1511b41d2SMark Murray /* 2511b41d2SMark Murray * Author: Tatu Ylonen <ylo@cs.hut.fi> 3511b41d2SMark Murray * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4511b41d2SMark Murray * All rights reserved 5511b41d2SMark Murray * Created: Sun Sep 10 00:30:37 1995 ylo 6511b41d2SMark Murray * Server main loop for handling the interactive session. 7511b41d2SMark Murray */ 8511b41d2SMark Murray 9511b41d2SMark Murray #include "includes.h" 10511b41d2SMark Murray #include "xmalloc.h" 11511b41d2SMark Murray #include "ssh.h" 12511b41d2SMark Murray #include "packet.h" 13511b41d2SMark Murray #include "buffer.h" 14511b41d2SMark Murray #include "servconf.h" 15511b41d2SMark Murray #include "pty.h" 16511b41d2SMark Murray 17511b41d2SMark Murray static Buffer stdin_buffer; /* Buffer for stdin data. */ 18511b41d2SMark Murray static Buffer stdout_buffer; /* Buffer for stdout data. */ 19511b41d2SMark Murray static Buffer stderr_buffer; /* Buffer for stderr data. */ 20511b41d2SMark Murray static int fdin; /* Descriptor for stdin (for writing) */ 21511b41d2SMark Murray static int fdout; /* Descriptor for stdout (for reading); 22511b41d2SMark Murray May be same number as fdin. */ 23511b41d2SMark Murray static int fderr; /* Descriptor for stderr. May be -1. */ 24511b41d2SMark Murray static long stdin_bytes = 0; /* Number of bytes written to stdin. */ 25511b41d2SMark Murray static long stdout_bytes = 0; /* Number of stdout bytes sent to client. */ 26511b41d2SMark Murray static long stderr_bytes = 0; /* Number of stderr bytes sent to client. */ 27511b41d2SMark Murray static long fdout_bytes = 0; /* Number of stdout bytes read from program. */ 28511b41d2SMark Murray static int stdin_eof = 0; /* EOF message received from client. */ 29511b41d2SMark Murray static int fdout_eof = 0; /* EOF encountered reading from fdout. */ 30511b41d2SMark Murray static int fderr_eof = 0; /* EOF encountered readung from fderr. */ 31511b41d2SMark Murray static int connection_in; /* Connection to client (input). */ 32511b41d2SMark Murray static int connection_out; /* Connection to client (output). */ 33511b41d2SMark Murray static unsigned int buffer_high;/* "Soft" max buffer size. */ 34511b41d2SMark Murray static int max_fd; /* Max file descriptor number for select(). */ 35511b41d2SMark Murray 36511b41d2SMark Murray /* 37511b41d2SMark Murray * This SIGCHLD kludge is used to detect when the child exits. The server 38511b41d2SMark Murray * will exit after that, as soon as forwarded connections have terminated. 39511b41d2SMark Murray */ 40511b41d2SMark Murray 41511b41d2SMark Murray static int child_pid; /* Pid of the child. */ 42511b41d2SMark Murray static volatile int child_terminated; /* The child has terminated. */ 43511b41d2SMark Murray static volatile int child_wait_status; /* Status from wait(). */ 44511b41d2SMark Murray 45511b41d2SMark Murray void 46511b41d2SMark Murray sigchld_handler(int sig) 47511b41d2SMark Murray { 48511b41d2SMark Murray int save_errno = errno; 49511b41d2SMark Murray int wait_pid; 50511b41d2SMark Murray debug("Received SIGCHLD."); 51511b41d2SMark Murray wait_pid = wait((int *) &child_wait_status); 52511b41d2SMark Murray if (wait_pid != -1) { 53511b41d2SMark Murray if (wait_pid != child_pid) 54511b41d2SMark Murray error("Strange, got SIGCHLD and wait returned pid %d but child is %d", 55511b41d2SMark Murray wait_pid, child_pid); 56511b41d2SMark Murray if (WIFEXITED(child_wait_status) || 57511b41d2SMark Murray WIFSIGNALED(child_wait_status)) 58511b41d2SMark Murray child_terminated = 1; 59511b41d2SMark Murray } 60511b41d2SMark Murray signal(SIGCHLD, sigchld_handler); 61511b41d2SMark Murray errno = save_errno; 62511b41d2SMark Murray } 63511b41d2SMark Murray 64511b41d2SMark Murray /* 65511b41d2SMark Murray * Process any buffered packets that have been received from the client. 