diff options
author | djm@openbsd.org <djm@openbsd.org> | 2017-09-12 06:32:07 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2017-09-12 17:37:02 +1000 |
commit | dbee4119b502e3f8b6cd3282c69c537fd01d8e16 (patch) | |
tree | b8a3263a79e0920e8d08f188654f1ccb7c254406 /channels.h | |
parent | abd59663df37a42152e37980113ccaa405b9a282 (diff) |
upstream commit
refactor channels.c
Move static state to a "struct ssh_channels" that is allocated at
runtime and tracked as a member of struct ssh.
Explicitly pass "struct ssh" to all channels functions.
Replace use of the legacy packet APIs in channels.c.
Rework sshd_config PermitOpen handling: previously the configuration
parser would call directly into the channels layer. After the refactor
this is not possible, as the channels structures are allocated at
connection time and aren't available when the configuration is parsed.
The server config parser now tracks PermitOpen itself and explicitly
configures the channels code later.
ok markus@
Upstream-ID: 11828f161656b965cc306576422613614bea2d8f
Diffstat (limited to 'channels.h')
-rw-r--r-- | channels.h | 180 |
1 files changed, 101 insertions, 79 deletions
diff --git a/channels.h b/channels.h index 5ecb4d7c0..f04c43afa 100644 --- a/channels.h +++ b/channels.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: channels.h,v 1.127 2017/08/30 03:59:08 djm Exp $ */ | 1 | /* $OpenBSD: channels.h,v 1.128 2017/09/12 06:32:07 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -64,16 +64,18 @@ | |||
64 | struct ssh; | 64 | struct ssh; |
65 | struct Channel; | 65 | struct Channel; |
66 | typedef struct Channel Channel; | 66 | typedef struct Channel Channel; |
67 | struct fwd_perm_list; | ||
67 | 68 | ||
68 | typedef void channel_open_fn(int, int, void *); | 69 | typedef void channel_open_fn(struct ssh *, int, int, void *); |
69 | typedef void channel_callback_fn(int, void *); | 70 | typedef void channel_callback_fn(struct ssh *, int, void *); |
70 | typedef int channel_infilter_fn(struct Channel *, char *, int); | 71 | typedef int channel_infilter_fn(struct ssh *, struct Channel *, char *, int); |
71 | typedef void channel_filter_cleanup_fn(int, void *); | 72 | typedef void channel_filter_cleanup_fn(struct ssh *, int, void *); |
72 | typedef u_char *channel_outfilter_fn(struct Channel *, u_char **, u_int *); | 73 | typedef u_char *channel_outfilter_fn(struct ssh *, struct Channel *, |
74 | u_char **, size_t *); | ||
73 | 75 | ||
74 | /* Channel success/failure callbacks */ | 76 | /* Channel success/failure callbacks */ |
75 | typedef void channel_confirm_cb(int, struct Channel *, void *); | 77 | typedef void channel_confirm_cb(struct ssh *, int, struct Channel *, void *); |
76 | typedef void channel_confirm_abandon_cb(struct Channel *, void *); | 78 | typedef void channel_confirm_abandon_cb(struct ssh *, struct Channel *, void *); |
77 | struct channel_confirm { | 79 | struct channel_confirm { |
78 | TAILQ_ENTRY(channel_confirm) entry; | 80 | TAILQ_ENTRY(channel_confirm) entry; |
79 | channel_confirm_cb *cb; | 81 | channel_confirm_cb *cb; |
@@ -90,12 +92,13 @@ struct channel_connect { | |||
90 | }; | 92 | }; |
91 | 93 | ||
92 | /* Callbacks for mux channels back into client-specific code */ | 94 | /* Callbacks for mux channels back into client-specific code */ |
93 | typedef int mux_callback_fn(struct Channel *); | 95 | typedef int mux_callback_fn(struct ssh *, struct Channel *); |
94 | 96 | ||
95 | struct Channel { | 97 | struct Channel { |
96 | int type; /* channel type/state */ | 98 | int type; /* channel type/state */ |
97 | int self; /* my own channel identifier */ | 99 | int self; /* my own channel identifier */ |
98 | int remote_id; /* channel identifier for remote peer */ | 100 | int remote_id; /* channel identifier for remote peer */ |
101 | /* XXX should be uint32_t */ | ||
99 | u_int istate; /* input from channel (state of receive half) */ | 102 | u_int istate; /* input from channel (state of receive half) */ |
100 | u_int ostate; /* output to channel (state of transmit half) */ | 103 | u_int ostate; /* output to channel (state of transmit half) */ |
