channels.h revision 76262
165668Skris/* 265668Skris * Author: Tatu Ylonen <ylo@cs.hut.fi> 365668Skris * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 465668Skris * All rights reserved 565668Skris * 665668Skris * As far as I am concerned, the code I have written for this software 765668Skris * can be used freely for any purpose. Any derived versions of this 865668Skris * software must be clearly marked as such, and if the derived work is 965668Skris * incompatible with the protocol description in the RFC file, it must be 1065668Skris * called by a name other than "ssh" or "Secure Shell". 1165668Skris */ 1265668Skris/* 1365668Skris * Copyright (c) 2000 Markus Friedl. All rights reserved. 1465668Skris * 1565668Skris * Redistribution and use in source and binary forms, with or without 1665668Skris * modification, are permitted provided that the following conditions 1765668Skris * are met: 1865668Skris * 1. Redistributions of source code must retain the above copyright 1965668Skris * notice, this list of conditions and the following disclaimer. 2065668Skris * 2. Redistributions in binary form must reproduce the above copyright 2165668Skris * notice, this list of conditions and the following disclaimer in the 2265668Skris * documentation and/or other materials provided with the distribution. 2365668Skris * 2465668Skris * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 2565668Skris * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 2665668Skris * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 2765668Skris * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 2865668Skris * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 2965668Skris * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 3065668Skris * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 3165668Skris * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 3265668Skris * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 3365668Skris * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 3465668Skris */ 3576262Sgreen/* RCSID("$OpenBSD: channels.h,v 1.31 2001/04/13 22:46:53 beck Exp $"); */ 3674500Sgreen/* RCSID("$FreeBSD: head/crypto/openssh/channels.h 76262 2001-05-04 04:14:23Z green $"); */ 3757429Smarkm 3857429Smarkm#ifndef CHANNELS_H 3957429Smarkm#define CHANNELS_H 4057429Smarkm 4176262Sgreen#include "buffer.h" 4276262Sgreen 4357429Smarkm/* Definitions for channel types. */ 4457429Smarkm#define SSH_CHANNEL_FREE 0 /* This channel is free (unused). */ 4557429Smarkm#define SSH_CHANNEL_X11_LISTENER 1 /* Listening for inet X11 conn. */ 4657429Smarkm#define SSH_CHANNEL_PORT_LISTENER 2 /* Listening on a port. */ 4757429Smarkm#define SSH_CHANNEL_OPENING 3 /* waiting for confirmation */ 4857429Smarkm#define SSH_CHANNEL_OPEN 4 /* normal open two-way channel */ 4957429Smarkm#define SSH_CHANNEL_CLOSED 5 /* waiting for close confirmation */ 5060573Skris#define SSH_CHANNEL_AUTH_SOCKET 6 /* authentication socket */ 5160573Skris#define SSH_CHANNEL_X11_OPEN 7 /* reading first X11 packet */ 5260573Skris#define SSH_CHANNEL_INPUT_DRAINING 8 /* sending remaining data to conn */ 5360573Skris#define SSH_CHANNEL_OUTPUT_DRAINING 9 /* sending remaining data to app */ 5460573Skris#define SSH_CHANNEL_LARVAL 10 /* larval session */ 5576262Sgreen#define SSH_CHANNEL_RPORT_LISTENER 11 /* Listening to a R-style port */ 5676262Sgreen#define SSH_CHANNEL_CONNECTING 12 5776262Sgreen#define SSH_CHANNEL_DYNAMIC 13 5876262Sgreen#define SSH_CHANNEL_MAX_TYPE 14 5957429Smarkm 6057429Smarkm/* 6157429Smarkm * Data structure for channel data. This is iniailized in channel_allocate 6257429Smarkm * and cleared in channel_free. 6357429Smarkm */ 6465668Skrisstruct Channel; 6565668Skristypedef struct Channel Channel; 6665668Skris 6760573Skristypedef void channel_callback_fn(int id, void *arg); 6865668Skristypedef int