66511b41d2SMark Murray */ 67511b41d2SMark Murray void 68511b41d2SMark Murray process_buffered_input_packets() 69511b41d2SMark Murray { 70511b41d2SMark Murray int type; 71511b41d2SMark Murray char *data; 72511b41d2SMark Murray unsigned int data_len; 73511b41d2SMark Murray int row, col, xpixel, ypixel; 74511b41d2SMark Murray int payload_len; 75511b41d2SMark Murray 76511b41d2SMark Murray /* Process buffered packets from the client. */ 77511b41d2SMark Murray while ((type = packet_read_poll(&payload_len)) != SSH_MSG_NONE) { 78511b41d2SMark Murray switch (type) { 79511b41d2SMark Murray case SSH_CMSG_STDIN_DATA: 80511b41d2SMark Murray /* Stdin data from the client. Append it to the buffer. */ 81511b41d2SMark Murray /* Ignore any data if the client has closed stdin. */ 82511b41d2SMark Murray if (fdin == -1) 83511b41d2SMark Murray break; 84511b41d2SMark Murray data = packet_get_string(&data_len); 85511b41d2SMark Murray packet_integrity_check(payload_len, (4 + data_len), type); 86511b41d2SMark Murray buffer_append(&stdin_buffer, data, data_len); 87511b41d2SMark Murray memset(data, 0, data_len); 88511b41d2SMark Murray xfree(data); 89511b41d2SMark Murray break; 90511b41d2SMark Murray 91511b41d2SMark Murray case SSH_CMSG_EOF: 92511b41d2SMark Murray /* 93511b41d2SMark Murray * Eof from the client. The stdin descriptor to the 94511b41d2SMark Murray * program will be closed when all buffered data has 95511b41d2SMark Murray * drained. 96511b41d2SMark Murray */ 97511b41d2SMark Murray debug("EOF received for stdin."); 98511b41d2SMark Murray packet_integrity_check(payload_len, 0, type); 99511b41d2SMark Murray stdin_eof = 1; 100511b41d2SMark Murray break; 101511b41d2SMark Murray 102511b41d2SMark Murray case SSH_CMSG_WINDOW_SIZE: 103511b41d2SMark Murray debug("Window change received."); 104511b41d2SMark Murray packet_integrity_check(payload_len, 4 * 4, type); 105511b41d2SMark Murray row = packet_get_int(); 106511b41d2SMark Murray col = packet_get_int(); 107511b41d2SMark Murray xpixel = packet_get_int(); 108511b41d2SMark Murray ypixel = packet_get_int(); 109511b41d2SMark Murray if (fdin != -1) 110511b41d2SMark Murray pty_change_window_size(fdin, row, col, xpixel, ypixel); 111511b41d2SMark Murray break; 112511b41d2SMark Murray 113511b41d2SMark Murray case SSH_MSG_PORT_OPEN: 114511b41d2SMark Murray debug("Received port open request."); 115511b41d2SMark Murray channel_input_port_open(payload_len); 116511b41d2SMark Murray break; 117511b41d2SMark Murray 118511b41d2SMark Murray case SSH_MSG_CHANNEL_OPEN_CONFIRMATION: 119511b41d2SMark Murray debug("Received channel open confirmation."); 120511b41d2SMark Murray packet_integrity_check(payload_len, 4 + 4, type); 121511b41d2SMark Murray channel_input_open_confirmation(); 122511b41d2SMark Murray break; 123511b41d2SMark Murray 124511b41d2SMark Murray case SSH_MSG_CHANNEL_OPEN_FAILURE: 125511b41d2SMark Murray debug("Received channel open failure."); 126511b41d2SMark Murray packet_integrity_check(payload_len, 4, type); 127511b41d2SMark Murray channel_input_open_failure(); 128511b41d2SMark Murray break; 129511b41d2SMark Murray 130511b41d2SMark Murray case SSH_MSG_CHANNEL_DATA: 131511b41d2SMark Murray channel_input_data(payload_len); 132511b41d2SMark Murray break; 133511b41d2SMark Murray 134511b41d2SMark Murray case SSH_MSG_CHANNEL_CLOSE: 135511b41d2SMark Murray debug("Received channel close."); 136511b41d2SMark Murray packet_integrity_check(payload_len, 4, type); 137511b41d2SMark Murray channel_input_close(); 138511b41d2SMark Murray break; 139511b41d2SMark Murray 140511b41d2SMark Murray case SSH_MSG_CHANNEL_CLOSE_CONFIRMATION: 141511b41d2SMark Murray debug("Received channel close confirmation."); 142511b41d2SMark Murray packet_integrity_check(payload_len, 4, type); 143511b41d2SMark Murray channel_input_close_confirmation(); 144511b41d2SMark Murray break; 145511b41d2SMark Murray 146511b41d2SMark Murray default: 147511b41d2SMark Murray /* 148511b41d2SMark Murray * In this phase, any unexpected messages cause a 149511b41d2SMark Murray * protocol error. This is to ease debugging; also, 150511b41d2SMark Murray * since no confirmations are sent messages, 151511b41d2SMark Murray * unprocessed unknown messages could cause strange 152511b41d2SMark Murray * problems. Any compatible protocol extensions must 153511b41d2SMark Murray * be negotiated before entering the interactive 154511b41d2SMark Murray * session. 