channel.c

/* channel.c
 *
 * $Id$
 */

/* lsh, an implementation of the ssh protocol
 *
 * Copyright (C) 1998 Niels Mller
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License as
 * published by the Free Software Foundation; either version 2 of the
 * License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 */

#include "channel.h"

#include "format.h"
#include "io.h"
#include "read_data.h"
#include "ssh.h"
#include "werror.h"
#include "xalloc.h"

#include <assert.h>
#include <string.h>

#define GABA_DEFINE
#include "channel.h.x"
#undef GABA_DEFINE

#include "channel.c.x"

struct exception *make_channel_open_exception(UINT32 error_code, char *msg)
{
  NEW(channel_open_exception, self);
  self->super.type = EXC_CHANNEL_OPEN;
  self->super.msg = msg;
  self->error_code = error_code;

  return &self->super;
}

/* GABA:
   (class
     (name connection_service)
     (super command)
     (vars
       ; Supported global requests 
       (global_requests object alist)

       (channel_types object alist) ))

       ; Initialize connection (for instance, request channels to be 
       ; opened or services to be forwarded).

       ; (start object connection_startup)))
*/

/* ;; GABA:
   (class
     (name global_request_handler)
     (super packet_handler)
     (vars
       (global_requests object alist)))
*/

/* ;; GABA:
   (class
     (name channel_open_handler)
     (super packet_handler)
     (vars
       (channel_types object alist)))
*/

/* ;; GABA:
   (class
     (name channel_open_response)
     (super channel_open_callback)
     (vars
       (remote_channel_number simple UINT32)
       (window_size simple UINT32)
       (max_packet simple UINT32)))
*/

struct lsh_string *format_global_failure(void)
{
  return ssh_format("%c", SSH_MSG_REQUEST_FAILURE);
}

struct lsh_string *format_global_success(void)
{
  return ssh_format("%c", SSH_MSG_REQUEST_SUCCESS);
}

struct lsh_string *format_open_confirmation(struct ssh_channel *channel,
					    UINT32 channel_number,
					    const char *format, ...)
{
  va_list args;
  UINT32 l1, l2;
  struct lsh_string *packet;

#define CONFIRM_FORMAT "%c%i%i%i%i"
#define CONFIRM_ARGS \
  SSH_MSG_CHANNEL_OPEN_CONFIRMATION, channel->channel_number, \
  channel_number, channel->rec_window_size, channel->rec_max_packet
    
  l1 = ssh_format_length(CONFIRM_FORMAT, CONFIRM_ARGS);

  va_start(args, format);
  l2 = ssh_vformat_length(format, args);
  va_end(args);

  packet = lsh_string_alloc(l1 + l2);

  ssh_format_write(CONFIRM_FORMAT, l1, packet->data, CONFIRM_ARGS);

  va_start(args, format);
  ssh_vformat_write(format, l2, packet->data+l1, args);
  va_end(args);

  return packet;
#undef CONFIRM_FORMAT
#undef CONFIRM_ARGS
}

struct lsh_string *format_open_failure(UINT32 channel, UINT32 reason,
				       const char *msg, const char *language)
{
  return ssh_format("%c%i%i%z%z", SSH_MSG_CHANNEL_OPEN_FAILURE,
		    channel, reason, msg, language);
}

struct lsh_string *format_channel_success(UINT32 channel)
{
  return ssh_format("%c%i", SSH_MSG_CHANNEL_SUCCESS, channel);
}

struct lsh_string *format_channel_failure(UINT32 channel)
{
  return ssh_format("%c%i", SSH_MSG_CHANNEL_FAILURE, channel);
}

struct lsh_string *prepare_window_adjust(struct ssh_channel *channel,
					 UINT32 add)
{
  channel->rec_window_size += add;
  
  return ssh_format("%c%i%i",
		    SSH_MSG_CHANNEL_WINDOW_ADJUST,
		    channel->channel_number, add);
}

/* ;; GABA:
   (class
     (name channel_exception)
     (super exception)
     (vars
       (channel object ssh_channel)
       (pending_close . int)))
*/

