upstream commit

refactor channels.c

Move static state to a "struct ssh_channels" that is allocated at
runtime and tracked as a member of struct ssh.

Explicitly pass "struct ssh" to all channels functions.

Replace use of the legacy packet APIs in channels.c.

Rework sshd_config PermitOpen handling: previously the configuration
parser would call directly into the channels layer. After the refactor
this is not possible, as the channels structures are allocated at
connection time and aren't available when the configuration is parsed.
The server config parser now tracks PermitOpen itself and explicitly
configures the channels code later.

ok markus@

Upstream-ID: 11828f161656b965cc306576422613614bea2d8f

1 files changed, 66 insertions, 21 deletions

diff --git a/servconf.c b/servconf.c
index ed1fc71cf..e0e43c3dd 100644
--- a/servconf.c
+++ b/servconf.c
@@ -1,5 +1,5 @@
 
-/* $OpenBSD: servconf.c,v 1.309 2017/06/24 06:34:38 djm Exp $ */
+/* $OpenBSD: servconf.c,v 1.310 2017/09/12 06:32:07 djm Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -149,7 +149,7 @@ initialize_server_options(ServerOptions *options)
         options->num_authkeys_files = 0;
         options->num_accept_env = 0;
         options->permit_tun = -1;
-        options->num_permitted_opens = -1;
+        options->permitted_opens = NULL;
         options->adm_forced_command = NULL;
         options->chroot_directory = NULL;
         options->authorized_keys_command = NULL;
@@ -697,6 +697,44 @@ process_queued_listen_addrs(ServerOptions *options)
         options->num_queued_listens = 0;
 }
 
+/*
+ * Inform channels layer of permitopen options from configuration.
+ */
+void
+process_permitopen(struct ssh *ssh, ServerOptions *options)
+{
+        u_int i;
+        int port;
+        char *host, *arg, *oarg;
+
+        channel_clear_adm_permitted_opens(ssh);
+        if (options->num_permitted_opens == 0)
+                return; /* permit any */
+
+        /* handle keywords: "any" / "none" */
+        if (options->num_permitted_opens == 1 &&
+            strcmp(options->permitted_opens[0], "any") == 0)
+                return;
+        if (options->num_permitted_opens == 1 &&
+            strcmp(options->permitted_opens[0], "none") == 0) {
+                channel_disable_adm_local_opens(ssh);
+                return;
+        }
+        /* Otherwise treat it as a list of permitted host:port */
+        for (i = 0; i < options->num_permitted_opens; i++) {
+                oarg = arg = xstrdup(options->permitted_opens[i]);
+                host = hpdelim(&arg);
+                if (host == NULL)
+                        fatal("%s: missing host in PermitOpen", __func__);
+                host = cleanhostname(host);
+                if (arg == NULL || ((port = permitopen_port(arg)) < 0))
+                        fatal("%s: bad port number in PermitOpen", __func__);
+                /* Send it to channels layer */
+                channel_add_adm_permitted_opens(ssh, host, port);
+                free(oarg);
+        }
+}
+
 struct connection_info *
 get_connection_info(int populate, int use_dns)
 {
@@ -954,7 +992,7 @@ process_server_config_line(ServerOptions *options, char *line,
     const char *filename, int linenum, int *activep,
     struct connection_info *connectinfo)
 {
-        char *cp, **charptr, *arg, *p;
+        char *cp, **charptr, *arg, *arg2, *p;
         int cmdline = 0, *intptr, value, value2, n, port;
         SyslogFacility *log_facility_ptr;
         LogLevel *log_level_ptr;
@@ -1625,24 +1663,17 @@ process_server_config_line(ServerOptions *options, char *line,
                 if (!arg || *arg == '\0')
                         fatal("%s line %d: missing PermitOpen specification",
                             filename, linenum);
-                n = options->num_permitted_opens;       /* modified later */
-                if (strcmp(arg, "any") == 0) {
-                        if (*activep && n == -1) {
-                                channel_clear_adm_permitted_opens();
-                                options->num_permitted_opens = 0;
-                        }
-                        break;
-                }
-                if (strcmp(arg, "none") == 0) {
-                        if (*activep && n == -1) {
+                i = options->num_permitted_opens;       /* modified later */
+                if (strcmp(arg, "any") == 0 || strcmp(arg, "none") == 0) {
+                        if (*activep && i == 0)
                                 options->num_permitted_opens = 1;
-                                channel_disable_adm_local_opens();
-                        }
+                                options->permitted_opens = xcalloc(1,
+                                    sizeof(*options->permitted_opens));
+                                options->permitted_opens[0] = xstrdup(arg);
                         break;
                 }
-                if (*activep && n == -1)
-                        channel_clear_adm_permitted_opens();
                 for (; arg != NULL && *arg != '\0'; arg = strdelim(&cp)) {
+                        arg2 = xstrdup(arg);
                         p = hpdelim(&arg);
                         if (p == NULL)
                                 fatal("%s line %d: missing host in PermitOpen",
@@ -1651,9 +1682,16 @@ process_server_config_line(ServerOptions *options, char *line,
                         if (arg == NULL || ((port = permitopen_port(arg)) < 0))
                                 fatal("%s line %d: bad port number in "
                                     "PermitOpen", filename, linenum);
-                        if (*activep && n == -1)
-                                options->num_permitted_opens =
-                                    channel_add_adm_permitted_opens(p, port);
+                        if (*activep && i == 0) {
+                                options->permitted_opens = xrecallocarray(
+                                    options->permitted_opens,
+                                    options->num_permitted_opens,
+                                    options->num_permitted_opens + 1,
+                                    sizeof(*options->permitted_opens));
+                                i = options->num_permitted_opens++;
+                                options->permitted_opens[i] = arg2;
+                        } else
+                                free(arg2);
                 }
                 break;
 
@@ -2352,5 +2390,12 @@ dump_config(ServerOptions *o)
         printf("rekeylimit %llu %d\n", (unsigned long long)o->rekey_limit,
             o->rekey_interval);
 
-        channel_print_adm_permitted_opens();
+        printf("permitopen");
+        if (o->num_permitted_opens == 0)
+                printf(" any");
+        else {
+                for (i = 0; i < o->num_permitted_opens; i++)
+                        printf(" %s", o->permitted_opens[i]);
+        }
+        printf("\n");
 }