155511b41d2SMark Murray */ 156511b41d2SMark Murray packet_disconnect("Protocol error during session: type %d", 157511b41d2SMark Murray type); 158511b41d2SMark Murray } 159511b41d2SMark Murray } 160511b41d2SMark Murray } 161511b41d2SMark Murray 162511b41d2SMark Murray /* 163511b41d2SMark Murray * Make packets from buffered stderr data, and buffer it for sending 164511b41d2SMark Murray * to the client. 165511b41d2SMark Murray */ 166511b41d2SMark Murray void 167511b41d2SMark Murray make_packets_from_stderr_data() 168511b41d2SMark Murray { 169511b41d2SMark Murray int len; 170511b41d2SMark Murray 171511b41d2SMark Murray /* Send buffered stderr data to the client. */ 172511b41d2SMark Murray while (buffer_len(&stderr_buffer) > 0 && 173511b41d2SMark Murray packet_not_very_much_data_to_write()) { 174511b41d2SMark Murray len = buffer_len(&stderr_buffer); 175511b41d2SMark Murray if (packet_is_interactive()) { 176511b41d2SMark Murray if (len > 512) 177511b41d2SMark Murray len = 512; 178511b41d2SMark Murray } else { 179511b41d2SMark Murray /* Keep the packets at reasonable size. */ 180511b41d2SMark Murray if (len > packet_get_maxsize()) 181511b41d2SMark Murray len = packet_get_maxsize(); 182511b41d2SMark Murray } 183511b41d2SMark Murray packet_start(SSH_SMSG_STDERR_DATA); 184511b41d2SMark Murray packet_put_string(buffer_ptr(&stderr_buffer), len); 185511b41d2SMark Murray packet_send(); 186511b41d2SMark Murray buffer_consume(&stderr_buffer, len); 187511b41d2SMark Murray stderr_bytes += len; 188511b41d2SMark Murray } 189511b41d2SMark Murray } 190511b41d2SMark Murray 191511b41d2SMark Murray /* 192511b41d2SMark Murray * Make packets from buffered stdout data, and buffer it for sending to the 193511b41d2SMark Murray * client. 194511b41d2SMark Murray */ 195511b41d2SMark Murray void 196511b41d2SMark Murray make_packets_from_stdout_data() 197511b41d2SMark Murray { 198511b41d2SMark Murray int len; 199511b41d2SMark Murray 200511b41d2SMark Murray /* Send buffered stdout data to the client. */ 201511b41d2SMark Murray while (buffer_len(&stdout_buffer) > 0 && 202511b41d2SMark Murray packet_not_very_much_data_to_write()) { 203511b41d2SMark Murray len = buffer_len(&stdout_buffer); 204511b41d2SMark Murray if (packet_is_interactive()) { 205511b41d2SMark Murray if (len > 512) 206511b41d2SMark Murray len = 512; 207511b41d2SMark Murray } else { 208511b41d2SMark Murray /* Keep the packets at reasonable size. */ 209511b41d2SMark Murray if (len > packet_get_maxsize()) 210511b41d2SMark Murray len = packet_get_maxsize(); 211511b41d2SMark Murray } 212511b41d2SMark Murray packet_start(SSH_SMSG_STDOUT_DATA); 213511b41d2SMark Murray packet_put_string(buffer_ptr(&stdout_buffer), len); 214511b41d2SMark Murray packet_send(); 215511b41d2SMark Murray buffer_consume(&stdout_buffer, len); 216511b41d2SMark Murray stdout_bytes += len; 217511b41d2SMark Murray } 218511b41d2SMark Murray } 219511b41d2SMark Murray 220511b41d2SMark Murray /* 221511b41d2SMark Murray * Sleep in select() until we can do something. This will initialize the 222511b41d2SMark Murray * select masks. Upon return, the masks will indicate which descriptors 223511b41d2SMark Murray * have data or can accept data. Optionally, a maximum time can be specified 224511b41d2SMark Murray * for the duration of the wait (0 = infinite). 225511b41d2SMark Murray */ 226511b41d2SMark Murray void 227511b41d2SMark Murray wait_until_can_do_something(fd_set * readset, fd_set * writeset, 228511b41d2SMark Murray unsigned int max_time_milliseconds) 229511b41d2SMark Murray { 230511b41d2SMark Murray struct timeval tv, *tvp; 231511b41d2SMark Murray int ret; 232511b41d2SMark Murray 233511b41d2SMark Murray /* When select fails we restart from here. */ 234511b41d2SMark Murray retry_select: 235511b41d2SMark Murray 236511b41d2SMark Murray /* Initialize select() masks. */ 237511b41d2SMark Murray FD_ZERO(readset); 238511b41d2SMark Murray 239511b41d2SMark Murray /* 240511b41d2SMark Murray * Read packets from the client unless we have too much buffered 241511b41d2SMark Murray * stdin or channel data. 242511b41d2SMark Murray */ 243511b41d2SMark Murray if (buffer_len(&stdin_buffer) < 4096 && 244511b41d2SMark Murray channel_not_very_much_buffered_data()) 245511b41d2SMark Murray FD_SET(connection_in, readset); 246511b41d2SMark Murray 247511b41d2SMark Murray /* 248511b41d2SMark Murray * If there is not too much data already buffered going to the 249511b41d2SMark Murray * client, try to get some more data from the program. 