diff options
Diffstat (limited to 'channels.c')
-rw-r--r-- | channels.c | 63 |
1 files changed, 45 insertions, 18 deletions
diff --git a/channels.c b/channels.c index 96d8dc4b4..028c09e6a 100644 --- a/channels.c +++ b/channels.c | |||
@@ -40,7 +40,7 @@ | |||
40 | */ | 40 | */ |
41 | 41 | ||
42 | #include "includes.h" | 42 | #include "includes.h" |
43 | RCSID("$OpenBSD: channels.c,v 1.70 2000/09/28 18:03:18 markus Exp $"); | 43 | RCSID("$OpenBSD: channels.c,v 1.72 2000/10/27 07:48:22 markus Exp $"); |
44 | 44 | ||
45 | #include "ssh.h" | 45 | #include "ssh.h" |
46 | #include "packet.h" | 46 | #include "packet.h" |
@@ -174,7 +174,8 @@ channel_lookup(int id) | |||
174 | */ | 174 | */ |
175 | 175 | ||
176 | void | 176 | void |
177 | channel_register_fds(Channel *c, int rfd, int wfd, int efd, int extusage) | 177 | channel_register_fds(Channel *c, int rfd, int wfd, int efd, |
178 | int extusage, int nonblock) | ||
178 | { | 179 | { |
179 | /* Update the maximum file descriptor value. */ | 180 | /* Update the maximum file descriptor value. */ |
180 | if (rfd > channel_max_fd_value) | 181 | if (rfd > channel_max_fd_value) |
@@ -190,12 +191,16 @@ channel_register_fds(Channel *c, int rfd, int wfd, int efd, int extusage) | |||
190 | c->sock = (rfd == wfd) ? rfd : -1; | 191 | c->sock = (rfd == wfd) ? rfd : -1; |
191 | c->efd = efd; | 192 | c->efd = efd; |
192 | c->extended_usage = extusage; | 193 | c->extended_usage = extusage; |
193 | if (rfd != -1) | 194 | |
194 | set_nonblock(rfd); | 195 | /* enable nonblocking mode */ |
195 | if (wfd != -1) | 196 | if (nonblock) { |
196 | set_nonblock(wfd); | 197 | if (rfd != -1) |
197 | if (efd != -1) | 198 | set_nonblock(rfd); |
198 | set_nonblock(efd); | 199 | if (wfd != -1) |
200 | set_nonblock(wfd); | ||
201 | if (efd != -1) | ||
202 | set_nonblock(efd); | ||
203 | } | ||
199 | } | 204 | } |
200 | 205 | ||
201 | /* | 206 | /* |
@@ -205,7 +210,7 @@ channel_register_fds(Channel *c, int rfd, int wfd, int efd, int extusage) | |||
205 | 210 | ||
206 | int | 211 | int |
207 | channel_new(char *ctype, int type, int rfd, int wfd, int efd, | 212 | channel_new(char *ctype, int type, int rfd, int wfd, int efd, |
208 | int window, int maxpack, int extusage, char *remote_name) | 213 | int window, int maxpack, int extusage, char *remote_name, int nonblock) |
209 | { | 214 | { |
210 | int i, found; | 215 | int i, found; |
211 | Channel *c; | 216 | Channel *c; |
@@ -245,7 +250,7 @@ channel_new(char *ctype, int type, int rfd, int wfd, int efd, | |||
245 | buffer_init(&c->output); | 250 | buffer_init(&c->output); |
246 | buffer_init(&c->extended); | 251 | buffer_init(&c->extended); |
247 | chan_init_iostates(c); | 252 | chan_init_iostates(c); |
248 | channel_register_fds(c, rfd, wfd, efd, extusage); | 253 | channel_register_fds(c, rfd, wfd, efd, extusage, nonblock); |
249 | c->self = found; | 254 | c->self = found; |
250 | c->type = type; | 255 | c->type = type; |
251 | c->ctype = ctype; | 256 | c->ctype = ctype; |
@@ -269,7 +274,7 @@ channel_new(char *ctype, int type, int rfd, int wfd, int efd, | |||
269 | int | 274 | int |
270 | channel_allocate(int type, int sock, char *remote_name) | 275 | channel_allocate(int type, int sock, char *remote_name) |
271 | { | 276 | { |
272 | return channel_new("", type, sock, sock, -1, 0, 0, 0, remote_name); | 277 | return channel_new("", type, sock, sock, -1, 0, 0, 0, remote_name, 1); |
273 | } | 278 | } |
274 | 279 | ||
275 | 280 | ||
@@ -548,7 +553,7 @@ channel_post_x11_listener(Channel *c, fd_set * readset, fd_set * writeset) | |||
548 | newch = channel_new("x11", | 553 | newch = channel_new("x11", |
549 | SSH_CHANNEL_OPENING, newsock, newsock, -1, | 554 | SSH_CHANNEL_OPENING, newsock, newsock, -1, |
550 | c->local_window_max, c->local_maxpacket, | 555 | c->local_window_max, c->local_maxpacket, |
551 | 0, xstrdup(buf)); | 556 | 0, xstrdup(buf), 1); |
552 | if (compat20) { | 557 | if (compat20) { |
553 | packet_start(SSH2_MSG_CHANNEL_OPEN); | 558 | packet_start(SSH2_MSG_CHANNEL_OPEN); |
554 | packet_put_cstring("x11"); | 559 | packet_put_cstring("x11"); |
@@ -606,7 +611,7 @@ channel_post_port_listener(Channel *c, fd_set * readset, fd_set * writeset) | |||
606 | newch = channel_new("direct-tcpip", | 611 | newch = channel_new("direct-tcpip", |
