1 /* 2 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * All rights reserved 5 * 6 * As far as I am concerned, the code I have written for this software 7 * can be used freely for any purpose. Any derived versions of this 8 * software must be clearly marked as such, and if the derived work is 9 * incompatible with the protocol description in the RFC file, it must be 10 * called by a name other than "ssh" or "Secure Shell". 11 */ 12 /* 13 * Copyright (c) 2000 Markus Friedl. All rights reserved. 14 * 15 * Redistribution and use in source and binary forms, with or without 16 * modification, are permitted provided that the following conditions 17 * are met: 18 * 1. Redistributions of source code must retain the above copyright 19 * notice, this list of conditions and the following disclaimer. 20 * 2. Redistributions in binary form must reproduce the above copyright 21 * notice, this list of conditions and the following disclaimer in the 22 * documentation and/or other materials provided with the distribution. 23 * 24 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 25 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 26 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 27 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 28 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 29 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 30 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 31 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 32 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 33 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34 */ 35 /* RCSID("$OpenBSD: channels.h,v 1.31 2001/04/13 22:46:53 beck Exp $"); */ 36 /* RCSID("$FreeBSD$"); */ 37 38 #ifndef CHANNELS_H 39 #define CHANNELS_H 40 41 #include "buffer.h" 42 43 /* Definitions for channel types. */ 44 #define SSH_CHANNEL_FREE 0 /* This channel is free (unused). */ 45 #define SSH_CHANNEL_X11_LISTENER 1 /* Listening for inet X11 conn. */ 46 #define SSH_CHANNEL_PORT_LISTENER 2 /* Listening on a port. */ 47 #define SSH_CHANNEL_OPENING 3 /* waiting for confirmation */ 48 #define SSH_CHANNEL_OPEN 4 /* normal open two-way channel */ 49 #define SSH_CHANNEL_CLOSED 5 /* waiting for close confirmation */ 50 #define SSH_CHANNEL_AUTH_SOCKET 6 /* authentication socket */ 51 #define SSH_CHANNEL_X11_OPEN 7 /* reading first X11 packet */ 52 #define SSH_CHANNEL_INPUT_DRAINING 8 /* sending remaining data to conn */ 53 #define SSH_CHANNEL_OUTPUT_DRAINING 9 /* sending remaining data to app */ 54 #define SSH_CHANNEL_LARVAL 10 /* larval session */ 55 #define SSH_CHANNEL_RPORT_LISTENER 11 /* Listening to a R-style port */ 56 #define SSH_CHANNEL_CONNECTING 12 57 #define SSH_CHANNEL_DYNAMIC 13 58 #define SSH_CHANNEL_MAX_TYPE 14 59 60 /* 61 * Data structure for channel data. This is iniailized in channel_allocate 62 * and cleared in channel_free. 63 */ 64 struct Channel; 65 typedef struct Channel Channel; 66 67 typedef void channel_callback_fn(int id, void *arg); 68 typedef int channel_filter_fn(struct Channel *c, char *buf, int len); 69 70 struct Channel { 71 int type; /* channel type/state */ 72 int self; /* my own channel identifier */ 73 int remote_id; /* channel identifier for remote peer */ 74 /* peer can be reached over encrypted connection, via packet-sent */ 75 int istate; /* input from channel (state of receive half) */ 76 int ostate; /* output to channel (state of transmit half) */ 77 int flags; /* close sent/rcvd */ 78 int rfd; /* read fd */ 79 int wfd; /* write fd */ 80 int efd; /* extended fd */ 81 int sock; /* sock fd */ 82 int isatty; /* rfd is a tty */ 83 Buffer input; /* data read from socket, to be sent over 84 * encrypted connection */ 85 Buffer output; /* data received over encrypted connection for 86 * send on socket */ 87 Buffer extended; 88 char path[200]; /* path for unix domain sockets, or host name 89 * for forwards */ 90 int listening_port; /* port being listened for forwards */ 91 int host_port; /* remote port to connect for forwards */ 92 char *remote_name; /* remote