250511b41d2SMark Murray */ 251511b41d2SMark Murray if (packet_not_very_much_data_to_write()) { 252511b41d2SMark Murray if (!fdout_eof) 253511b41d2SMark Murray FD_SET(fdout, readset); 254511b41d2SMark Murray if (!fderr_eof) 255511b41d2SMark Murray FD_SET(fderr, readset); 256511b41d2SMark Murray } 257511b41d2SMark Murray FD_ZERO(writeset); 258511b41d2SMark Murray 259511b41d2SMark Murray /* Set masks for channel descriptors. */ 260511b41d2SMark Murray channel_prepare_select(readset, writeset); 261511b41d2SMark Murray 262511b41d2SMark Murray /* 263511b41d2SMark Murray * If we have buffered packet data going to the client, mark that 264511b41d2SMark Murray * descriptor. 265511b41d2SMark Murray */ 266511b41d2SMark Murray if (packet_have_data_to_write()) 267511b41d2SMark Murray FD_SET(connection_out, writeset); 268511b41d2SMark Murray 269511b41d2SMark Murray /* If we have buffered data, try to write some of that data to the 270511b41d2SMark Murray program. */ 271511b41d2SMark Murray if (fdin != -1 && buffer_len(&stdin_buffer) > 0) 272511b41d2SMark Murray FD_SET(fdin, writeset); 273511b41d2SMark Murray 274511b41d2SMark Murray /* Update the maximum descriptor number if appropriate. */ 275511b41d2SMark Murray if (channel_max_fd() > max_fd) 276511b41d2SMark Murray max_fd = channel_max_fd(); 277511b41d2SMark Murray 278511b41d2SMark Murray /* 279511b41d2SMark Murray * If child has terminated and there is enough buffer space to read 280511b41d2SMark Murray * from it, then read as much as is available and exit. 281511b41d2SMark Murray */ 282511b41d2SMark Murray if (child_terminated && packet_not_very_much_data_to_write()) 283511b41d2SMark Murray if (max_time_milliseconds == 0) 284511b41d2SMark Murray max_time_milliseconds = 100; 285511b41d2SMark Murray 286511b41d2SMark Murray if (max_time_milliseconds == 0) 287511b41d2SMark Murray tvp = NULL; 288511b41d2SMark Murray else { 289511b41d2SMark Murray tv.tv_sec = max_time_milliseconds / 1000; 290511b41d2SMark Murray tv.tv_usec = 1000 * (max_time_milliseconds % 1000); 291511b41d2SMark Murray tvp = &tv; 292511b41d2SMark Murray } 293511b41d2SMark Murray 294511b41d2SMark Murray /* Wait for something to happen, or the timeout to expire. */ 295511b41d2SMark Murray ret = select(max_fd + 1, readset, writeset, NULL, tvp); 296511b41d2SMark Murray 297511b41d2SMark Murray if (ret < 0) { 298511b41d2SMark Murray if (errno != EINTR) 299511b41d2SMark Murray error("select: %.100s", strerror(errno)); 300511b41d2SMark Murray else 301511b41d2SMark Murray goto retry_select; 302511b41d2SMark Murray } 303511b41d2SMark Murray } 304511b41d2SMark Murray 305511b41d2SMark Murray /* 306511b41d2SMark Murray * Processes input from the client and the program. Input data is stored 307511b41d2SMark Murray * in buffers and processed later. 308511b41d2SMark Murray */ 309511b41d2SMark Murray void 310511b41d2SMark Murray process_input(fd_set * readset) 311511b41d2SMark Murray { 312511b41d2SMark Murray int len; 313511b41d2SMark Murray char buf[16384]; 314511b41d2SMark Murray 315511b41d2SMark Murray /* Read and buffer any input data from the client. */ 316511b41d2SMark Murray if (FD_ISSET(connection_in, readset)) { 317511b41d2SMark Murray len = read(connection_in, buf, sizeof(buf)); 318511b41d2SMark Murray if (len == 0) { 319511b41d2SMark Murray verbose("Connection closed by remote host."); 320511b41d2SMark Murray fatal_cleanup(); 321511b41d2SMark Murray } 322511b41d2SMark Murray /* 323511b41d2SMark Murray * There is a kernel bug on Solaris that causes select to 324511b41d2SMark Murray * sometimes wake up even though there is no data available. 