Niels Möller committed
945
	    }
946

947
	  if (! (channel->flags & (CHANNEL_RECEIVED_EOF))
948
	      && channel->eof)
949
	    res = CHANNEL_EOF(channel);
Niels Möller's avatar
Niels Möller committed
950
	  
Niels Möller's avatar
Niels Möller committed
951
	  return channel_process_status(
952
	    connection->channels, channel_number,
953
954
955
956
	    ( ( (channel->flags & (CHANNEL_SENT_CLOSE))
		? LSH_OK | LSH_CHANNEL_FINISHED
		: channel_close(channel))
	      | res));
Niels Möller's avatar
Niels Möller committed
957
	}
958
      werror("CLOSE on non-existant channel %i\n",
Niels Möller's avatar
Niels Möller committed
959
960
	     channel_number);
      return LSH_FAIL | LSH_DIE;
Niels Möller's avatar
Niels Möller committed
961
962
963
964
965
966
      
    }
  lsh_string_free(packet);
  return LSH_FAIL | LSH_DIE;
}

967
static int do_channel_open_confirm(struct packet_handler *closure UNUSED,
Niels Möller's avatar
Niels Möller committed
968
969
				   struct ssh_connection *connection,
				   struct lsh_string *packet)
Niels Möller's avatar
Niels Möller committed
970
971
{
  struct simple_buffer buffer;
972
  unsigned msg_number;
Niels Möller's avatar
Niels Möller committed
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
  UINT32 local_channel_number;
  UINT32 remote_channel_number;  
  UINT32 window_size;
  UINT32 max_packet;
  
  simple_buffer_init(&buffer, packet->length, packet->data);

  if (parse_uint8(&buffer, &msg_number)
      && (msg_number == SSH_MSG_CHANNEL_OPEN_CONFIRMATION)
      && parse_uint32(&buffer, &local_channel_number)
      && parse_uint32(&buffer, &remote_channel_number)
      && parse_uint32(&buffer, &window_size)
      && parse_uint32(&buffer, &max_packet)
      && parse_eod(&buffer))
    {
988
      struct ssh_channel *channel = lookup_channel(connection->channels,
Niels Möller's avatar
Niels Möller committed
989
990
991
992
						   local_channel_number);

      lsh_string_free(packet);

993
      if (channel && channel->open_continuation)
Niels Möller's avatar
Niels Möller committed
994
995
996
997
998
	{
	  channel->channel_number = remote_channel_number;
	  channel->send_window_size = window_size;
	  channel->send_max_packet = max_packet;

999
1000
1001
1002
	  return channel_process_status
	    (connection->channels,
	     local_channel_number,
	     COMMAND_RETURN(channel->open_continuation, channel));
Niels Möller's avatar
Niels Möller committed
1003
	}
1004
      werror("Unexpected SSH_MSG_CHANNEL_OPEN_CONFIRMATION on channel %i\n",
Niels Möller's avatar
Niels Möller committed
1005
1006
1007
1008
1009
1010
1011
	     local_channel_number);
      return LSH_FAIL | LSH_DIE;
    }
  lsh_string_free(packet);
  return LSH_FAIL | LSH_DIE;
}

1012
1013
static int do_channel_open_failure(struct packet_handler *closure UNUSED,
			      struct ssh_connection *connection,
Niels Möller's avatar
Niels Möller committed
1014
1015
1016
			      struct lsh_string *packet)
{
  struct simple_buffer buffer;
1017
  unsigned msg_number;
Niels Möller's avatar
Niels Möller committed
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
  UINT32 channel_number;
  UINT32 reason;

  UINT8 *msg;
  UINT32 length;

  UINT8 *language;
  UINT32 language_length;
  
  simple_buffer_init(&buffer, packet->length, packet->data);

  if (parse_uint8(&buffer, &msg_number)
      && (msg_number == SSH_MSG_CHANNEL_OPEN_FAILURE)
      && parse_uint32(&buffer, &channel_number)
      && parse_uint32(&buffer, &reason)
      && parse_string(&buffer, &length, &msg)
      && parse_string(&buffer, &language_length, &language)
      && parse_eod(&buffer))
    {
1037
      struct ssh_channel *channel = lookup_channel(connection->channels,
Niels Möller's avatar
Niels Möller committed
1038
1039
1040
1041
						   channel_number);

