summaryrefslogtreecommitdiff
path: root/channels.h
diff options
context:
space:
mode:
authordjm@openbsd.org <djm@openbsd.org>2017-09-12 06:32:07 +0000
committerDamien Miller <djm@mindrot.org>2017-09-12 17:37:02 +1000
commitdbee4119b502e3f8b6cd3282c69c537fd01d8e16 (patch)
treeb8a3263a79e0920e8d08f188654f1ccb7c254406 /channels.h
parentabd59663df37a42152e37980113ccaa405b9a282 (diff)
upstream commit
refactor channels.c Move static state to a "struct ssh_channels" that is allocated at runtime and tracked as a member of struct ssh. Explicitly pass "struct ssh" to all channels functions. Replace use of the legacy packet APIs in channels.c. Rework sshd_config PermitOpen handling: previously the configuration parser would call directly into the channels layer. After the refactor this is not possible, as the channels structures are allocated at connection time and aren't available when the configuration is parsed. The server config parser now tracks PermitOpen itself and explicitly configures the channels code later. ok markus@ Upstream-ID: 11828f161656b965cc306576422613614bea2d8f
Diffstat (limited to 'channels.h')
-rw-r--r--channels.h180
1 files changed, 101 insertions, 79 deletions
diff --git a/channels.h b/channels.h
index 5ecb4d7c0..f04c43afa 100644
--- a/channels.h
+++ b/channels.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: channels.h,v 1.127 2017/08/30 03:59:08 djm Exp $ */ 1/* $OpenBSD: channels.h,v 1.128 2017/09/12 06:32:07 djm Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -64,16 +64,18 @@
64struct ssh; 64struct ssh;
65struct Channel; 65struct Channel;
66typedef struct Channel Channel; 66typedef struct Channel Channel;
67struct fwd_perm_list;
67 68
68typedef void channel_open_fn(int, int, void *); 69typedef void channel_open_fn(struct ssh *, int, int, void *);
69typedef void channel_callback_fn(int, void *); 70typedef void channel_callback_fn(struct ssh *, int, void *);
70typedef int channel_infilter_fn(struct Channel *, char *, int); 71typedef int channel_infilter_fn(struct ssh *, struct Channel *, char *, int);
71typedef void channel_filter_cleanup_fn(int, void *); 72typedef void channel_filter_cleanup_fn(struct ssh *, int, void *);
72typedef u_char *channel_outfilter_fn(struct Channel *, u_char **, u_int *); 73typedef u_char *channel_outfilter_fn(struct ssh *, struct Channel *,
74 u_char **, size_t *);
73 75
74/* Channel success/failure callbacks */ 76/* Channel success/failure callbacks */
75typedef void channel_confirm_cb(int, struct Channel *, void *); 77typedef void channel_confirm_cb(struct ssh *, int, struct Channel *, void *);
76typedef void channel_confirm_abandon_cb(struct Channel *, void *); 78typedef void channel_confirm_abandon_cb(struct ssh *, struct Channel *, void *);
77struct channel_confirm { 79struct channel_confirm {
78 TAILQ_ENTRY(channel_confirm) entry; 80 TAILQ_ENTRY(channel_confirm) entry;
79 channel_confirm_cb *cb; 81 channel_confirm_cb *cb;
@@ -90,12 +92,13 @@ struct channel_connect {
90}; 92};
91 93
92/* Callbacks for mux channels back into client-specific code */ 94/* Callbacks for mux channels back into client-specific code */
93typedef int mux_callback_fn(struct Channel *); 95typedef int mux_callback_fn(struct ssh *, struct Channel *);
94 96
95struct Channel { 97struct Channel {
96 int type; /* channel type/state */ 98 int type; /* channel type/state */
97 int self; /* my own channel identifier */ 99 int self; /* my own channel identifier */
98 int remote_id; /* channel identifier for remote peer */ 100 int remote_id; /* channel identifier for remote peer */
101 /* XXX should be uint32_t */
99 u_int istate; /* input from channel (state of receive half) */ 102 u_int istate; /* input from channel (state of receive half) */
100 u_int ostate; /* output to channel (state of transmit half) */ 103 u_int ostate; /* output to channel (state of transmit half) */
101 int flags; /* close sent/rcvd */ 104 int flags; /* close sent/rcvd */
@@ -116,11 +119,12 @@ struct Channel {
116 * to a matching pre-select handler. 119 * to a matching pre-select handler.