channel_filter_fn(struct Channel *c, char *buf, int len); 6957429Smarkm 7065668Skrisstruct Channel { 7157429Smarkm int type; /* channel type/state */ 7257429Smarkm int self; /* my own channel identifier */ 7357429Smarkm int remote_id; /* channel identifier for remote peer */ 7457429Smarkm /* peer can be reached over encrypted connection, via packet-sent */ 7557429Smarkm int istate; /* input from channel (state of receive half) */ 7657429Smarkm int ostate; /* output to channel (state of transmit half) */ 7760573Skris int flags; /* close sent/rcvd */ 7860573Skris int rfd; /* read fd */ 7960573Skris int wfd; /* write fd */ 8060573Skris int efd; /* extended fd */ 8160573Skris int sock; /* sock fd */ 8274500Sgreen int isatty; /* rfd is a tty */ 8357429Smarkm Buffer input; /* data read from socket, to be sent over 8457429Smarkm * encrypted connection */ 8557429Smarkm Buffer output; /* data received over encrypted connection for 8657429Smarkm * send on socket */ 8760573Skris Buffer extended; 8857429Smarkm char path[200]; /* path for unix domain sockets, or host name 8957429Smarkm * for forwards */ 9057429Smarkm int listening_port; /* port being listened for forwards */ 9157429Smarkm int host_port; /* remote port to connect for forwards */ 9257429Smarkm char *remote_name; /* remote hostname */ 9360573Skris 9460573Skris int remote_window; 9560573Skris int remote_maxpacket; 9660573Skris int local_window; 9760573Skris int local_window_max; 9860573Skris int local_consumed; 9960573Skris int local_maxpacket; 10060573Skris int extended_usage; 10160573Skris 10260573Skris char *ctype; /* type */ 10360573Skris 10460573Skris /* callback */ 10560573Skris channel_callback_fn *cb_fn; 10660573Skris void *cb_arg; 10760573Skris int cb_event; 10860573Skris channel_callback_fn *dettach_user; 10960573Skris 11065668Skris /* filter */ 11165668Skris channel_filter_fn *input_filter; 11265668Skris}; 11365668Skris 11460573Skris#define CHAN_EXTENDED_IGNORE 0 11560573Skris#define CHAN_EXTENDED_READ 1 11660573Skris#define CHAN_EXTENDED_WRITE 2 11760573Skris 11865668Skris/* default window/packet sizes for tcp/x11-fwd-channel */ 11965668Skris#define CHAN_SES_WINDOW_DEFAULT (32*1024) 12065668Skris#define CHAN_SES_PACKET_DEFAULT (CHAN_SES_WINDOW_DEFAULT/2) 12165668Skris#define CHAN_TCP_WINDOW_DEFAULT (32*1024) 12265668Skris#define CHAN_TCP_PACKET_DEFAULT (CHAN_TCP_WINDOW_DEFAULT/2) 12365668Skris#define CHAN_X11_WINDOW_DEFAULT (4*1024) 12465668Skris#define CHAN_X11_PACKET_DEFAULT (CHAN_X11_WINDOW_DEFAULT/2) 12565668Skris 12665668Skris 12760573Skrisvoid channel_open(int id); 12860573Skrisvoid channel_request(int id, char *service, int wantconfirm); 12960573Skrisvoid channel_request_start(int id, char *service, int wantconfirm); 13060573Skrisvoid channel_register_callback(int id, int mtype, channel_callback_fn *fn, void *arg); 13160573Skrisvoid channel_register_cleanup(int id, channel_callback_fn *fn); 13265668Skrisvoid channel_register_filter(int id, channel_filter_fn *fn); 13360573Skrisvoid channel_cancel_cleanup(int id); 13460573SkrisChannel *channel_lookup(int id); 13560573Skris 13660573Skrisint 13760573Skrischannel_new(char *ctype, int type, int rfd, int wfd, int efd, 13869587Sgreen int window, int maxpack, int extended_usage, char *remote_name, 13969587Sgreen int nonblock); 14069587Sgreenvoid 14169587Sgreenchannel_set_fds(int id, int rfd, int wfd, int efd, 14269587Sgreen int extusage, int nonblock); 14360573Skris 14469587Sgreenvoid deny_input_open(int type, int plen, void *ctxt); 14560573Skris 14669587Sgreenvoid channel_input_channel_request(int type, int plen, void *ctxt); 14769587Sgreenvoid channel_input_close(int type, int plen, void *ctxt); 14869587Sgreenvoid channel_input_close_confirmation(int type, int plen, void *ctxt); 14969587Sgreenvoid channel_input_data(int type, int plen, void *ctxt); 