/* GABA:
   (class
     (name exc_finish_channel_handler)
     (super exception_handler)
     (vars
       (table object channel_table)
       ; Local channel number 
       (channel_number . UINT32)))
*/

static void do_exc_finish_channel_handler(struct exception_handler *s,
					  const struct exception *e)
{
  CAST(exc_finish_channel_handler, self, s);

  switch (e->type)
    {
    case EXC_FINISH_PENDING:
      self->table->pending_close = 1;

      if (!self->table->next_channel)
	EXCEPTION_RAISE(self->super.parent, &finish_read_exception);
      break;
      
    case EXC_FINISH_CHANNEL:
      /* NOTE: This type of exception must be handled only once.
       * Perhaps we must add a liveness flag in the ssh_channel struct
       * to avoid deallocating dead channels? */
      {
	struct ssh_channel *channel
	  = self->table->channels[self->channel_number];

	assert(channel);
	
	if (channel->close)
	  CHANNEL_CLOSE(channel);
	
	dealloc_channel(self->table, self->channel_number);

	if (self->table->pending_close && !self->table->next_channel)
	  EXCEPTION_RAISE(self->super.parent, &finish_read_exception);
      }
      break;
    default:
      EXCEPTION_RAISE(self->super.parent, e);
    }
}

static struct exception_handler *
make_exc_finish_channel_handler(struct channel_table *table,
				UINT32 channel_number,
				struct exception_handler *e)
{
  NEW(exc_finish_channel_handler, self);
  self->table = table;
  self->channel_number = channel_number;
  self->super.parent = e;
  self->super.raise = do_exc_finish_channel_handler;

  return &self->super;
}
				

/* Channel objects */

#define INITIAL_CHANNELS 32
/* Arbitrary limit */
#define MAX_CHANNELS (1L<<17)

struct channel_table *make_channel_table(void)
{
  NEW(channel_table, table);

  table->channels = lsh_space_alloc(sizeof(struct ssh_channel *)
				      * INITIAL_CHANNELS);
  table->in_use = lsh_space_alloc(INITIAL_CHANNELS);
  
  table->allocated_channels = INITIAL_CHANNELS;
  table->next_channel = 0;
  table->used_channels = 0;
  table->max_channels = MAX_CHANNELS;

  table->pending_close = 0;

  table->global_requests = make_alist(0, -1);
  table->channel_types = make_alist(0, -1);
  
  object_queue_init(&table->local_ports);
  object_queue_init(&table->remote_ports);
  
  object_queue_init(&table->active_global_requests);
  object_queue_init(&table->pending_global_requests);
  
  return table;
};

/* Returns -1 if allocation fails */
/* NOTE: This function returns locally chosen channel numbers, which
 * are always small integers. So there's no problem fitting them in
 * a signed int. */
int alloc_channel(struct channel_table *table)
{
  UINT32 i;
  
  for(i = table->next_channel; i < table->used_channels; i++)
    {
      if (!table->in_use[i])
	{
	  assert(!table->channels[i]);
	  table->in_use[i] = 1;
	  table->next_channel = i+1;
	  return i;
	}
    }
  if (i == table->max_channels)
    return -1;

  if (i == table->allocated_channels) 
    {
      int new_size = table->allocated_channels * 2;
      struct ssh_channel **new_channels;
      UINT8 *new_in_use;

      new_channels = lsh_space_alloc(sizeof(struct ssh_channel *)
				     * new_size);
      memcpy(new_channels, table->channels,
	     sizeof(struct ssh_channel *) * table->used_channels);
      lsh_space_free(table->channels);
      table->channels = new_channels;

      new_in_use = lsh_space_alloc(new_size);
      memcpy(new_in_use, table->in_use, table->used_channels);
      lsh_space_free(table->in_use);
      table->in_use = new_in_use;

      table->allocated_channels = new_size;
    }

  table->next_channel = table->used_channels = i+1;

  return i;
}

void dealloc_channel(struct channel_table *table, int i)
{
  assert(i >= 0);
  assert( (unsigned) i < table->used_channels);
  
  table->channels[i] = NULL;
  table->in_use[i] = 0;
  
  if ( (unsigned) i < table->next_channel)
    table->next_channel = i;
}

void register_channel(struct channel_table *table,
		      UINT32 local_channel_number,
		      struct ssh_channel *channel)
{
  assert(table->in_use[local_channel_number]);
  assert(!table->channels[local_channel_number]);
  
  table->channels[local_channel_number] = channel;

  /* FIXME: Is this the right place to install this exception handler? */
  channel->e = make_exc_finish_channel_handler(table,
					       local_channel_number,
					       channel->e);
}

struct ssh_channel *lookup_channel(struct channel_table *table, UINT32 i)
{
  return (i < table->used_channels)
    ? table->channels[i] : NULL;
}