607 | SSH_CHANNEL_OPENING, newsock, newsock, -1, | 612 | SSH_CHANNEL_OPENING, newsock, newsock, -1, |
608 | c->local_window_max, c->local_maxpacket, | 613 | c->local_window_max, c->local_maxpacket, |
609 | 0, xstrdup(buf)); | 614 | 0, xstrdup(buf), 1); |
610 | if (compat20) { | 615 | if (compat20) { |
611 | packet_start(SSH2_MSG_CHANNEL_OPEN); | 616 | packet_start(SSH2_MSG_CHANNEL_OPEN); |
612 | packet_put_cstring("direct-tcpip"); | 617 | packet_put_cstring("direct-tcpip"); |
@@ -1514,7 +1519,7 @@ channel_request_local_forwarding(u_short port, const char *host, | |||
1514 | "port listener", SSH_CHANNEL_PORT_LISTENER, | 1519 | "port listener", SSH_CHANNEL_PORT_LISTENER, |
1515 | sock, sock, -1, | 1520 | sock, sock, -1, |
1516 | CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, | 1521 | CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, |
1517 | 0, xstrdup("port listener")); | 1522 | 0, xstrdup("port listener"), 1); |
1518 | strlcpy(channels[ch].path, host, sizeof(channels[ch].path)); | 1523 | strlcpy(channels[ch].path, host, sizeof(channels[ch].path)); |
1519 | channels[ch].host_port = host_port; | 1524 | channels[ch].host_port = host_port; |
1520 | channels[ch].listening_port = port; | 1525 | channels[ch].listening_port = port; |
@@ -1859,7 +1864,7 @@ x11_create_display_inet(int screen_number, int x11_display_offset) | |||
1859 | (void) channel_new("x11 listener", | 1864 | (void) channel_new("x11 listener", |
1860 | SSH_CHANNEL_X11_LISTENER, sock, sock, -1, | 1865 | SSH_CHANNEL_X11_LISTENER, sock, sock, -1, |
1861 | CHAN_X11_WINDOW_DEFAULT, CHAN_X11_PACKET_DEFAULT, | 1866 | CHAN_X11_WINDOW_DEFAULT, CHAN_X11_PACKET_DEFAULT, |
1862 | 0, xstrdup("X11 inet listener")); | 1867 | 0, xstrdup("X11 inet listener"), 1); |
1863 | } | 1868 | } |
1864 | 1869 | ||
1865 | /* Return a suitable value for the DISPLAY environment variable. */ | 1870 | /* Return a suitable value for the DISPLAY environment variable. */ |
@@ -2045,6 +2050,28 @@ x11_input_open(int type, int plen, void *ctxt) | |||
2045 | } | 2050 | } |
2046 | } | 2051 | } |
2047 | 2052 | ||
2053 | /* dummy protocol handler that denies SSH-1 requests (agent/x11) */ | ||
2054 | void | ||
2055 | deny_input_open(int type, int plen, void *ctxt) | ||
2056 | { | ||
2057 | int rchan = packet_get_int(); | ||
2058 | switch(type){ | ||
2059 | case SSH_SMSG_AGENT_OPEN: | ||
2060 | error("Warning: ssh server tried agent forwarding."); | ||
2061 | break; | ||
2062 | case SSH_SMSG_X11_OPEN: | ||
2063 | error("Warning: ssh server tried X11 forwarding."); | ||
2064 | break; | ||
2065 | default: | ||
2066 | error("deny_input_open: type %d plen %d", type, plen); | ||
2067 | break; | ||
2068 | } | ||
2069 | error("Warning: this is probably a break in attempt by a malicious server."); | ||
2070 | packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE); | ||
2071 | packet_put_int(rchan); | ||
2072 | packet_send(); | ||
2073 | } | ||
2074 | |||
2048 | /* | 2075 | /* |
2049 | * Requests forwarding of X11 connections, generates fake authentication | 2076 | * Requests forwarding of X11 connections, generates fake authentication |
2050 | * data, and enables authentication spoofing. | 2077 | * data, and enables authentication spoofing. |
@@ -2349,13 +2376,13 @@ channel_register_filter(int id, channel_filter_fn *fn) | |||
2349 | } | 2376 | } |
2350 | 2377 | ||
2351 | void | 2378 | void |
2352 | channel_set_fds(int id, int rfd, int wfd, int efd, int extusage) | 2379 | channel_set_fds(int id, int rfd, int wfd, int efd, |
2380 | int extusage, int nonblock) | ||
2353 | { | 2381 | { |
2354 | Channel *c = channel_lookup(id); | 2382 | Channel *c = channel_lookup(id); |
2355 | if (c == NULL || c->type != SSH_CHANNEL_LARVAL) | 2383 | if (c == NULL || c->type != SSH_CHANNEL_LARVAL) |
2356 | fatal("channel_activate for non-larval channel %d.", id); | 2384 | fatal("channel_activate for non-larval channel %d.", id); |
2357 | 2385 | channel_register_fds(c, rfd, wfd, efd, extusage, nonblock); | |
2358 | channel_register_fds(c, rfd, wfd, efd, extusage); | ||
2359 | c->type = SSH_CHANNEL_OPEN; | 2386 | c->type = SSH_CHANNEL_OPEN; |
2360 | /* XXX window size? */ | 2387 | /* XXX window size? */ |
2361 | c->local_window = c->local_window_max = c->local_maxpacket * 2; | 2388 | c->local_window = c->local_window_max = c->local_maxpacket * 2; |