hostname */ 93 94 int remote_window; 95 int remote_maxpacket; 96 int local_window; 97 int local_window_max; 98 int local_consumed; 99 int local_maxpacket; 100 int extended_usage; 101 102 char *ctype; /* type */ 103 104 /* callback */ 105 channel_callback_fn *cb_fn; 106 void *cb_arg; 107 int cb_event; 108 channel_callback_fn *dettach_user; 109 110 /* filter */ 111 channel_filter_fn *input_filter; 112 }; 113 114 #define CHAN_EXTENDED_IGNORE 0 115 #define CHAN_EXTENDED_READ 1 116 #define CHAN_EXTENDED_WRITE 2 117 118 /* default window/packet sizes for tcp/x11-fwd-channel */ 119 #define CHAN_SES_WINDOW_DEFAULT (32*1024) 120 #define CHAN_SES_PACKET_DEFAULT (CHAN_SES_WINDOW_DEFAULT/2) 121 #define CHAN_TCP_WINDOW_DEFAULT (32*1024) 122 #define CHAN_TCP_PACKET_DEFAULT (CHAN_TCP_WINDOW_DEFAULT/2) 123 #define CHAN_X11_WINDOW_DEFAULT (4*1024) 124 #define CHAN_X11_PACKET_DEFAULT (CHAN_X11_WINDOW_DEFAULT/2) 125 126 127 void channel_open(int id); 128 void channel_request(int id, char *service, int wantconfirm); 129 void channel_request_start(int id, char *service, int wantconfirm); 130 void channel_register_callback(int id, int mtype, channel_callback_fn *fn, void *arg); 131 void channel_register_cleanup(int id, channel_callback_fn *fn); 132 void channel_register_filter(int id, channel_filter_fn *fn); 133 void channel_cancel_cleanup(int id); 134 Channel *channel_lookup(int id); 135 136 int 137 channel_new(char *ctype, int type, int rfd, int wfd, int efd, 138 int window, int maxpack, int extended_usage, char *remote_name, 139 int nonblock); 140 void 141 channel_set_fds(int id, int rfd, int wfd, int efd, 142 int extusage, int nonblock); 143 144 void deny_input_open(int type, int plen, void *ctxt); 145 146 void channel_input_channel_request(int type, int plen, void *ctxt); 147 void channel_input_close(int type, int plen, void *ctxt); 148 void channel_input_close_confirmation(int type, int plen, void *ctxt); 149 void channel_input_data(int type, int plen, void *ctxt); 150 void channel_input_extended_data(int type, int plen, void *ctxt); 151 void channel_input_ieof(int type, int plen, void *ctxt); 152 void channel_input_oclose(int type, int plen, void *ctxt); 153 void channel_input_open_confirmation(int type, int plen, void *ctxt); 154 void channel_input_open_failure(int type, int plen, void *ctxt); 155 void channel_input_port_open(int type, int plen, void *ctxt); 156 void channel_input_window_adjust(int type, int plen, void *ctxt); 157 158 /* Sets specific protocol options. */ 159 void channel_set_options(int hostname_in_open); 160 161 /* 162 * Allocate a new channel object and set its type and socket. Remote_name 163 * must have been allocated with xmalloc; this will free it when the channel 164 * is freed. 165 */ 166 int channel_allocate(int type, int sock, char *remote_name); 167 168 /* Free the channel and close its socket. */ 169 void channel_free(int channel); 170 171 /* 172 * Allocate/update select bitmasks and add any bits relevant to channels in 173 * select bitmasks. 174 */ 175 void 176 channel_prepare_select(fd_set **readsetp, fd_set **writesetp, int *maxfdp, 177 int rekeying); 178 179 /* 180 * After select, perform any appropriate operations for channels which have 181 * events pending. 182 */ 183 void channel_after_select(fd_set * readset, fd_set * writeset); 184 185 /* If there is data to send to the connection, send some of it now. */ 186 void channel_output_poll(void); 187 188 /* Returns true if no channel has too much buffered data. */ 189 int channel_not_very_much_buffered_data(void); 190 191 /* This closes any sockets that are listening for connections; this removes 192 any unix domain sockets. */ 193 void channel_stop_listening(void); 194 195 /* 196 * Closes the sockets of all channels. This is used to close extra file 197 * descriptors after a fork. 198 */ 199 void channel_close_all(void); 200 201 /* Returns true if there is still an open channel over the connection. */ 202 int channel_still_open(void); 203 204 /* 205 * Returns a string containing a list of all open channels. The list is 206 * suitable for displaying to the user. It uses crlf instead of newlines. 