117 * this way post-select handlers are not 120 * this way post-select handlers are not
118 * accidentally called if a FD gets reused */ 121 * accidentally called if a FD gets reused */
119 Buffer input; /* data read from socket, to be sent over 122 struct sshbuf *input; /* data read from socket, to be sent over
120 * encrypted connection */ 123 * encrypted connection */
121 Buffer output; /* data received over encrypted connection for 124 struct sshbuf *output; /* data received over encrypted connection for
122 * send on socket */ 125 * send on socket */
123 Buffer extended; 126 struct sshbuf *extended;
127
124 char *path; 128 char *path;
125 /* path for unix domain sockets, or host name for forwards */ 129 /* path for unix domain sockets, or host name for forwards */
126 int listening_port; /* port being listened for forwards */ 130 int listening_port; /* port being listened for forwards */
@@ -156,6 +160,7 @@ struct Channel {
156 int datagram; 160 int datagram;
157 161
158 /* non-blocking connect */ 162 /* non-blocking connect */
163 /* XXX make this a pointer so the structure can be opaque */
159 struct channel_connect connect_ctx; 164 struct channel_connect connect_ctx;
160 165
161 /* multiplexing protocol hook, called for each packet received */ 166 /* multiplexing protocol hook, called for each packet received */
@@ -195,44 +200,55 @@ struct Channel {
195#define CHAN_EOF_RCVD 0x08 200#define CHAN_EOF_RCVD 0x08
196#define CHAN_LOCAL 0x10 201#define CHAN_LOCAL 0x10
197 202
198#define CHAN_RBUF 16*1024 203/* Read buffer size */
204#define CHAN_RBUF (16*1024)
205
206/* Hard limit on number of channels */
207#define CHANNELS_MAX_CHANNELS (16*1024)
199 208
200/* check whether 'efd' is still in use */ 209/* check whether 'efd' is still in use */
201#define CHANNEL_EFD_INPUT_ACTIVE(c) \ 210#define CHANNEL_EFD_INPUT_ACTIVE(c) \
202 (c->extended_usage == CHAN_EXTENDED_READ && \ 211 (c->extended_usage == CHAN_EXTENDED_READ && \
203 (c->efd != -1 || \ 212 (c->efd != -1 || \
204 buffer_len(&c->extended) > 0)) 213 sshbuf_len(c->extended) > 0))
205#define CHANNEL_EFD_OUTPUT_ACTIVE(c) \ 214#define CHANNEL_EFD_OUTPUT_ACTIVE(c) \
206 (c->extended_usage == CHAN_EXTENDED_WRITE && \ 215 (c->extended_usage == CHAN_EXTENDED_WRITE && \
207 c->efd != -1 && (!(c->flags & (CHAN_EOF_RCVD|CHAN_CLOSE_RCVD)) || \ 216 c->efd != -1 && (!(c->flags & (CHAN_EOF_RCVD|CHAN_CLOSE_RCVD)) || \
208 buffer_len(&c->extended) > 0)) 217 sshbuf_len(c->extended) > 0))
218
219/* Add channel management structures to SSH transport instance */
220void channel_init_channels(struct ssh *ssh);
209 221
210/* channel management */ 222/* channel management */
211 223
212Channel *channel_by_id(int); 224Channel *channel_by_id(struct ssh *, int);
213Channel *channel_by_remote_id(int); 225Channel *channel_by_remote_id(struct ssh *, int);
214Channel *channel_lookup(int); 226Channel *channel_lookup(struct ssh *, int);
215Channel *channel_new(char *, int, int, int, int, u_int, u_int, int, char *, int); 227Channel *channel_new(struct ssh *, char *, int, int, int, int,
216void channel_set_fds(int, int, int, int, int, int, int, u_int); 228 u_int, u_int, int, char *, int);
217void channel_free(Channel *); 229void channel_set_fds(struct ssh *, int, int, int, int, int,
218void channel_free_all(void); 230 int, int, u_int);
219void channel_stop_listening(void); 231void channel_free(struct ssh *, Channel *);
220 232void channel_free_all(struct ssh *);
221void channel_send_open(int); 233void channel_stop_listening(struct ssh *);
222void channel_request_start(int, char *, int); 234
