1 files changed, 62 insertions, 52 deletions

diff --git a/nchan.c b/nchan.c
index 36da8904a..74c855c90 100644
--- a/nchan.c
+++ b/nchan.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: nchan.c,v 1.65 2017/04/30 23:28:42 djm Exp $ */
+/* $OpenBSD: nchan.c,v 1.66 2017/09/12 06:32:07 djm Exp $ */
 /*
  * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl.  All rights reserved.
  *
@@ -34,7 +34,8 @@
 
 #include "openbsd-compat/sys-queue.h"
 #include "ssh2.h"
-#include "buffer.h"
+#include "sshbuf.h"
+#include "ssherr.h"
 #include "packet.h"
 #include "channels.h"
 #include "compat.h"
@@ -73,15 +74,15 @@
 /*
  * ACTIONS: should never update the channel states
  */
-static void     chan_send_eof2(Channel *);
-static void     chan_send_eow2(Channel *);
+static void     chan_send_eof2(struct ssh *, Channel *);
+static void     chan_send_eow2(struct ssh *, Channel *);
 
 /* helper */
-static void     chan_shutdown_write(Channel *);
-static void     chan_shutdown_read(Channel *);
+static void     chan_shutdown_write(struct ssh *, Channel *);
+static void     chan_shutdown_read(struct ssh *, Channel *);
 
-static char *ostates[] = { "open", "drain", "wait_ieof", "closed" };
-static char *istates[] = { "open", "drain", "wait_oclose", "closed" };
+static const char *ostates[] = { "open", "drain", "wait_ieof", "closed" };
+static const char *istates[] = { "open", "drain", "wait_oclose", "closed" };
 
 static void
 chan_set_istate(Channel *c, u_int next)
@@ -104,12 +105,12 @@ chan_set_ostate(Channel *c, u_int next)
 }
 
 void
-chan_read_failed(Channel *c)
+chan_read_failed(struct ssh *ssh, Channel *c)
 {
         debug2("channel %d: read failed", c->self);
         switch (c->istate) {
         case CHAN_INPUT_OPEN:
-                chan_shutdown_read(c);
+                chan_shutdown_read(ssh, c);
                 chan_set_istate(c, CHAN_INPUT_WAIT_DRAIN);
                 break;
         default:
@@ -120,10 +121,10 @@ chan_read_failed(Channel *c)
 }
 
 void
-chan_ibuf_empty(Channel *c)
+chan_ibuf_empty(struct ssh *ssh, Channel *c)
 {
         debug2("channel %d: ibuf empty", c->self);
-        if (buffer_len(&c->input)) {
+        if (sshbuf_len(c->input)) {
                 error("channel %d: chan_ibuf_empty for non empty buffer",
                     c->self);
                 return;
@@ -131,7 +132,7 @@ chan_ibuf_empty(Channel *c)
         switch (c->istate) {
         case CHAN_INPUT_WAIT_DRAIN:
                 if (!(c->flags & (CHAN_CLOSE_SENT|CHAN_LOCAL)))
-                        chan_send_eof2(c);
+                        chan_send_eof2(ssh, c);
                 chan_set_istate(c, CHAN_INPUT_CLOSED);
                 break;
         default:
@@ -142,17 +143,17 @@ chan_ibuf_empty(Channel *c)
 }
 
 void
-chan_obuf_empty(Channel *c)
+chan_obuf_empty(struct ssh *ssh, Channel *c)
 {
         debug2("channel %d: obuf empty", c->self);
-        if (buffer_len(&c->output)) {
+        if (sshbuf_len(c->output)) {
                 error("channel %d: chan_obuf_empty for non empty buffer",
                     c->self);
                 return;
         }
         switch (c->ostate) {
         case CHAN_OUTPUT_WAIT_DRAIN:
-                chan_shutdown_write(c);
+                chan_shutdown_write(ssh, c);
                 chan_set_ostate(c, CHAN_OUTPUT_CLOSED);
                 break;
         default:
@@ -163,26 +164,29 @@ chan_obuf_empty(Channel *c)
 }
 
 void
-chan_rcvd_eow(Channel *c)
+chan_rcvd_eow(struct ssh *ssh, Channel *c)
 {
         debug2("channel %d: rcvd eow", c->self);
         switch (c->istate) {
         case CHAN_INPUT_OPEN:
-                chan_shutdown_read(c);
+                chan_shutdown_read(ssh, c);
                 chan_set_istate(c, CHAN_INPUT_CLOSED);
                 break;
         }
 }
 