15069587Sgreenvoid channel_input_extended_data(int type, int plen, void *ctxt); 15169587Sgreenvoid channel_input_ieof(int type, int plen, void *ctxt); 15269587Sgreenvoid channel_input_oclose(int type, int plen, void *ctxt); 15369587Sgreenvoid channel_input_open_confirmation(int type, int plen, void *ctxt); 15469587Sgreenvoid channel_input_open_failure(int type, int plen, void *ctxt); 15569587Sgreenvoid channel_input_port_open(int type, int plen, void *ctxt); 15669587Sgreenvoid channel_input_window_adjust(int type, int plen, void *ctxt); 15769587Sgreen 15860573Skris/* Sets specific protocol options. */ 15960573Skrisvoid channel_set_options(int hostname_in_open); 16060573Skris 16160573Skris/* 16260573Skris * Allocate a new channel object and set its type and socket. Remote_name 16360573Skris * must have been allocated with xmalloc; this will free it when the channel 16460573Skris * is freed. 16560573Skris */ 16660573Skrisint channel_allocate(int type, int sock, char *remote_name); 16760573Skris 16860573Skris/* Free the channel and close its socket. */ 16960573Skrisvoid channel_free(int channel); 17060573Skris 17176262Sgreen/* 17276262Sgreen * Allocate/update select bitmasks and add any bits relevant to channels in 17376262Sgreen * select bitmasks. 17476262Sgreen */ 17576262Sgreenvoid 17676262Sgreenchannel_prepare_select(fd_set **readsetp, fd_set **writesetp, int *maxfdp, 17776262Sgreen int rekeying); 17860573Skris 17960573Skris/* 18060573Skris * After select, perform any appropriate operations for channels which have 18160573Skris * events pending. 18260573Skris */ 18360573Skrisvoid channel_after_select(fd_set * readset, fd_set * writeset); 18460573Skris 18560573Skris/* If there is data to send to the connection, send some of it now. */ 18660573Skrisvoid channel_output_poll(void); 18760573Skris 18860573Skris/* Returns true if no channel has too much buffered data. */ 18960573Skrisint channel_not_very_much_buffered_data(void); 19060573Skris 19160573Skris/* This closes any sockets that are listening for connections; this removes 19260573Skris any unix domain sockets. */ 19360573Skrisvoid channel_stop_listening(void); 19460573Skris 19560573Skris/* 19660573Skris * Closes the sockets of all channels. This is used to close extra file 19760573Skris * descriptors after a fork. 19860573Skris */ 19960573Skrisvoid channel_close_all(void); 20060573Skris 20160573Skris/* Returns true if there is still an open channel over the connection. */ 20260573Skrisint channel_still_open(void); 20360573Skris 20460573Skris/* 20560573Skris * Returns a string containing a list of all open channels. The list is 20660573Skris * suitable for displaying to the user. It uses crlf instead of newlines. 20760573Skris * The caller should free the string with xfree. 20860573Skris */ 20960573Skrischar *channel_open_message(void); 21060573Skris 21160573Skris/* 21260573Skris * Initiate forwarding of connections to local port "port" through the secure 21376262Sgreen * channel to host:port from remote side. 21460573Skris */ 21576262Sgreenint 21676262Sgreenchannel_request_local_forwarding(u_short listen_port, 21776262Sgreen const char *host_to_connect, u_short port_to_connect, int gateway_ports); 21876262Sgreenint 21976262Sgreenchannel_request_forwarding(const char *listen_address, u_short listen_port, 22076262Sgreen const char *host_to_connect, u_short port_to_connect, int gateway_ports, 22176262Sgreen int remote_fwd); 22260573Skris 22360573Skris/* 22460573Skris * Initiate forwarding of connections to port "port" on remote host through 22560573Skris * the secure channel to host:port from local side. This never returns if 22660573Skris * there was an error. This registers that open requests for that port are 22760573Skris * permitted. 