/* FIXME: It seems suboptimal to send a window adjust message for *every* write that we do.
 * A better scheme might be as follows:
 *
 * Delay window adjust messages, keeping track of both the locally
 * maintained window size, which is updated after each write, and the
 * size that has been reported to the remote end. When the difference
 * between these two values gets large enough (say, larger than one
 * half or one third of the maximum window size), we send a
 * window_adjust message to sync them. */
static void adjust_rec_window(struct flow_controlled *f, UINT32 written)
{
  CAST_SUBTYPE(ssh_channel, channel, f);

  A_WRITE(channel->write,
	  prepare_window_adjust
	  (channel, written),
	  channel->e);
}

void channel_start_receive(struct ssh_channel *channel)
{
  A_WRITE(channel->write,
	  prepare_window_adjust
	  (channel, channel->max_window - channel->rec_window_size),
	  channel->e);
}

#if 0
/* Process channel-related status codes. Used by the packet handlers,
 * before returning. */
static int channel_process_status(struct channel_table *table,
				  int channel,
				  int status)
{
  struct ssh_channel *c = table->channels[channel];
  
  while (!LSH_CLOSEDP(status))
    {
      if (status & LSH_CHANNEL_CLOSE)
	{ /* Close the channel now */ 
	  if (!c->flags & CHANNEL_SENT_CLOSE)
	    status |= channel_close(c);
	  break;
	}
      
      if (status & LSH_CHANNEL_READY_SEND)
	{
	  status &= ~ LSH_CHANNEL_READY_SEND;
	  if (c->send_window_size)
	    status |= CHANNEL_SEND(c);
	}
      else if (status & LSH_CHANNEL_READY_REC)
	{
	  status &= ~ LSH_CHANNEL_READY_REC;
	  status |= channel_start_receive(c);
	}
      else
	break;
    }
	
  if (status & LSH_CHANNEL_FINISHED)
    {
      /* Clear this bit */
      status &= ~LSH_CHANNEL_FINISHED;

      if (c->close)
	status |= CHANNEL_CLOSE(c);
      
      dealloc_channel(table, channel);
    }

  if (status & LSH_CHANNEL_PENDING_CLOSE)
    table->pending_close = 1;
  
  /* If this was the last channel, close connection */
  if (table->pending_close && !table->next_channel)
    status |= LSH_CLOSE;

  return status;
}
#endif


/* Ugly macros to make it a little simpler to free the input packet at
 * the right time. */

#define RETURN goto foo_finish
#define END(s) do { foo_finish: \
                    lsh_string_free((s)); \
                    return; } while(0)

#define ERROR(e, msg) \
  EXCEPTION_RAISE(e, make_protocol_exception \
    (SSH_DISCONNECT_PROTOCOL_ERROR, msg))

/* Channel related messages */

/* GABA:
   (class
     (name global_request_status)
     (vars
       ; -1 for still active requests,
       ; 0 for failure,
       ; 1 for success
       (status . int)))
*/

static struct global_request_status *make_global_request_status(void)
{
  NEW(global_request_status, self);
  self->status = -1;

  return self;
}

/* GABA:
   (class
     (name global_request_response)
     (super global_request_callback)
     (vars
       (active object global_request_status)))
*/

static void
do_global_request_response(struct global_request_callback *c,
			   int success)
{
  CAST(global_request_response, self, c);
  struct object_queue *q = &self->super.connection->table->active_global_requests;

  assert( self->active->status == -1);
  assert( (success == 0) || (success == 1) );
  assert( !object_queue_is_empty(q));
	  
  self->active->status = success;

  for (;;)
    {
      CAST(global_request_status, n, object_queue_peek_head(q));
      if (!n || (n->status < 0))
	break;

      object_queue_remove_head(q);

      /* FIXME: Perhaps install some exception handler that cancels
       * the queue as soon as a write failes. */
      A_WRITE(self->super.connection->write,
	      (n->status
	       ? format_global_success()
	       : format_global_failure()),
	      self->super.connection->e);
    }
}

static struct global_request_callback *
make_global_request_response(struct ssh_connection *connection,
			     struct global_request_status *active)
{
  NEW(global_request_response, self);

  self->super.connection = connection;
  self->super.response = do_global_request_response;

  self->active = active;

  return &self->super;
}
     
static void do_global_request(struct packet_handler *s UNUSED,
			      struct ssh_connection *connection,
			      struct lsh_string *packet)
{
  /* CAST(global_request_handler, closure, c); */

  struct simple_buffer buffer;
  unsigned msg_number;
  int name;
  int want_reply;
  
  simple_buffer_init(&buffer, packet->length, packet->data);

  if (parse_uint8(&buffer, &msg_number)
      && (msg_number == SSH_MSG_GLOBAL_REQUEST)
      && parse_atom(&buffer, &name)
      && parse_boolean(&buffer, &want_reply))
    {
      struct global_request *req;
      struct global_request_callback *c = NULL;
      
      if (!name || !(req = ALIST_GET(connection->table->global_requests,
				     name)))
	{
	  lsh_string_free(packet);