101 | int flags; /* close sent/rcvd */ | 104 | int flags; /* close sent/rcvd */ |
@@ -116,11 +119,12 @@ struct Channel { | |||
116 | * to a matching pre-select handler. | 119 | * to a matching pre-select handler. |
117 | * this way post-select handlers are not | 120 | * this way post-select handlers are not |
118 | * accidentally called if a FD gets reused */ | 121 | * accidentally called if a FD gets reused */ |
119 | Buffer input; /* data read from socket, to be sent over | 122 | struct sshbuf *input; /* data read from socket, to be sent over |
120 | * encrypted connection */ | 123 | * encrypted connection */ |
121 | Buffer output; /* data received over encrypted connection for | 124 | struct sshbuf *output; /* data received over encrypted connection for |
122 | * send on socket */ | 125 | * send on socket */ |
123 | Buffer extended; | 126 | struct sshbuf *extended; |
127 | |||
124 | char *path; | 128 | char *path; |
125 | /* path for unix domain sockets, or host name for forwards */ | 129 | /* path for unix domain sockets, or host name for forwards */ |
126 | int listening_port; /* port being listened for forwards */ | 130 | int listening_port; /* port being listened for forwards */ |
@@ -156,6 +160,7 @@ struct Channel { | |||
156 | int datagram; | 160 | int datagram; |
157 | 161 | ||
158 | /* non-blocking connect */ | 162 | /* non-blocking connect */ |
163 | /* XXX make this a pointer so the structure can be opaque */ | ||
159 | struct channel_connect connect_ctx; | 164 | struct channel_connect connect_ctx; |
160 | 165 | ||
161 | /* multiplexing protocol hook, called for each packet received */ | 166 | /* multiplexing protocol hook, called for each packet received */ |
@@ -195,44 +200,55 @@ struct Channel { | |||
195 | #define CHAN_EOF_RCVD 0x08 | 200 | #define CHAN_EOF_RCVD 0x08 |
196 | #define CHAN_LOCAL 0x10 | 201 | #define CHAN_LOCAL 0x10 |
197 | 202 | ||
198 | #define CHAN_RBUF 16*1024 | 203 | /* Read buffer size */ |
204 | #define CHAN_RBUF (16*1024) | ||
205 | |||
206 | /* Hard limit on number of channels */ | ||
207 | #define CHANNELS_MAX_CHANNELS (16*1024) | ||
199 | 208 | ||
200 | /* check whether 'efd' is still in use */ | 209 | /* check whether 'efd' is still in use */ |
201 | #define CHANNEL_EFD_INPUT_ACTIVE(c) \ | 210 | #define CHANNEL_EFD_INPUT_ACTIVE(c) \ |
202 | (c->extended_usage == CHAN_EXTENDED_READ && \ | 211 | (c->extended_usage == CHAN_EXTENDED_READ && \ |
203 | (c->efd != -1 || \ | 212 | (c->efd != -1 || \ |
204 | buffer_len(&c->extended) > 0)) | 213 | sshbuf_len(c->extended) > 0)) |
205 | #define CHANNEL_EFD_OUTPUT_ACTIVE(c) \ | 214 | #define CHANNEL_EFD_OUTPUT_ACTIVE(c) \ |
206 | (c->extended_usage == CHAN_EXTENDED_WRITE && \ | 215 | (c->extended_usage == CHAN_EXTENDED_WRITE && \ |
207 | c->efd != -1 && (!(c->flags & (CHAN_EOF_RCVD|CHAN_CLOSE_RCVD)) || \ | 216 | c->efd != -1 && (!(c->flags & (CHAN_EOF_RCVD|CHAN_CLOSE_RCVD)) || \ |
208 | buffer_len(&c->extended) > 0)) | 217 | sshbuf_len(c->extended) > 0)) |
218 | |||
219 | /* Add channel management structures to SSH transport instance */ | ||
220 | void channel_init_channels(struct ssh *ssh); | ||
209 | 221 | ||
210 | /* channel management */ | 222 | /* channel management */ |
211 | 223 | ||
212 | Channel *channel_by_id(int); | 224 | Channel *channel_by_id(struct ssh *, int); |
213 | Channel *channel_by_remote_id(int); | 225 | Channel *channel_by_remote_id(struct ssh *, int); |
214 | Channel *channel_lookup(int); | 226 | Channel *channel_lookup(struct ssh *, int); |
215 | Channel *channel_new(char *, int, int, int, int, u_int, u_int, int, char *, int); | 227 | Channel *channel_new(struct ssh *, char *, int, int, int, int, |
216 | void channel_set_fds(int, int, int, int, int, int, int, u_int); | 228 | u_int, u_int, int, char *, int); |
217 | void channel_free(Channel *); | 229 | void channel_set_fds(struct ssh *, int, int, int, int, int, |
218 | void channel_free_all(void); | 230 | int, int, u_int); |
219 | void channel_stop_listening(void); | 231 | void channel_free(struct ssh *, Channel *); |