 static void
-chan_send_eof2(Channel *c)
+chan_send_eof2(struct ssh *ssh, Channel *c)
 {
+        int r;
+
         debug2("channel %d: send eof", c->self);
         switch (c->istate) {
         case CHAN_INPUT_WAIT_DRAIN:
-                packet_start(SSH2_MSG_CHANNEL_EOF);
-                packet_put_int(c->remote_id);
-                packet_send();
+                if ((r = sshpkt_start(ssh, SSH2_MSG_CHANNEL_EOF)) != 0 ||
+                    (r = sshpkt_put_u32(ssh, c->remote_id)) != 0 ||
+                    (r = sshpkt_send(ssh)) != 0)
+                        fatal("%s: send CHANNEL_EOF: %s", __func__, ssh_err(r));
                 c->flags |= CHAN_EOF_SENT;
                 break;
         default:
@@ -193,8 +197,10 @@ chan_send_eof2(Channel *c)
 }
 
 static void
-chan_send_close2(Channel *c)
+chan_send_close2(struct ssh *ssh, Channel *c)
 {
+        int r;
+
         debug2("channel %d: send close", c->self);
         if (c->ostate != CHAN_OUTPUT_CLOSED ||
             c->istate != CHAN_INPUT_CLOSED) {
@@ -203,16 +209,19 @@ chan_send_close2(Channel *c)
         } else if (c->flags & CHAN_CLOSE_SENT) {
                 error("channel %d: already sent close", c->self);
         } else {
-                packet_start(SSH2_MSG_CHANNEL_CLOSE);
-                packet_put_int(c->remote_id);
-                packet_send();
+                if ((r = sshpkt_start(ssh, SSH2_MSG_CHANNEL_CLOSE)) != 0 ||
+                    (r = sshpkt_put_u32(ssh, c->remote_id)) != 0 ||
+                    (r = sshpkt_send(ssh)) != 0)
+                        fatal("%s: send CHANNEL_EOF: %s", __func__, ssh_err(r));
                 c->flags |= CHAN_CLOSE_SENT;
         }
 }
 
 static void
-chan_send_eow2(Channel *c)
+chan_send_eow2(struct ssh *ssh, Channel *c)
 {
+        int r;
+
         debug2("channel %d: send eow", c->self);
         if (c->ostate == CHAN_OUTPUT_CLOSED) {
                 error("channel %d: must not sent eow on closed output",
@@ -221,30 +230,31 @@ chan_send_eow2(Channel *c)
         }
         if (!(datafellows & SSH_NEW_OPENSSH))
                 return;
-        packet_start(SSH2_MSG_CHANNEL_REQUEST);
-        packet_put_int(c->remote_id);
-        packet_put_cstring("eow@openssh.com");
-        packet_put_char(0);
-        packet_send();
+        if ((r = sshpkt_start(ssh, SSH2_MSG_CHANNEL_REQUEST)) != 0 ||
+            (r = sshpkt_put_u32(ssh, c->remote_id)) != 0 ||
+            (r = sshpkt_put_cstring(ssh, "eow@openssh.com")) != 0 ||
+            (r = sshpkt_put_u8(ssh, 0)) != 0 ||
+            (r = sshpkt_send(ssh)) != 0)
+                fatal("%s: send CHANNEL_EOF: %s", __func__, ssh_err(r));
 }
 
 /* shared */
 
 void
-chan_rcvd_ieof(Channel *c)
+chan_rcvd_ieof(struct ssh *ssh, Channel *c)
 {
         debug2("channel %d: rcvd eof", c->self);
         c->flags |= CHAN_EOF_RCVD;
         if (c->ostate == CHAN_OUTPUT_OPEN)
                 chan_set_ostate(c, CHAN_OUTPUT_WAIT_DRAIN);
         if (c->ostate == CHAN_OUTPUT_WAIT_DRAIN &&
-            buffer_len(&c->output) == 0 &&
+            sshbuf_len(c->output) == 0 &&
             !CHANNEL_EFD_OUTPUT_ACTIVE(c))
-                chan_obuf_empty(c);
+                chan_obuf_empty(ssh, c);
 }
 