325511b41d2SMark Murray */ 326511b41d2SMark Murray if (len < 0 && errno == EAGAIN) 327511b41d2SMark Murray len = 0; 328511b41d2SMark Murray 329511b41d2SMark Murray if (len < 0) { 330511b41d2SMark Murray verbose("Read error from remote host: %.100s", strerror(errno)); 331511b41d2SMark Murray fatal_cleanup(); 332511b41d2SMark Murray } 333511b41d2SMark Murray /* Buffer any received data. */ 334511b41d2SMark Murray packet_process_incoming(buf, len); 335511b41d2SMark Murray } 336511b41d2SMark Murray /* Read and buffer any available stdout data from the program. */ 337511b41d2SMark Murray if (!fdout_eof && FD_ISSET(fdout, readset)) { 338511b41d2SMark Murray len = read(fdout, buf, sizeof(buf)); 339511b41d2SMark Murray if (len <= 0) 340511b41d2SMark Murray fdout_eof = 1; 341511b41d2SMark Murray else { 342511b41d2SMark Murray buffer_append(&stdout_buffer, buf, len); 343511b41d2SMark Murray fdout_bytes += len; 344511b41d2SMark Murray } 345511b41d2SMark Murray } 346511b41d2SMark Murray /* Read and buffer any available stderr data from the program. */ 347511b41d2SMark Murray if (!fderr_eof && FD_ISSET(fderr, readset)) { 348511b41d2SMark Murray len = read(fderr, buf, sizeof(buf)); 349511b41d2SMark Murray if (len <= 0) 350511b41d2SMark Murray fderr_eof = 1; 351511b41d2SMark Murray else 352511b41d2SMark Murray buffer_append(&stderr_buffer, buf, len); 353511b41d2SMark Murray } 354511b41d2SMark Murray } 355511b41d2SMark Murray 356511b41d2SMark Murray /* 357511b41d2SMark Murray * Sends data from internal buffers to client program stdin. 358511b41d2SMark Murray */ 359511b41d2SMark Murray void 360511b41d2SMark Murray process_output(fd_set * writeset) 361511b41d2SMark Murray { 362511b41d2SMark Murray int len; 363511b41d2SMark Murray 364511b41d2SMark Murray /* Write buffered data to program stdin. */ 365511b41d2SMark Murray if (fdin != -1 && FD_ISSET(fdin, writeset)) { 366511b41d2SMark Murray len = write(fdin, buffer_ptr(&stdin_buffer), 367511b41d2SMark Murray buffer_len(&stdin_buffer)); 368511b41d2SMark Murray if (len <= 0) { 369511b41d2SMark Murray #ifdef USE_PIPES 370511b41d2SMark Murray close(fdin); 371511b41d2SMark Murray #else 372511b41d2SMark Murray if (fdout == -1) 373511b41d2SMark Murray close(fdin); 374511b41d2SMark Murray else 375511b41d2SMark Murray shutdown(fdin, SHUT_WR); /* We will no longer send. */ 376511b41d2SMark Murray #endif 377511b41d2SMark Murray fdin = -1; 378511b41d2SMark Murray } else { 379511b41d2SMark Murray /* Successful write. Consume the data from the buffer. */ 380511b41d2SMark Murray buffer_consume(&stdin_buffer, len); 381511b41d2SMark Murray /* Update the count of bytes written to the program. */ 382511b41d2SMark Murray stdin_bytes += len; 383511b41d2SMark Murray } 384511b41d2SMark Murray } 385511b41d2SMark Murray /* Send any buffered packet data to the client. */ 386511b41d2SMark Murray if (FD_ISSET(connection_out, writeset)) 387511b41d2SMark Murray packet_write_poll(); 388511b41d2SMark Murray } 389511b41d2SMark Murray 390511b41d2SMark Murray /* 391511b41d2SMark Murray * Wait until all buffered output has been sent to the client. 392511b41d2SMark Murray * This is used when the program terminates. 393511b41d2SMark Murray */ 394511b41d2SMark Murray void 395511b41d2SMark Murray drain_output() 396511b41d2SMark Murray { 397511b41d2SMark Murray /* Send any buffered stdout data to the client. */ 398511b41d2SMark Murray if (buffer_len(&stdout_buffer) > 0) { 399511b41d2SMark Murray packet_start(SSH_SMSG_STDOUT_DATA); 400511b41d2SMark Murray packet_put_string(buffer_ptr(&stdout_buffer), 401511b41d2SMark Murray buffer_len(&stdout_buffer)); 402511b41d2SMark Murray packet_send(); 403511b41d2SMark Murray /* Update the count of sent bytes. */ 404511b41d2SMark Murray stdout_bytes += buffer_len(&stdout_buffer); 405511b41d2SMark Murray } 406511b41d2SMark Murray /* Send any buffered stderr data to the client. */ 407511b41d2SMark Murray if (buffer_len(&stderr_buffer) > 0) { 408511b41d2SMark Murray packet_start(SSH_SMSG_STDERR_DATA); 409511b41d2SMark Murray packet_put_string(buffer_ptr(&stderr_buffer), 410511b41d2SMark Murray buffer_len(&stderr_buffer)); 411511b41d2SMark Murray packet_send(); 412511b41d2SMark Murray /* Update the count of sent bytes. */ 413511b41d2SMark Murray stderr_bytes += buffer_len(&stderr_buffer); 414511b41d2SMark Murray } 415511b41d2SMark Murray /* Wait until all buffered data has been written to the client. */ 416511b41d2SMark Murray packet_write_wait(); 417511b41d2SMark Murray } 418511b41d2SMark Murray 419511b41d2SMark Murray /* 420511b41d2SMark Murray * Performs the interactive session. This handles data transmission between 421511b41d2SMark Murray * the client and the program. Note that the notion of stdin, stdout, and 422511b41d2SMark Murray * stderr in this function is sort of reversed: this function writes to 423511b41d2SMark Murray * stdin (of the child program), and reads from stdout and stderr (of the 424511b41d2SMark Murray * child program). 425511b41d2SMark Murray */ 426511b41d2SMark Murray void 427511b41d2SMark Murray server_loop(int pid, int fdin_arg, int fdout_arg, int fderr_arg) 428511b41d2SMark Murray { 429511b41d2SMark Murray int wait_status, wait_pid; /* Status and pid returned by wait(). */ 430511b41d2SMark Murray int waiting_termination = 0; /* Have displayed waiting close message. */ 431511b41d2SMark Murray unsigned int max_time_milliseconds; 432511b41d2SMark Murray unsigned int previous_stdout_buffer_bytes; 433511b41d2SMark Murray unsigned int stdout_buffer_bytes; 434511b41d2SMark Murray int type; 435511b41d2SMark Murray 436511b41d2SMark Murray debug("Entering interactive session."); 437511b41d2SMark Murray 438511b41d2SMark Murray /* Initialize the SIGCHLD kludge. */ 439511b41d2SMark Murray child_pid = pid; 440511b41d2SMark Murray child_terminated = 0; 441511b41d2SMark Murray signal(SIGCHLD, sigchld_handler); 442511b41d2SMark Murray 443511b41d2SMark Murray /* Initialize our global variables. */ 444511b41d2SMark Murray fdin = fdin_arg; 445511b41d2SMark Murray fdout = fdout_arg; 446511b41d2SMark Murray fderr = fderr_arg; 447511b41d2SMark Murray connection_in = packet_get_connection_in(); 448511b41d2SMark Murray connection_out = packet_get_connection_out(); 449511b41d2SMark Murray 450511b41d2SMark Murray previous_stdout_buffer_bytes = 0; 451511b41d2SMark Murray 452511b41d2SMark Murray /* Set approximate I/O buffer size. */ 453511b41d2SMark Murray if (packet_is_interactive()) 454511b41d2SMark Murray buffer_high = 4096; 455511b41d2SMark Murray else 456511b41d2SMark Murray buffer_high = 64 * 1024; 457511b41d2SMark Murray 458511b41d2SMark Murray /* Initialize max_fd to the maximum of the known file descriptors. */ 459511b41d2SMark Murray max_fd = fdin; 460511b41d2SMark Murray if (fdout > max_fd) 461511b41d2SMark Murray max_fd = fdout; 462511b41d2SMark Murray if (fderr != -1 && fderr > max_fd) 463511b41d2SMark Murray max_fd = fderr; 464511b41d2SMark Murray if (connection_in > max_fd) 465511b41d2SMark Murray max_fd = connection_in; 466511b41d2SMark Murray if (connection_out > max_fd) 467511b41d2SMark Murray max_fd = connection_out; 468511b41d2SMark Murray 469511b41d2SMark Murray /* Initialize Initialize buffers. */ 470511b41d2SMark Murray buffer_init(&stdin_buffer); 471511b41d2SMark Murray buffer_init(&stdout_buffer); 472511b41d2SMark Murray buffer_init(&stderr_buffer); 473511b41d2SMark Murray 474511b41d2SMark Murray /* 475511b41d2SMark Murray * If we have no separate fderr (which is the case when we have a pty 476511b41d2SMark Murray * - there we cannot make difference between data sent to stdout and 477511b41d2SMark Murray * stderr), indicate that we have seen an EOF from stderr. This way 478511b41d2SMark Murray * we don\'t need to check the descriptor everywhere. 479511b41d2SMark Murray */ 480511b41d2SMark Murray if (fderr == -1) 481511b41d2SMark Murray fderr_eof = 1; 482511b41d2SMark Murray 483511b41d2SMark Murray /* Main loop of the server for the interactive session mode. */ 484511b41d2SMark Murray for (;;) { 485511b41d2SMark Murray fd_set readset, writeset; 486511b41d2SMark Murray 487511b41d2SMark Murray /* Process buffered packets from the client. */ 488511b41d2SMark Murray process_buffered_input_packets(); 489511b41d2SMark Murray 490511b41d2SMark Murray /* 491511b41d2SMark Murray * If we have received eof, and there is no more pending 492511b41d2SMark Murray * input data, cause a real eof by