22860573Skris */ 22960573Skrisvoid 23060573Skrischannel_request_remote_forwarding(u_short port, const char *host, 23160573Skris u_short remote_port); 23260573Skris 23360573Skris/* 23476262Sgreen * Permits opening to any host/port if permitted_opens[] is empty. This is 23576262Sgreen * usually called by the server, because the user could connect to any port 23676262Sgreen * anyway, and the server has no way to know but to trust the client anyway. 23760573Skris */ 23860573Skrisvoid channel_permit_all_opens(void); 23960573Skris 24076262Sgreen/* Add host/port to list of allowed targets for port forwarding */ 24176262Sgreenvoid channel_add_permitted_opens(char *host, int port); 24276262Sgreen 24376262Sgreen/* Flush list */ 24476262Sgreenvoid channel_clear_permitted_opens(void); 24576262Sgreen 24660573Skris/* 24760573Skris * This is called after receiving CHANNEL_FORWARDING_REQUEST. This initates 24860573Skris * listening for the port, and sends back a success reply (or disconnect 24960573Skris * message if there was an error). This never returns if there was an error. 25060573Skris */ 25160573Skrisvoid channel_input_port_forward_request(int is_root, int gateway_ports); 25260573Skris 25360573Skris/* 25460573Skris * Creates a port for X11 connections, and starts listening for it. Returns 25560573Skris * the display name, or NULL if an error was encountered. 25660573Skris */ 25760573Skrischar *x11_create_display(int screen); 25860573Skris 25960573Skris/* 26060573Skris * Creates an internet domain socket for listening for X11 connections. 26160573Skris * Returns a suitable value for the DISPLAY variable, or NULL if an error 26260573Skris * occurs. 26360573Skris */ 26460573Skrischar *x11_create_display_inet(int screen, int x11_display_offset); 26560573Skris 26660573Skris/* 26760573Skris * This is called when SSH_SMSG_X11_OPEN is received. The packet contains 26860573Skris * the remote channel number. We should do whatever we want, and respond 26960573Skris * with either SSH_MSG_OPEN_CONFIRMATION or SSH_MSG_OPEN_FAILURE. 27060573Skris */ 27169587Sgreenvoid x11_input_open(int type, int plen, void *ctxt); 27260573Skris 27360573Skris/* 27460573Skris * Requests forwarding of X11 connections. This should be called on the 27560573Skris * client only. 27660573Skris */ 27760573Skrisvoid x11_request_forwarding(void); 27860573Skris 27960573Skris/* 28060573Skris * Requests forwarding for X11 connections, with authentication spoofing. 28160573Skris * This should be called in the client only. 28260573Skris */ 28360573Skrisvoid 28460573Skrisx11_request_forwarding_with_spoofing(int client_session_id, 28560573Skris const char *proto, const char *data); 28660573Skris 28760573Skris/* Sends a message to the server to request authentication fd forwarding. */ 28860573Skrisvoid auth_request_forwarding(void); 28960573Skris 29060573Skris/* 29160573Skris * Returns the name of the forwarded authentication socket. Returns NULL if 29260573Skris * there is no forwarded authentication socket. The returned value points to 29360573Skris * a static buffer. 29460573Skris */ 29560573Skrischar *auth_get_socket_name(void); 29660573Skris 29760573Skris/* 29861199Skris * This is called to process SSH_CMSG_AGENT_REQUEST_FORWARDING on the server. 29960573Skris * This starts forwarding authentication requests. 30060573Skris */ 30161199Skrisint auth_input_request_forwarding(struct passwd * pw); 30260573Skris 30360573Skris/* This is called to process an SSH_SMSG_AGENT_OPEN message. */ 30469587Sgreenvoid auth_input_open_request(int type, int plen, void *ctxt); 30560573Skris 30660573Skris/* XXX */ 30760573Skrisint channel_connect_to(const char *host, u_short host_port); 30876262Sgreenint channel_connect_by_listen_adress(u_short listen_port); 30960573Skrisint x11_connect_display(void); 31060573Skris 31176262Sgreenint channel_find_open(void); 31276262Sgreen 31357429Smarkm#endif 314