223void channel_register_cleanup(int, channel_callback_fn *, int); 235void channel_send_open(struct ssh *, int);
224void channel_register_open_confirm(int, channel_open_fn *, void *); 236void channel_request_start(struct ssh *, int, char *, int);
225void channel_register_filter(int, channel_infilter_fn *, 237void channel_register_cleanup(struct ssh *, int,
226 channel_outfilter_fn *, channel_filter_cleanup_fn *, void *); 238 channel_callback_fn *, int);
227void channel_register_status_confirm(int, channel_confirm_cb *, 239void channel_register_open_confirm(struct ssh *, int,
228 channel_confirm_abandon_cb *, void *); 240 channel_open_fn *, void *);
229void channel_cancel_cleanup(int); 241void channel_register_filter(struct ssh *, int, channel_infilter_fn *,
230int channel_close_fd(int *); 242 channel_outfilter_fn *, channel_filter_cleanup_fn *, void *);
231void channel_send_window_changes(void); 243void channel_register_status_confirm(struct ssh *, int,
244 channel_confirm_cb *, channel_confirm_abandon_cb *, void *);
245void channel_cancel_cleanup(struct ssh *, int);
246int channel_close_fd(struct ssh *, int *);
247void channel_send_window_changes(struct ssh *);
232 248
233/* mux proxy support */ 249/* mux proxy support */
234 250
235int channel_proxy_downstream(Channel *mc); 251int channel_proxy_downstream(struct ssh *, Channel *mc);
236int channel_proxy_upstream(Channel *, int, u_int32_t, struct ssh *); 252int channel_proxy_upstream(Channel *, int, u_int32_t, struct ssh *);
237 253
238/* protocol handler */ 254/* protocol handler */
@@ -252,63 +268,69 @@ int channel_input_status_confirm(int, u_int32_t, struct ssh *);
252void channel_prepare_select(struct ssh *, fd_set **, fd_set **, int *, 268void channel_prepare_select(struct ssh *, fd_set **, fd_set **, int *,
253 u_int*, time_t*); 269 u_int*, time_t*);
254void channel_after_select(struct ssh *, fd_set *, fd_set *); 270void channel_after_select(struct ssh *, fd_set *, fd_set *);
255void channel_output_poll(void); 271void channel_output_poll(struct ssh *);
256 272
257int channel_not_very_much_buffered_data(void); 273int channel_not_very_much_buffered_data(struct ssh *);
258void channel_close_all(void); 274void channel_close_all(struct ssh *);
259int channel_still_open(void); 275int channel_still_open(struct ssh *);
260char *channel_open_message(void); 276char *channel_open_message(struct ssh *);
261int channel_find_open(void); 277int channel_find_open(struct ssh *);
262 278
263/* tcp forwarding */ 279/* tcp forwarding */
264struct Forward; 280struct Forward;
265struct ForwardOptions; 281struct ForwardOptions;
266void channel_set_af(int af); 282void channel_set_af(struct ssh *, int af);
267void channel_permit_all_opens(void); 283void channel_permit_all_opens(struct ssh *);
268void channel_add_permitted_opens(char *, int); 284void channel_add_permitted_opens(struct ssh *, char *, int);
269int channel_add_adm_permitted_opens(char *, int); 285int channel_add_adm_permitted_opens(struct ssh *, char *, int);
270void channel_disable_adm_local_opens(void); 286void channel_copy_adm_permitted_opens(struct ssh *,
271void channel_update_permitted_opens(int, int); 287 const struct fwd_perm_list *);
272void channel_clear_permitted_opens(void); 288void channel_disable_adm_local_opens(struct ssh *);
273void channel_clear_adm_permitted_opens(void); 289void channel_update_permitted_opens(struct ssh *, int, int);
274void channel_print_adm_permitted_opens(void); 290void channel_clear_permitted_opens(struct ssh *);