closing fdin. 493511b41d2SMark Murray */ 494511b41d2SMark Murray if (stdin_eof && fdin != -1 && buffer_len(&stdin_buffer) == 0) { 495511b41d2SMark Murray #ifdef USE_PIPES 496511b41d2SMark Murray close(fdin); 497511b41d2SMark Murray #else 498511b41d2SMark Murray if (fdout == -1) 499511b41d2SMark Murray close(fdin); 500511b41d2SMark Murray else 501511b41d2SMark Murray shutdown(fdin, SHUT_WR); /* We will no longer send. */ 502511b41d2SMark Murray #endif 503511b41d2SMark Murray fdin = -1; 504511b41d2SMark Murray } 505511b41d2SMark Murray /* Make packets from buffered stderr data to send to the client. */ 506511b41d2SMark Murray make_packets_from_stderr_data(); 507511b41d2SMark Murray 508511b41d2SMark Murray /* 509511b41d2SMark Murray * Make packets from buffered stdout data to send to the 510511b41d2SMark Murray * client. If there is very little to send, this arranges to 511511b41d2SMark Murray * not send them now, but to wait a short while to see if we 512511b41d2SMark Murray * are getting more data. This is necessary, as some systems 513511b41d2SMark Murray * wake up readers from a pty after each separate character. 514511b41d2SMark Murray */ 515511b41d2SMark Murray max_time_milliseconds = 0; 516511b41d2SMark Murray stdout_buffer_bytes = buffer_len(&stdout_buffer); 517511b41d2SMark Murray if (stdout_buffer_bytes != 0 && stdout_buffer_bytes < 256 && 518511b41d2SMark Murray stdout_buffer_bytes != previous_stdout_buffer_bytes) { 519511b41d2SMark Murray /* try again after a while */ 520511b41d2SMark Murray max_time_milliseconds = 10; 521511b41d2SMark Murray } else { 522511b41d2SMark Murray /* Send it now. */ 523511b41d2SMark Murray make_packets_from_stdout_data(); 524511b41d2SMark Murray } 525511b41d2SMark Murray previous_stdout_buffer_bytes = buffer_len(&stdout_buffer); 526511b41d2SMark Murray 527511b41d2SMark Murray /* Send channel data to the client. */ 528511b41d2SMark Murray if (packet_not_very_much_data_to_write()) 529511b41d2SMark Murray channel_output_poll(); 530511b41d2SMark Murray 531511b41d2SMark Murray /* 532511b41d2SMark Murray * Bail out of the loop if the program has closed its output 533511b41d2SMark Murray * descriptors, and we have no more data to send to the 534511b41d2SMark Murray * client, and there is no pending buffered data. 535511b41d2SMark Murray */ 536511b41d2SMark Murray if (fdout_eof && fderr_eof && !packet_have_data_to_write() && 537511b41d2SMark Murray buffer_len(&stdout_buffer) == 0 && buffer_len(&stderr_buffer) == 0) { 538511b41d2SMark Murray if (!channel_still_open()) 539511b41d2SMark Murray goto quit; 540511b41d2SMark Murray if (!waiting_termination) { 541511b41d2SMark Murray const char *s = "Waiting for forwarded connections to terminate...\r\n"; 542511b41d2SMark Murray char *cp; 543511b41d2SMark Murray waiting_termination = 1; 544511b41d2SMark Murray buffer_append(&stderr_buffer, s, strlen(s)); 545511b41d2SMark Murray 546511b41d2SMark Murray /* Display list of open channels. */ 547511b41d2SMark Murray cp = channel_open_message(); 548511b41d2SMark Murray buffer_append(&stderr_buffer, cp, strlen(cp)); 549511b41d2SMark Murray xfree(cp); 550511b41d2SMark Murray } 551511b41d2SMark Murray } 552511b41d2SMark Murray /* Sleep in select() until we can do something. */ 553511b41d2SMark Murray wait_until_can_do_something(&readset, &writeset, 554511b41d2SMark Murray max_time_milliseconds); 555511b41d2SMark Murray 556511b41d2SMark Murray /* Process any channel events. */ 557511b41d2SMark Murray channel_after_select(&readset, &writeset); 558511b41d2SMark Murray 559511b41d2SMark Murray /* Process input from the client and from program stdout/stderr. */ 560511b41d2SMark Murray process_input(&readset); 561511b41d2SMark Murray 562511b41d2SMark Murray /* Process output to the client and to program stdin. */ 563511b41d2SMark Murray process_output(&writeset); 564511b41d2SMark Murray } 565511b41d2SMark Murray 566511b41d2SMark Murray quit: 567511b41d2SMark Murray /* Cleanup and termination code. */ 568511b41d2SMark Murray 569511b41d2SMark Murray /* Wait until all output has been sent to the client. */ 570511b41d2SMark Murray