 void
-chan_rcvd_oclose(Channel *c)
+chan_rcvd_oclose(struct ssh *ssh, Channel *c)
 {
         debug2("channel %d: rcvd close", c->self);
         if (!(c->flags & CHAN_LOCAL)) {
@@ -270,27 +280,27 @@ chan_rcvd_oclose(Channel *c)
         }
         switch (c->istate) {
         case CHAN_INPUT_OPEN:
-                chan_shutdown_read(c);
+                chan_shutdown_read(ssh, c);
                 chan_set_istate(c, CHAN_INPUT_CLOSED);
                 break;
         case CHAN_INPUT_WAIT_DRAIN:
                 if (!(c->flags & CHAN_LOCAL))
-                        chan_send_eof2(c);
+                        chan_send_eof2(ssh, c);
                 chan_set_istate(c, CHAN_INPUT_CLOSED);
                 break;
         }
 }
 
 void
-chan_write_failed(Channel *c)
+chan_write_failed(struct ssh *ssh, Channel *c)
 {
         debug2("channel %d: write failed", c->self);
         switch (c->ostate) {
         case CHAN_OUTPUT_OPEN:
         case CHAN_OUTPUT_WAIT_DRAIN:
-                chan_shutdown_write(c);
+                chan_shutdown_write(ssh, c);
                 if (strcmp(c->ctype, "session") == 0)
-                        chan_send_eow2(c);
+                        chan_send_eow2(ssh, c);
                 chan_set_ostate(c, CHAN_OUTPUT_CLOSED);
                 break;
         default:
@@ -301,13 +311,13 @@ chan_write_failed(Channel *c)
 }
 
 void
-chan_mark_dead(Channel *c)
+chan_mark_dead(struct ssh *ssh, Channel *c)
 {
         c->type = SSH_CHANNEL_ZOMBIE;
 }
 
 int
-chan_is_dead(Channel *c, int do_send)
+chan_is_dead(struct ssh *ssh, Channel *c, int do_send)
 {
         if (c->type == SSH_CHANNEL_ZOMBIE) {
                 debug2("channel %d: zombie", c->self);
@@ -318,9 +328,9 @@ chan_is_dead(Channel *c, int do_send)
         if ((datafellows & SSH_BUG_EXTEOF) &&
             c->extended_usage == CHAN_EXTENDED_WRITE &&
             c->efd != -1 &&
-            buffer_len(&c->extended) > 0) {
-                debug2("channel %d: active efd: %d len %d",
-                    c->self, c->efd, buffer_len(&c->extended));
+            sshbuf_len(c->extended) > 0) {
+                debug2("channel %d: active efd: %d len %zu",
+                    c->self, c->efd, sshbuf_len(c->extended));
                 return 0;
         }
         if (c->flags & CHAN_LOCAL) {
@@ -329,7 +339,7 @@ chan_is_dead(Channel *c, int do_send)
         }               
         if (!(c->flags & CHAN_CLOSE_SENT)) {
                 if (do_send) {
-                        chan_send_close2(c);
+                        chan_send_close2(ssh, c);
                 } else {
                         /* channel would be dead if we sent a close */
                         if (c->flags & CHAN_CLOSE_RCVD) {
@@ -349,9 +359,9 @@ chan_is_dead(Channel *c, int do_send)
 
 /* helper */
 static void
-chan_shutdown_write(Channel *c)
+chan_shutdown_write(struct ssh *ssh, Channel *c)
 {
-        buffer_clear(&c->output);
+        sshbuf_reset(c->output);
         if (c->type == SSH_CHANNEL_LARVAL)
                 return;
         /* shutdown failure is allowed if write failed already */
@@ -362,7 +372,7 @@ chan_shutdown_write(Channel *c)
                             "shutdown() failed for fd %d: %.100s",
                             c->self, c->sock, strerror(errno));
         } else {
-                if (channel_close_fd(&c->wfd) < 0)
+                if (channel_close_fd(ssh, &c->wfd) < 0)
                         logit("channel %d: chan_shutdown_write: "
                             "close() failed for fd %d: %.100s",
                             c->self, c->wfd, strerror(errno));
@@ -370,7 +380,7 @@ chan_shutdown_write(Channel *c)
 }
 
 static void
-chan_shutdown_read(Channel *c)
+chan_shutdown_read(struct ssh *ssh, Channel *c)
 {
         if (c->type == SSH_CHANNEL_LARVAL)
                 return;
@@ -388,7 +398,7 @@ chan_shutdown_read(Channel *c)
                             c->self, c->sock, c->istate, c->ostate,
                             strerror(errno));
         } else {
-                if (channel_close_fd(&c->rfd) < 0)
+                if (channel_close_fd(ssh, &c->rfd) < 0)
                         logit("channel %d: chan_shutdown_read: "
                             "close() failed for fd %d: %.100s",
                             c->self, c->rfd, strerror(errno));