207 * The caller should free the string with xfree. 208 */ 209 char *channel_open_message(void); 210 211 /* 212 * Initiate forwarding of connections to local port "port" through the secure 213 * channel to host:port from remote side. 214 */ 215 int 216 channel_request_local_forwarding(u_short listen_port, 217 const char *host_to_connect, u_short port_to_connect, int gateway_ports); 218 int 219 channel_request_forwarding(const char *listen_address, u_short listen_port, 220 const char *host_to_connect, u_short port_to_connect, int gateway_ports, 221 int remote_fwd); 222 223 /* 224 * Initiate forwarding of connections to port "port" on remote host through 225 * the secure channel to host:port from local side. This never returns if 226 * there was an error. This registers that open requests for that port are 227 * permitted. 228 */ 229 void 230 channel_request_remote_forwarding(u_short port, const char *host, 231 u_short remote_port); 232 233 /* 234 * Permits opening to any host/port if permitted_opens[] is empty. This is 235 * usually called by the server, because the user could connect to any port 236 * anyway, and the server has no way to know but to trust the client anyway. 237 */ 238 void channel_permit_all_opens(void); 239 240 /* Add host/port to list of allowed targets for port forwarding */ 241 void channel_add_permitted_opens(char *host, int port); 242 243 /* Flush list */ 244 void channel_clear_permitted_opens(void); 245 246 /* 247 * This is called after receiving CHANNEL_FORWARDING_REQUEST. This initates 248 * listening for the port, and sends back a success reply (or disconnect 249 * message if there was an error). This never returns if there was an error. 250 */ 251 void channel_input_port_forward_request(int is_root, int gateway_ports); 252 253 /* 254 * Creates a port for X11 connections, and starts listening for it. Returns 255 * the display name, or NULL if an error was encountered. 256 */ 257 char *x11_create_display(int screen); 258 259 /* 260 * Creates an internet domain socket for listening for X11 connections. 261 * Returns a suitable value for the DISPLAY variable, or NULL if an error 262 * occurs. 263 */ 264 char *x11_create_display_inet(int screen, int x11_display_offset); 265 266 /* 267 * This is called when SSH_SMSG_X11_OPEN is received. The packet contains 268 * the remote channel number. We should do whatever we want, and respond 269 * with either SSH_MSG_OPEN_CONFIRMATION or SSH_MSG_OPEN_FAILURE. 270 */ 271 void x11_input_open(int type, int plen, void *ctxt); 272 273 /* 274 * Requests forwarding of X11 connections. This should be called on the 275 * client only. 276 */ 277 void x11_request_forwarding(void); 278 279 /* 280 * Requests forwarding for X11 connections, with authentication spoofing. 281 * This should be called in the client only. 282 */ 283 void 284 x11_request_forwarding_with_spoofing(int client_session_id, 285 const char *proto, const char *data); 286 287 /* Sends a message to the server to request authentication fd forwarding. */ 288 void auth_request_forwarding(void); 289 290 /* 291 * Returns the name of the forwarded authentication socket. Returns NULL if 292 * there is no forwarded authentication socket. The returned value points to 293 * a static buffer. 294 */ 295 char *auth_get_socket_name(void); 296 297 /* 298 * This is called to process SSH_CMSG_AGENT_REQUEST_FORWARDING on the server. 299 * This starts forwarding authentication requests. 300 */ 301 int auth_input_request_forwarding(struct passwd * pw); 302 303 /* This is called to process an SSH_SMSG_AGENT_OPEN message. */ 304 void auth_input_open_request(int type, int plen, void *ctxt); 305 306 /* XXX */ 307 void auth_sock_cleanup_proc(void *pw); 308 int channel_connect_to(const char *host, u_short host_port); 309 int channel_connect_by_listen_adress(u_short listen_port); 310 int x11_connect_display(void); 311 312 int channel_find_open(void); 313 314 #endif 315