	  C_WRITE(connection, format_global_failure());
	  return;
	}
      else
	{
	  if (want_reply)
	    {
	      struct global_request_status *a = make_global_request_status();
	      
	      object_queue_add_tail(&connection->table->active_global_requests,
				    &a->super);
	      
	      c = make_global_request_response(connection, a);
	    }
	  GLOBAL_REQUEST(req, connection, &buffer, c);
	}
    }
  else
    {
      ERROR(connection->e, "Invalid SSH_MSG_GLOBAL_REQUEST message.");
    }
  lsh_string_free(packet);
}

static void
do_global_request_success(struct packet_handler *s UNUSED,
			  struct ssh_connection *connection,
			  struct lsh_string *packet)
{
  if (packet->length != 1)
    {
      ERROR(connection->e, "Invalid GLOBAL_REQUEST_SUCCESS message.");
      RETURN;
    }

  assert(packet->data[0] == SSH_MSG_REQUEST_SUCCESS);

  if (object_queue_is_empty(&connection->table->pending_global_requests))
    {
      werror("do_global_request_success: Unexpected message, ignoring.\n");
      return;
    }
  {
    CAST_SUBTYPE(command_context, ctx,
		 object_queue_remove_head(&connection->table->pending_global_requests));
    COMMAND_RETURN(ctx->c, connection);
  }
  END(packet);
}

struct exception global_request_exception =
STATIC_EXCEPTION(EXC_GLOBAL_REQUEST, "Global request failed");

static void
do_global_request_failure(struct packet_handler *s UNUSED,
			  struct ssh_connection *connection,
			  struct lsh_string *packet)
{
  if (packet->length != 1)
    {
      ERROR(connection->e, "Invalid GLOBAL_REQUEST_FAILURE message.");
      RETURN;
    }

  assert(packet->data[0] == SSH_MSG_REQUEST_FAILURE);

  if (object_queue_is_empty(&connection->table->pending_global_requests))
    {
      werror("do_global_request_failure: Unexpected message, ignoring.\n");
    }
  else
    {
      CAST_SUBTYPE(command_context, ctx,
		   object_queue_remove_head(&connection->table->pending_global_requests));
      EXCEPTION_RAISE(ctx->e, &global_request_exception);
    }
  END(packet);
}

#if 0
/* HERE!!! */
/* FIXME: Split into a continuation and an exception handler */
/* Callback given to the CHANNEL_OPEN method */
static int do_channel_open_response(struct channel_open_callback *c,
                                    struct ssh_channel *channel,
                                    UINT32 error, char *error_msg,
                                    struct lsh_string *args)
{
  CAST(channel_open_response, closure, c);
  
  int local_channel_number;

  if (!channel)
    {
      if (error)
        C_WRITE(closure->super.connection->write,
		format_open_failure(closure->remote_channel_number,
				    error, error_msg, ""));
      else
	EXCEPTION_RAISE(closure->super.connection->e,
			make_protocol_exception())
      return LSH_FAIL | LSH_DIE;
    }

  /* FIXME: It would be better to allocate or at least reserve a channel number earlier,
   * so that we can't fail at this point.
   */
  if ( (local_channel_number
            = register_channel(closure->super.connection->channels,
			       channel)) < 0)
    {
      werror("Could not allocate a channel number for opened channel!\n");
      return A_WRITE(closure->super.connection->write,
                     format_open_failure(closure->remote_channel_number,
                                         SSH_OPEN_RESOURCE_SHORTAGE,
                                         "Could not allocate a channel number "
                                         "(shouldn't happen...)", ""));
    }

  /* FIXME: This copying could just as well be done by the
   * CHANNEL_OPEN handler? Then we can remove the corresponding fields
   * from the closure as well. */
  channel->send_window_size = closure->window_size;
  channel->send_max_packet = closure->max_packet;
  channel->channel_number = closure->remote_channel_number;