220 | 232 | void channel_free_all(struct ssh *); | |
221 | void channel_send_open(int); | 233 | void channel_stop_listening(struct ssh *); |
222 | void channel_request_start(int, char *, int); | 234 | |
223 | void channel_register_cleanup(int, channel_callback_fn *, int); | 235 | void channel_send_open(struct ssh *, int); |
224 | void channel_register_open_confirm(int, channel_open_fn *, void *); | 236 | void channel_request_start(struct ssh *, int, char *, int); |
225 | void channel_register_filter(int, channel_infilter_fn *, | 237 | void channel_register_cleanup(struct ssh *, int, |
226 | channel_outfilter_fn *, channel_filter_cleanup_fn *, void *); | 238 | channel_callback_fn *, int); |
227 | void channel_register_status_confirm(int, channel_confirm_cb *, | 239 | void channel_register_open_confirm(struct ssh *, int, |
228 | channel_confirm_abandon_cb *, void *); | 240 | channel_open_fn *, void *); |
229 | void channel_cancel_cleanup(int); | 241 | void channel_register_filter(struct ssh *, int, channel_infilter_fn *, |
230 | int channel_close_fd(int *); | 242 | channel_outfilter_fn *, channel_filter_cleanup_fn *, void *); |
231 | void channel_send_window_changes(void); | 243 | void channel_register_status_confirm(struct ssh *, int, |
244 | channel_confirm_cb *, channel_confirm_abandon_cb *, void *); | ||
245 | void channel_cancel_cleanup(struct ssh *, int); | ||
246 | int channel_close_fd(struct ssh *, int *); | ||
247 | void channel_send_window_changes(struct ssh *); | ||
232 | 248 | ||
233 | /* mux proxy support */ | 249 | /* mux proxy support */ |
234 | 250 | ||
235 | int channel_proxy_downstream(Channel *mc); | 251 | int channel_proxy_downstream(struct ssh *, Channel *mc); |
236 | int channel_proxy_upstream(Channel *, int, u_int32_t, struct ssh *); | 252 | int channel_proxy_upstream(Channel *, int, u_int32_t, struct ssh *); |
237 | 253 | ||
238 | /* protocol handler */ | 254 | /* protocol handler */ |
@@ -252,63 +268,69 @@ int channel_input_status_confirm(int, u_int32_t, struct ssh *); | |||
252 | void channel_prepare_select(struct ssh *, fd_set **, fd_set **, int *, | 268 | void channel_prepare_select(struct ssh *, fd_set **, fd_set **, int *, |
253 | u_int*, time_t*); | 269 | u_int*, time_t*); |
254 | void channel_after_select(struct ssh *, fd_set *, fd_set *); | 270 | void channel_after_select(struct ssh *, fd_set *, fd_set *); |
255 | void channel_output_poll(void); | 271 | void channel_output_poll(struct ssh *); |
256 | 272 | ||
257 | int channel_not_very_much_buffered_data(void); | 273 | int channel_not_very_much_buffered_data(struct ssh *); |
258 | void channel_close_all(void); | 274 | void channel_close_all(struct ssh *); |
259 | int channel_still_open(void); | 275 | int channel_still_open(struct ssh *); |
260 | char *channel_open_message(void); | 276 | char *channel_open_message(struct ssh *); |
261 | int channel_find_open(void); | 277 | int channel_find_open(struct ssh *); |
262 | 278 | ||
263 | /* tcp forwarding */ | 279 | /* tcp forwarding */ |
264 | struct Forward; | 280 | struct Forward; |
265 | struct ForwardOptions; | 281 | struct ForwardOptions; |
266 | void channel_set_af(int af); | 282 | void channel_set_af(struct ssh *, int af); |
267 | void channel_permit_all_opens(void); | 283 | void channel_permit_all_opens(struct ssh *); |
268 | void channel_add_permitted_opens(char *, int); | 284 | void channel_add_permitted_opens(struct ssh *, char *, int); |
269 | int channel_add_adm_permitted_opens(char *, int); | 285 | int channel_add_adm_permitted_opens(struct ssh *, char *, int); |
270 | void channel_disable_adm_local_opens(void); | 286 | void channel_copy_adm_permitted_opens(struct ssh *, |
271 | void channel_update_permitted_opens(int, int); | 287 | const struct fwd_perm_list *); |
272 | void channel_clear_permitted_opens(void); | 288 | void channel_disable_adm_local_opens(struct ssh *); |
273 | void channel_clear_adm_permitted_opens(void); | 289 | void channel_update_permitted_opens(struct ssh *, int, int); |