      /* lsh_string_free(packet); */

1042
      if (channel && channel->open_continuation)
Niels Möller's avatar
Niels Möller committed
1043
	{
1044
	  int res = COMMAND_RETURN(channel->open_continuation, NULL);
Niels Möller's avatar
Niels Möller committed
1045
1046

	  lsh_string_free(packet);
Niels Möller's avatar
Niels Möller committed
1047

1048
	  return channel_process_status(connection->channels, channel_number,
Niels Möller's avatar
Niels Möller committed
1049
					res | LSH_CHANNEL_FINISHED);
Niels Möller's avatar
Niels Möller committed
1050
	}
1051
      werror("Unexpected SSH_MSG_CHANNEL_OPEN_FAILURE on channel %i\n",
Niels Möller's avatar
Niels Möller committed
1052
1053
1054
1055
1056
1057
1058
1059
1060
	     channel_number);
      lsh_string_free(packet);
      
      return LSH_FAIL | LSH_DIE;
    }
  lsh_string_free(packet);
  return LSH_FAIL | LSH_DIE;
}

1061
1062
static int do_channel_success(struct packet_handler *closure UNUSED,
			      struct ssh_connection *connection,
1063
1064
1065
			      struct lsh_string *packet)
{
  struct simple_buffer buffer;
1066
  unsigned msg_number;
1067
  UINT32 channel_number;
1068
1069
  struct ssh_channel *channel;
      
1070
1071
1072
1073
  simple_buffer_init(&buffer, packet->length, packet->data);

  if (parse_uint8(&buffer, &msg_number)
      && (msg_number == SSH_MSG_CHANNEL_SUCCESS)
1074
      && parse_uint32(&buffer, &channel_number)
1075
      && parse_eod(&buffer)
1076
      && (channel = lookup_channel(connection->channels, channel_number)))
1077
1078
    {
      lsh_string_free(packet);
1079

1080
      if (object_queue_is_empty(&channel->pending_requests))
1081
	{
1082
	  werror("do_channel_success: Unexpected message. Ignoring.\n");
1083
1084
	  return LSH_OK | LSH_GOON;
	}
1085
      {
Niels Möller's avatar
Niels Möller committed
1086
	CAST_SUBTYPE(command_continuation, c,
1087
1088
1089
1090
	     object_queue_remove_head(&channel->pending_requests));
	return channel_process_status(connection->channels, channel_number,
				      COMMAND_RETURN(c, channel));
      }
1091
1092
1093
1094
1095
    }
  lsh_string_free(packet);
  return LSH_FAIL | LSH_DIE;
}

1096
1097
static int do_channel_failure(struct packet_handler *closure UNUSED,
			      struct ssh_connection *connection,
1098
1099
1100
			      struct lsh_string *packet)
{
  struct simple_buffer buffer;
1101
  unsigned msg_number;
1102
  UINT32 channel_number;
1103
  struct ssh_channel *channel;
1104
1105
1106
1107
1108
  
  simple_buffer_init(&buffer, packet->length, packet->data);

  if (parse_uint8(&buffer, &msg_number)
      && (msg_number == SSH_MSG_CHANNEL_FAILURE)
1109
      && parse_uint32(&buffer, &channel_number)
1110
      && parse_eod(&buffer)
1111
      && (channel = lookup_channel(connection->channels, channel_number)))
1112
1113
1114
    {
      lsh_string_free(packet);
      
1115
      if (object_queue_is_empty(&channel->pending_requests))
1116
1117
1118
1119
	{
	  werror("do_channel_failure: No handler. Ignoring.\n");
	  return LSH_OK | LSH_GOON;
	}
1120
      {
Niels Möller's avatar
Niels Möller committed
1121
	CAST_SUBTYPE(command_continuation, c,
1122
1123
1124
1125
1126
	     object_queue_remove_head(&channel->pending_requests));

	return channel_process_status(connection->channels, channel_number,
				      COMMAND_RETURN(c, NULL));
      }
1127
1128
1129
1130
1131
    }
  lsh_string_free(packet);
  return LSH_FAIL | LSH_DIE;
}

1132
1133
1134
static int do_connection_service(struct command *s,
				 struct lsh_object *x,
				 struct command_continuation *c)
Niels Möller's avatar
Niels Möller committed
1135
{
1136
  CAST(connection_service, self, s);
1137
  CAST(ssh_connection, connection, x);
1138

1139
  struct channel_table *table;
Niels Möller's avatar
Niels Möller committed
1140
  
1141
1142
  NEW(global_request_handler, globals);
  NEW(channel_open_handler, open);
1143
  NEW(packet_handler, request);
Niels Möller's avatar
Niels Möller committed
1144

1145
1146
1147
  NEW(packet_handler, adjust);
  NEW(packet_handler, data);
  NEW(packet_handler, extended);
Niels Möller's avatar
Niels Möller committed
1148

1149
1150
  NEW(packet_handler, eof);
  NEW(packet_handler, close);
1151

Balázs Scheidler's avatar