  /* FIXME: Is the channel->write field really needed? */
  channel->write = closure->super.connection->write;

  return A_WRITE(closure->super.connection->write,
                 args
                 ? format_open_confirmation(channel, local_channel_number,
                                            "%lfS", args)
                 : format_open_confirmation(channel, local_channel_number,
                                            ""));
}

static struct channel_open_response *
make_channel_open_response(struct ssh_connection* connection,
			   UINT32 remote_channel_number,
			   UINT32 window_size,
			   UINT32 max_packet)
{
  NEW(channel_open_response, closure);

  closure->super.response = do_channel_open_response;
  closure->super.connection = connection;
  closure->remote_channel_number = remote_channel_number;
  closure->window_size = window_size;
  closure->max_packet = max_packet;

  return closure;
}
#endif

/* GABA:
   (class
     (name channel_open_continuation)
     (super command_continuation)
     (vars
       (connection object ssh_connection)
       (local_channel_number . UINT32)
       (remote_channel_number . UINT32)
       (window_size . UINT32)
       (max_packet . UINT32)))
*/

static void
do_channel_open_continue(struct command_continuation *c,
			 struct lsh_object *value)
{
  CAST(channel_open_continuation, self, c);
  CAST_SUBTYPE(ssh_channel, channel, value);

  assert(channel);

  /* FIXME: This copying could just as well be done by the
   * CHANNEL_OPEN handler? Then we can remove the corresponding fields
   * from the closure as well. */
  channel->send_window_size = self->window_size;
  channel->send_max_packet = self->max_packet;
  channel->channel_number = self->remote_channel_number;

  /* FIXME: Is the channel->write field really needed? */
  channel->write = self->connection->write;

  register_channel(self->connection->table,
		   self->local_channel_number, channel);

  /* FIXME: Doesn't support sending extra arguments with the
   * confirmation message. */

  C_WRITE(self->connection,
	  format_open_confirmation(channel, self->local_channel_number, ""));
}

static struct command_continuation *
make_channel_open_continuation(struct ssh_connection *connection,
			       UINT32 local_channel_number,
			       UINT32 remote_channel_number,
			       UINT32 window_size,
			       UINT32 max_packet)
{
  NEW(channel_open_continuation, self);

  self->super.c = do_channel_open_continue;
  self->connection = connection;
  self->local_channel_number = local_channel_number;
  self->remote_channel_number = remote_channel_number;
  self->window_size = window_size;
  self->max_packet = max_packet;

  return &self->super;
}
			       
/* GABA:
   (class
     (name exc_channel_open_handler)
     (super exception_handler)
     (vars
       (connection object ssh_connection)
       (local_channel_number . UINT32)
       (remote_channel_number . UINT32)))
*/

static void do_exc_channel_open_handler(struct exception_handler *s,
					const struct exception *e)
{
  CAST(exc_channel_open_handler, self, s);

  switch (e->type)
    {
    case EXC_CHANNEL_OPEN:
      {
	CAST_SUBTYPE(channel_open_exception, exc, e);
	struct channel_table *table = self->connection->table;
	
	assert(table->in_use[self->local_channel_number]);
	assert(!table->channels[self->local_channel_number]);

	dealloc_channel(table, self->local_channel_number);
	
        C_WRITE(self->connection,
		format_open_failure(self->remote_channel_number,
				    exc->error_code, e->msg, ""));
	break;
      }
    default:
      EXCEPTION_RAISE(self->super.parent, e);
    }      
}

static struct exception_handler *
make_exc_channel_open_handler(struct ssh_connection *connection,
			      UINT32 local_channel_number,
			      UINT32 remote_channel_number,
			      struct exception_handler *parent)
{
  NEW(exc_channel_open_handler, self);
  self->super.parent = parent;
  self->super.raise = do_exc_channel_open_handler;
  self->connection = connection;
  self->local_channel_number = local_channel_number;
  self->remote_channel_number = remote_channel_number;

  return &self->super;
}

static void do_channel_open(struct packet_handler *c UNUSED,
			    struct ssh_connection *connection,
			    struct lsh_string *packet)
{
  /* CAST(channel_open_handler, closure, c); */

  struct simple_buffer buffer;
  unsigned msg_number;
  int type;
  UINT32 remote_channel_number;
  UINT32 window_size;
  UINT32 max_packet;
  
  simple_buffer_init(&buffer, packet->length, packet->data);

  if (parse_uint8(&buffer, &msg_number)
      && (msg_number == SSH_MSG_CHANNEL_OPEN)
      && parse_atom(&buffer, &type)
      && parse_uint32(&buffer, &remote_channel_number)
      && parse_uint32(&buffer, &window_size)
      && parse_uint32(&buffer, &max_packet))
    {
      struct channel_open *open;

      /* NOTE: We can't free the packet yet, as the buffer is passed
       * to the CHANNEL_OPEN method later. */

      if (connection->table->pending_close)
	{
	  /* We are waiting for channels to close. Don't open any new ones. */

