upstream commit

refactor channels.c Move static state to a "struct ssh_channels" that is allocated at runtime and tracked as a member of struct ssh. Explicitly pass "struct ssh" to all channels functions. Replace use of the legacy packet APIs in channels.c. Rework sshd_config PermitOpen handling: previously the configuration parser would call directly into the channels layer. After the refactor this is not possible, as the channels structures are allocated at connection time and aren't available when the configuration is parsed. The server config parser now tracks PermitOpen itself and explicitly configures the channels code later. ok markus@ Upstream-ID: 11828f161656b965cc306576422613614bea2d8f
author: djm@openbsd.org <djm@openbsd.org> 2017-09-12 06:32:07 +0000
committer: Damien Miller <djm@mindrot.org> 2017-09-12 17:37:02 +1000
commit: dbee4119b502e3f8b6cd3282c69c537fd01d8e16 (patch)
tree: b8a3263a79e0920e8d08f188654f1ccb7c254406 /sshconnect.c
parent: abd59663df37a42152e37980113ccaa405b9a282 (diff)
1 files changed, 22 insertions, 16 deletions
diff --git a/sshconnect.c b/sshconnect.c
index 2842d9e59..608566207 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect.c,v 1.285 2017/09/03 23:33:13 djm Exp $ */
+/* $OpenBSD: sshconnect.c,v 1.286 2017/09/12 06:32:07 djm Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -105,7 +105,7 @@ expand_proxy_command(const char *proxy_command, const char *user,
 * a connected fd back to us.
 */
 static int
-ssh_proxy_fdpass_connect(const char *host, u_short port,
+ssh_proxy_fdpass_connect(struct ssh *ssh, const char *host, u_short port,
    const char *proxy_command)
 {
        char *command_string;
@@ -176,7 +176,8 @@ ssh_proxy_fdpass_connect(const char *host, u_short port,
                        fatal("Couldn't wait for child: %s", strerror(errno));
        /* Set the connection file descriptors. */
-        packet_set_connection(sock, sock);
+        if (ssh_packet_set_connection(ssh, sock, sock) == NULL)
+                return -1; /* ssh_packet_set_connection logs error */
        return 0;
 }
@@ -185,7 +186,8 @@ ssh_proxy_fdpass_connect(const char *host, u_short port,
 * Connect to the given ssh server using a proxy command.
 */
 static int
-ssh_proxy_connect(const char *host, u_short port, const char *proxy_command)
+ssh_proxy_connect(struct ssh *ssh, const char *host, u_short port,
+    const char *proxy_command)
 {
        char *command_string;
        int pin[2], pout[2];
@@ -252,9 +254,9 @@ ssh_proxy_connect(const char *host, u_short port, const char *proxy_command)
        free(command_string);
        /* Set the connection file descriptors. */
-        packet_set_connection(pout[0], pin[1]);
+        if (ssh_packet_set_connection(ssh, pout[0], pin[1]) == NULL)
+                return -1; /* ssh_packet_set_connection logs error */
-        /* Indicate OK return */
        return 0;
 }
@@ -410,7 +412,7 @@ timeout_connect(int sockfd, const struct sockaddr *serv_addr,
 * the daemon.
 */
 static int
-ssh_connect_direct(const char *host, struct addrinfo *aitop,
+ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop,
    struct sockaddr_storage *hostaddr, u_short port, int family,
    int connection_attempts, int *timeout_ms, int want_keepalive, int needpriv)
 {
@@ -484,27 +486,31 @@ ssh_connect_direct(const char *host, struct addrinfo *aitop,
                error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno));
        /* Set the connection. */
-        packet_set_connection(sock, sock);
+        if (ssh_packet_set_connection(ssh, sock, sock) == NULL)
+                return -1; /* ssh_packet_set_connection logs error */
-        return 0;
+        return 0;
 }
 int
-ssh_connect(const char *host, struct addrinfo *addrs,
+ssh_connect(struct ssh *ssh, const char *host, struct addrinfo *addrs,
    struct sockaddr_storage *hostaddr, u_short port, int family,
    int connection_attempts, int *timeout_ms, int want_keepalive, int needpriv)
 {
        if (options.proxy_command == NULL) {
-                return ssh_connect_direct(host, addrs, hostaddr, port, family,
+                return ssh_connect_direct(ssh, host, addrs, hostaddr, port,
-                    connection_attempts, timeout_ms, want_keepalive, needpriv);
+                    family, connection_attempts, timeout_ms, want_keepalive,
+                    needpriv);
        } else if (strcmp(options.proxy_command, "-") == 0) {
-                packet_set_connection(STDIN_FILENO, STDOUT_FILENO);
+                if ((ssh_packet_set_connection(ssh,
-                return 0; /* Always succeeds */
+                    STDIN_FILENO, STDOUT_FILENO)) == NULL)
+                        return -1; /* ssh_packet_set_connection logs error */
+                return 0;
        } else if (options.proxy_use_fdpass) {
-                return ssh_proxy_fdpass_connect(host, port,
+                return ssh_proxy_fdpass_connect(ssh, host, port,
                    options.proxy_command);
        }
-        return ssh_proxy_connect(host, port, options.proxy_command);
+        return ssh_proxy_connect(ssh, host, port, options.proxy_command);
 }
 static void
author	djm@openbsd.org <djm@openbsd.org>	2017-09-12 06:32:07 +0000
committer	Damien Miller <djm@mindrot.org>	2017-09-12 17:37:02 +1000
commit	dbee4119b502e3f8b6cd3282c69c537fd01d8e16 (patch)
tree	b8a3263a79e0920e8d08f188654f1ccb7c254406 /sshconnect.c
parent	abd59663df37a42152e37980113ccaa405b9a282 (diff)