274 | void channel_print_adm_permitted_opens(void); | 290 | void channel_clear_permitted_opens(struct ssh *); |
275 | Channel *channel_connect_to_port(const char *, u_short, char *, char *, int *, | 291 | void channel_clear_adm_permitted_opens(struct ssh *); |
276 | const char **); | 292 | void channel_print_adm_permitted_opens(struct ssh *); |
277 | Channel *channel_connect_to_path(const char *, char *, char *); | 293 | Channel *channel_connect_to_port(struct ssh *, const char *, u_short, |
278 | Channel *channel_connect_stdio_fwd(const char*, u_short, int, int); | 294 | char *, char *, int *, const char **); |
279 | Channel *channel_connect_by_listen_address(const char *, u_short, | 295 | Channel *channel_connect_to_path(struct ssh *, const char *, char *, char *); |
280 | char *, char *); | 296 | Channel *channel_connect_stdio_fwd(struct ssh *, const char*, |
281 | Channel *channel_connect_by_listen_path(const char *, char *, char *); | 297 | u_short, int, int); |
282 | int channel_request_remote_forwarding(struct Forward *); | 298 | Channel *channel_connect_by_listen_address(struct ssh *, const char *, |
283 | int channel_setup_local_fwd_listener(struct Forward *, struct ForwardOptions *); | 299 | u_short, char *, char *); |
284 | int channel_request_rforward_cancel(struct Forward *); | 300 | Channel *channel_connect_by_listen_path(struct ssh *, const char *, |
285 | int channel_setup_remote_fwd_listener(struct Forward *, int *, struct ForwardOptions *); | 301 | char *, char *); |
286 | int channel_cancel_rport_listener(struct Forward *); | 302 | int channel_request_remote_forwarding(struct ssh *, struct Forward *); |
287 | int channel_cancel_lport_listener(struct Forward *, int, struct ForwardOptions *); | 303 | int channel_setup_local_fwd_listener(struct ssh *, struct Forward *, |
304 | struct ForwardOptions *); | ||
305 | int channel_request_rforward_cancel(struct ssh *, struct Forward *); | ||
306 | int channel_setup_remote_fwd_listener(struct ssh *, struct Forward *, | ||
307 | int *, struct ForwardOptions *); | ||
308 | int channel_cancel_rport_listener(struct ssh *, struct Forward *); | ||
309 | int channel_cancel_lport_listener(struct ssh *, struct Forward *, | ||
310 | int, struct ForwardOptions *); | ||
288 | int permitopen_port(const char *); | 311 | int permitopen_port(const char *); |
289 | 312 | ||
290 | /* x11 forwarding */ | 313 | /* x11 forwarding */ |
291 | 314 | ||
292 | void channel_set_x11_refuse_time(u_int); | 315 | void channel_set_x11_refuse_time(struct ssh *, u_int); |
293 | int x11_connect_display(void); | 316 | int x11_connect_display(struct ssh *); |
294 | int x11_create_display_inet(int, int, int, u_int *, int **); | 317 | int x11_create_display_inet(struct ssh *, int, int, int, u_int *, int **); |
295 | void x11_request_forwarding_with_spoofing(int, const char *, const char *, | 318 | void x11_request_forwarding_with_spoofing(struct ssh *, int, |
296 | const char *, int); | 319 | const char *, const char *, const char *, int); |
297 | 320 | ||
298 | /* channel close */ | 321 | /* channel close */ |
299 | 322 | ||
300 | int chan_is_dead(Channel *, int); | 323 | int chan_is_dead(struct ssh *, Channel *, int); |
301 | void chan_mark_dead(Channel *); | 324 | void chan_mark_dead(struct ssh *, Channel *); |
302 | 325 | ||
303 | /* channel events */ | 326 | /* channel events */ |
304 | 327 | ||
305 | void chan_rcvd_oclose(Channel *); | 328 | void chan_rcvd_oclose(struct ssh *, Channel *); |
306 | void chan_rcvd_eow(Channel *); /* SSH2-only */ | 329 | void chan_rcvd_eow(struct ssh *, Channel *); |
307 | void chan_read_failed(Channel *); | 330 | void chan_read_failed(struct ssh *, Channel *); |
308 | void chan_ibuf_empty(Channel *); | 331 | void chan_ibuf_empty(struct ssh *, Channel *); |
309 | 332 | void chan_rcvd_ieof(struct ssh *, Channel *); | |
310 | void chan_rcvd_ieof(Channel *); | 333 | void chan_write_failed(struct ssh *, Channel *); |
311 | void chan_write_failed(Channel *); | 334 | void chan_obuf_empty(struct ssh *, Channel *); |
312 | void chan_obuf_empty(Channel *); | ||
313 | 335 | ||
314 | #endif | 336 | #endif |