	  C_WRITE(connection,
		  format_open_failure(remote_channel_number,
				      SSH_OPEN_ADMINISTRATIVELY_PROHIBITED,
				      "Waiting for channels to close.", ""));
	}
      else if (!type || !(open = ALIST_GET(connection->table->channel_types,
				      type)))
	{
	  C_WRITE(connection,
		  format_open_failure(remote_channel_number,
				      SSH_OPEN_UNKNOWN_CHANNEL_TYPE,
				      "Unknown channel type", ""));
	}
      else
	{
      	  int local_number = alloc_channel(connection->table);

	  if (local_number < 0)
	    C_WRITE(connection,
		    format_open_failure(remote_channel_number,
					SSH_OPEN_RESOURCE_SHORTAGE,
					"Unknown channel type", ""));

	  
	  
	  CHANNEL_OPEN(open, connection, &buffer,
		       make_channel_open_continuation(connection,
						      local_number,
						      remote_channel_number,
						      window_size,
						      max_packet),
		       make_exc_channel_open_handler(connection,
						     local_number,
						     remote_channel_number,
						     connection->e));
	}
    }
  else
    ERROR(connection->e, "Invalid SSH_MSG_CHANNEL_OPEN message.");

  lsh_string_free(packet);
}     

static void
do_channel_request(struct packet_handler *closure UNUSED,
		   struct ssh_connection *connection,
		   struct lsh_string *packet)
{
  struct simple_buffer buffer;
  unsigned msg_number;
  UINT32 channel_number;
  int type;
  int want_reply;
  
  simple_buffer_init(&buffer, packet->length, packet->data);

  if (parse_uint8(&buffer, &msg_number)
      && (msg_number == SSH_MSG_CHANNEL_REQUEST)
      && parse_uint32(&buffer, &channel_number)
      && parse_atom(&buffer, &type)
      && parse_boolean(&buffer, &want_reply))
    {
      struct ssh_channel *channel = lookup_channel(connection->table,
						   channel_number);

      /* NOTE: We can't free packet yet, because it is not yet fully
       * parsed. There may be some more arguments, which are parsed by
       * the CHANNEL_REQUEST method below. */

      if (channel)
	{
	  struct channel_request *req;

	  if (type && channel->request_types 
	      && ( (req = ALIST_GET(channel->request_types, type)) ))
	    CHANNEL_REQUEST(req, channel, connection, want_reply, &buffer);
	  else
	    {
	      if (want_reply)
		C_WRITE(connection,
			format_channel_failure(channel->channel_number));
	    }
	}
      else
	{
	  werror("SSH_MSG_CHANNEL_REQUEST on nonexistant channel %i\n",
		 channel_number);
	}
    }
  else
    ERROR(connection->e, "Invalid SSH_MSG_CHANNEL_REQUEST message.");
  
  lsh_string_free(packet);
}
      
static void
do_window_adjust(struct packet_handler *closure UNUSED,
		 struct ssh_connection *connection,
		 struct lsh_string *packet)
{
  struct simple_buffer buffer;
  unsigned msg_number;
  UINT32 channel_number;
  UINT32 size;

  simple_buffer_init(&buffer, packet->length, packet->data);

  if (parse_uint8(&buffer, &msg_number)
      && (msg_number == SSH_MSG_CHANNEL_WINDOW_ADJUST)
      && parse_uint32(&buffer, &channel_number)
      && parse_uint32(&buffer, &size)
      && parse_eod(&buffer))
    {
      struct ssh_channel *channel = lookup_channel(connection->table,
						   channel_number);

      lsh_string_free(packet);
      
      if (channel
	  && !(channel->flags & (CHANNEL_RECEIVED_EOF
				 | CHANNEL_RECEIVED_CLOSE)))
	{
	  if (! (channel->flags & CHANNEL_SENT_CLOSE))
	    {
	      channel->send_window_size += size;
	      if (channel->send_window_size && channel->send)
		CHANNEL_SEND(channel);
	    }
	}
      else
	{
	  /* FIXME: What to do now? Should unknown channel numbers be
	   * ignored silently? */
	  werror("SSH_MSG_CHANNEL_WINDOW_ADJUST on nonexistant or closed "
		 "channel %i\n", channel_number);
	  ERROR(connection->e, "Unexpected CHANNEL_WINDOW_ADJUST");
	}
    }
  else
    {
      lsh_string_free(packet);
      ERROR(connection->e, "Invalid CHANNEL_WINDOW_ADJUST message.");
    }
}