drain_output(); 571511b41d2SMark Murray 572511b41d2SMark Murray debug("End of interactive session; stdin %ld, stdout (read %ld, sent %ld), stderr %ld bytes.", 573511b41d2SMark Murray stdin_bytes, fdout_bytes, stdout_bytes, stderr_bytes); 574511b41d2SMark Murray 575511b41d2SMark Murray /* Free and clear the buffers. */ 576511b41d2SMark Murray buffer_free(&stdin_buffer); 577511b41d2SMark Murray buffer_free(&stdout_buffer); 578511b41d2SMark Murray buffer_free(&stderr_buffer); 579511b41d2SMark Murray 580511b41d2SMark Murray /* Close the file descriptors. */ 581511b41d2SMark Murray if (fdout != -1) 582511b41d2SMark Murray close(fdout); 583511b41d2SMark Murray fdout = -1; 584511b41d2SMark Murray fdout_eof = 1; 585511b41d2SMark Murray if (fderr != -1) 586511b41d2SMark Murray close(fderr); 587511b41d2SMark Murray fderr = -1; 588511b41d2SMark Murray fderr_eof = 1; 589511b41d2SMark Murray if (fdin != -1) 590511b41d2SMark Murray close(fdin); 591511b41d2SMark Murray fdin = -1; 592511b41d2SMark Murray 593511b41d2SMark Murray /* Stop listening for channels; this removes unix domain sockets. */ 594511b41d2SMark Murray channel_stop_listening(); 595511b41d2SMark Murray 596511b41d2SMark Murray /* Wait for the child to exit. Get its exit status. */ 597511b41d2SMark Murray wait_pid = wait(&wait_status); 598511b41d2SMark Murray if (wait_pid < 0) { 599511b41d2SMark Murray /* 600511b41d2SMark Murray * It is possible that the wait was handled by SIGCHLD 601511b41d2SMark Murray * handler. This may result in either: this call 602511b41d2SMark Murray * returning with EINTR, or: this call returning ECHILD. 603511b41d2SMark Murray */ 604511b41d2SMark Murray if (child_terminated) 605511b41d2SMark Murray wait_status = child_wait_status; 606511b41d2SMark Murray else 607511b41d2SMark Murray packet_disconnect("wait: %.100s", strerror(errno)); 608511b41d2SMark Murray } else { 609511b41d2SMark Murray /* Check if it matches the process we forked. */ 610511b41d2SMark Murray if (wait_pid != pid) 611511b41d2SMark Murray error("Strange, wait returned pid %d, expected %d", 612511b41d2SMark Murray wait_pid, pid); 613511b41d2SMark Murray } 614511b41d2SMark Murray 615511b41d2SMark Murray /* We no longer want our SIGCHLD handler to be called. */ 616511b41d2SMark Murray signal(SIGCHLD, SIG_DFL); 617511b41d2SMark Murray 618511b41d2SMark Murray /* Check if it exited normally. */ 619511b41d2SMark Murray if (WIFEXITED(wait_status)) { 620511b41d2SMark Murray /* Yes, normal exit. Get exit status and send it to the client. */ 621511b41d2SMark Murray debug("Command exited with status %d.", WEXITSTATUS(wait_status)); 622511b41d2SMark Murray packet_start(SSH_SMSG_EXITSTATUS); 623511b41d2SMark Murray packet_put_int(WEXITSTATUS(wait_status)); 624511b41d2SMark Murray packet_send(); 625511b41d2SMark Murray packet_write_wait(); 626511b41d2SMark Murray 627511b41d2SMark Murray /* 628511b41d2SMark Murray * Wait for exit confirmation. Note that there might be 629511b41d2SMark Murray * other packets coming before it; however, the program has 630511b41d2SMark Murray * already died so we just ignore them. The client is 631511b41d2SMark Murray * supposed to respond with the confirmation when it receives 632511b41d2SMark Murray * the exit status. 633511b41d2SMark Murray */ 634511b41d2SMark Murray do { 635511b41d2SMark Murray int plen; 636511b41d2SMark Murray type = packet_read(&plen); 637511b41d2SMark Murray } 638511b41d2SMark Murray while (type != SSH_CMSG_EXIT_CONFIRMATION); 639511b41d2SMark Murray 640511b41d2SMark Murray debug("Received exit confirmation."); 641511b41d2SMark Murray return; 642511b41d2SMark Murray } 643511b41d2SMark Murray /* Check if the program terminated due to a signal. */ 644511b41d2SMark Murray if (WIFSIGNALED(wait_status)) 645511b41d2SMark Murray packet_disconnect("Command terminated on signal %d.", 646511b41d2SMark Murray WTERMSIG(wait_status)); 647511b41d2SMark Murray 648511b41d2SMark Murray /* Some weird exit cause. Just exit. */ 649511b41d2SMark Murray packet_disconnect("wait returned status %04x.", wait_status); 650511b41d2SMark Murray /* NOTREACHED */ 651511b41d2SMark Murray } 652