275Channel *channel_connect_to_port(const char *, u_short, char *, char *, int *, 291void channel_clear_adm_permitted_opens(struct ssh *);
276 const char **); 292void channel_print_adm_permitted_opens(struct ssh *);
277Channel *channel_connect_to_path(const char *, char *, char *); 293Channel *channel_connect_to_port(struct ssh *, const char *, u_short,
278Channel *channel_connect_stdio_fwd(const char*, u_short, int, int); 294 char *, char *, int *, const char **);
279Channel *channel_connect_by_listen_address(const char *, u_short, 295Channel *channel_connect_to_path(struct ssh *, const char *, char *, char *);
280 char *, char *); 296Channel *channel_connect_stdio_fwd(struct ssh *, const char*,
281Channel *channel_connect_by_listen_path(const char *, char *, char *); 297 u_short, int, int);
282int channel_request_remote_forwarding(struct Forward *); 298Channel *channel_connect_by_listen_address(struct ssh *, const char *,
283int channel_setup_local_fwd_listener(struct Forward *, struct ForwardOptions *); 299 u_short, char *, char *);
284int channel_request_rforward_cancel(struct Forward *); 300Channel *channel_connect_by_listen_path(struct ssh *, const char *,
285int channel_setup_remote_fwd_listener(struct Forward *, int *, struct ForwardOptions *); 301 char *, char *);
286int channel_cancel_rport_listener(struct Forward *); 302int channel_request_remote_forwarding(struct ssh *, struct Forward *);
287int channel_cancel_lport_listener(struct Forward *, int, struct ForwardOptions *); 303int channel_setup_local_fwd_listener(struct ssh *, struct Forward *,
304 struct ForwardOptions *);
305int channel_request_rforward_cancel(struct ssh *, struct Forward *);
306int channel_setup_remote_fwd_listener(struct ssh *, struct Forward *,
307 int *, struct ForwardOptions *);
308int channel_cancel_rport_listener(struct ssh *, struct Forward *);
309int channel_cancel_lport_listener(struct ssh *, struct Forward *,
310 int, struct ForwardOptions *);
288int permitopen_port(const char *); 311int permitopen_port(const char *);
289 312
290/* x11 forwarding */ 313/* x11 forwarding */
291 314
292void channel_set_x11_refuse_time(u_int); 315void channel_set_x11_refuse_time(struct ssh *, u_int);
293int x11_connect_display(void); 316int x11_connect_display(struct ssh *);
294int x11_create_display_inet(int, int, int, u_int *, int **); 317int x11_create_display_inet(struct ssh *, int, int, int, u_int *, int **);
295void x11_request_forwarding_with_spoofing(int, const char *, const char *, 318void x11_request_forwarding_with_spoofing(struct ssh *, int,
296 const char *, int); 319 const char *, const char *, const char *, int);
297 320
298/* channel close */ 321/* channel close */
299 322
300int chan_is_dead(Channel *, int); 323int chan_is_dead(struct ssh *, Channel *, int);
301void chan_mark_dead(Channel *); 324void chan_mark_dead(struct ssh *, Channel *);
302 325
303/* channel events */ 326/* channel events */
304 327
305void chan_rcvd_oclose(Channel *); 328void chan_rcvd_oclose(struct ssh *, Channel *);
306void chan_rcvd_eow(Channel *); /* SSH2-only */ 329void chan_rcvd_eow(struct ssh *, Channel *);
307void chan_read_failed(Channel *); 330void chan_read_failed(struct ssh *, Channel *);
308void chan_ibuf_empty(Channel *); 331void chan_ibuf_empty(struct ssh *, Channel *);
309 332void chan_rcvd_ieof(struct ssh *, Channel *);
310void chan_rcvd_ieof(Channel *); 333void chan_write_failed(struct ssh *, Channel *);
311void chan_write_failed(Channel *); 334void chan_obuf_empty(struct ssh *, Channel *);
312void chan_obuf_empty(Channel *);
313 335
314#endif 336#endif