static void
do_channel_data(struct packet_handler *closure UNUSED,
		struct ssh_connection *connection,
		struct lsh_string *packet)
{
  struct simple_buffer buffer;
  unsigned msg_number;
  UINT32 channel_number;
  struct lsh_string *data;
  
  simple_buffer_init(&buffer, packet->length, packet->data);

  if (parse_uint8(&buffer, &msg_number)
      && (msg_number == SSH_MSG_CHANNEL_DATA)
      && parse_uint32(&buffer, &channel_number)
      && ( (data = parse_string_copy(&buffer)) )
      && parse_eod(&buffer))
    {
      struct ssh_channel *channel = lookup_channel(connection->table,
						   channel_number);

      lsh_string_free(packet);
      
      if (channel && channel->receive
	  && !(channel->flags & (CHANNEL_RECEIVED_EOF
				 | CHANNEL_RECEIVED_CLOSE)))
	{
	  if (channel->flags & CHANNEL_SENT_CLOSE)
	    {
	      lsh_string_free(data);
	      werror("Ignoring data on channel which is closing\n");
	      return;
	    }
	  else
	    {
	      if (data->length > channel->rec_window_size)
		{
		  /* Truncate data to fit window */
		  werror("Channel data overflow. Extra data ignored.\n"); 
		  data->length = channel->rec_window_size;
		}

	      if (!data->length)
		{
		  /* Ignore data packet */
		  lsh_string_free(data);
		  return;
		}
	      channel->rec_window_size -= data->length;

	      CHANNEL_RECEIVE(channel, CHANNEL_DATA, data);
	    }
	}
      else
	{
	  werror("Data on closed or non-existant channel %i\n",
		 channel_number);
	  lsh_string_free(data);
	}
    }
  else
    {
      lsh_string_free(packet);
      ERROR(connection->e, "Invalid CHANNEL_DATA message.");
    }
}

static void
do_channel_extended_data(struct packet_handler *closure UNUSED,
			 struct ssh_connection *connection,
			 struct lsh_string *packet)
{
  struct simple_buffer buffer;
  unsigned msg_number;
  UINT32 channel_number;
  UINT32 type;
  struct lsh_string *data;
  
  simple_buffer_init(&buffer, packet->length, packet->data);

  if (parse_uint8(&buffer, &msg_number)
      && (msg_number == SSH_MSG_CHANNEL_EXTENDED_DATA)
      && parse_uint32(&buffer, &channel_number)
      && parse_uint32(&buffer, &type)
      && ( (data = parse_string_copy(&buffer)) )
      && parse_eod(&buffer))
    {
      struct ssh_channel *channel = lookup_channel(connection->table,
						   channel_number);

      lsh_string_free(packet);
      
      if (channel && channel->receive
	  && !(channel->flags & (CHANNEL_RECEIVED_EOF
				 | CHANNEL_RECEIVED_CLOSE)))
	{
	  if (channel->flags & CHANNEL_SENT_CLOSE)
	    {
	      lsh_string_free(data);
	      werror("Ignoring extended data on channel which is closing\n");
	      return;
	    }
	  else
	    {
	      if (data->length > channel->rec_window_size)
		{
		  /* Truncate data to fit window */
		  werror("Channel extended data overflow. "
			 "Extra data ignored.\n");
		  data->length = channel->rec_window_size;
		}
	      
	      if (!data->length)
		{
		  /* Ignore data packet */
		  lsh_string_free(data);
		  return;
		}

	      channel->rec_window_size -= data->length;

	      switch(type)
		{
		case SSH_EXTENDED_DATA_STDERR:
		  CHANNEL_RECEIVE(channel, CHANNEL_STDERR_DATA, data);
		  break;
		default:
		  werror("Unknown type %i of extended data.\n",
			 type);
		  lsh_string_free(data);
		}
	    }
	}
      else
	{
	  werror("Extended data on closed or non-existant channel %i\n",
		 channel_number);
	  lsh_string_free(data);
	}
    }
  else
    {
      lsh_string_free(packet);
      ERROR(connection->e, "Invalid CHANNEL_EXTENDED_DATA message.");
    }
}

static void
do_channel_eof(struct packet_handler *closure UNUSED,
	       struct ssh_connection *connection,
	       struct lsh_string *packet)
{
  struct simple_buffer buffer;
  unsigned msg_number;
  UINT32 channel_number;
  
  simple_buffer_init(&buffer, packet->length, packet->data);

  if (parse_uint8(&buffer, &msg_number)
      && (msg_number == SSH_MSG_CHANNEL_EOF)
      && parse_uint32(&buffer, &channel_number)
      && parse_eod(&buffer))
    {
      struct ssh_channel *channel = lookup_channel(connection->table,
						   channel_number);

      lsh_string_free(packet);

      if (channel)
	{
	  if (channel->flags & (CHANNEL_RECEIVED_EOF | CHANNEL_RECEIVED_CLOSE))
	    {
	      werror("Receiving EOF on channel on closed channel.\n");
	      EXCEPTION_RAISE
		(connection->e,
		 make_protocol_exception(SSH_DISCONNECT_PROTOCOL_ERROR,
					 "Received EOF on channel on closed channel."));
	    }
	  else
	    {
	      channel->flags |= CHANNEL_RECEIVED_EOF;
	      
	      if (channel->eof)
		CHANNEL_EOF(channel);
	      else
		/* FIXME: What is a reasonable default behaviour?
		 * Closing the channel may be the right thing to do. */
		if (! (channel->flags & CHANNEL_SENT_CLOSE))
		  channel_close(channel);
	    }
	}
      else
	{
	  werror("EOF on non-existant channel %i\n",
		 channel_number);
	  ERROR(connection->e, "EOF on non-existant channel");
	}
    }
  else
    {
      lsh_string_free(packet);
      ERROR(connection->e, "Invalid CHANNEL_EOF message");
    }
}

static void
do_channel_close(struct packet_handler *closure UNUSED,
		 struct ssh_connection *connection,
		 struct lsh_string *packet)
{
  struct simple_buffer buffer;
  unsigned msg_number;
  UINT32 channel_number;
  
  simple_buffer_init(&buffer, packet->length, packet->data);

  if (parse_uint8(&buffer, &msg_number)
      && (msg_number == SSH_MSG_CHANNEL_CLOSE)
      && parse_uint32(&buffer, &channel_number)
      && parse_eod(&buffer))
    {
      struct ssh_channel *channel = lookup_channel(connection->table,
						   channel_number);

      lsh_string_free(packet);
      
      if (channel)
	{
	  if (channel->flags & CHANNEL_RECEIVED_CLOSE)
	    {
	      werror("Receiving multiple CLOSE on channel.\n");
	      ERROR(connection->e, "Receiving multiple CLOSE on channel.");
	    }
	  else
	    {
	      channel->flags |= CHANNEL_RECEIVED_CLOSE;
	  
	      if (! (channel->flags & (CHANNEL_RECEIVED_EOF | CHANNEL_SENT_EOF
				       | CHANNEL_SENT_CLOSE)))
		{
		  werror("Unexpected channel CLOSE.\n");
		}

	      if (! (channel->flags & (CHANNEL_RECEIVED_EOF))
		  && channel->eof)
		CHANNEL_EOF(channel);

	      if (channel->flags & (CHANNEL_SENT_CLOSE))
		{
		  static const struct exception finish_exception
		    = STATIC_EXCEPTION(EXC_FINISH_CHANNEL, "Received CLOSE message.");
	      
		  EXCEPTION_RAISE(channel->e,
				  &finish_exception);
		}
	      else
		channel_close(channel);
	    }
	}
      else
	{
	  werror("CLOSE on non-existant channel %i\n",
		 channel_number);
	  ERROR(connection->e, "CLOSE on non-existant channel");
	}
    }
  else
    {
      lsh_string_free(packet);
      ERROR(connection->e, "Invalid CHANNEL_CLOSE message");
    }
}

static void
do_channel_open_confirm(struct packet_handler *closure UNUSED,
			struct ssh_connection *connection,
			struct lsh_string *packet)
{
  struct simple_buffer buffer;
  unsigned msg_number;
  UINT32 local_channel_number;
  UINT32 remote_channel_number;  
  UINT32 window_size;
  UINT32 max_packet;
  
  simple_buffer_init(&buffer, packet->length, packet->data);

  if (parse_uint8(&buffer, &msg_number)
      && (msg_number == SSH_MSG_CHANNEL_OPEN_CONFIRMATION)
      && parse_uint32(&buffer, &local_channel_number)
      && parse_uint32(&buffer, &remote_channel_number)
      && parse_uint32(&buffer, &window_size)
      && parse_uint32(&buffer, &max_packet)
      && parse_eod(&buffer))
    {
      struct ssh_channel *channel = lookup_channel(connection->table,
						   local_channel_number);

      lsh_string_free(packet);

      if (channel && channel->open_continuation)
	{
	  struct command_continuation *c = channel->open_continuation;
	  channel->open_continuation = NULL;