blob: bf70a8f215b6bd8691011058a205d7e8813242a7 [file] [log] [blame]
Damien Millere4340be2000-09-16 13:29:08 +11001/*
2 * Author: Tatu Ylonen <ylo@cs.hut.fi>
3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4 * All rights reserved
5 *
6 * As far as I am concerned, the code I have written for this software
7 * can be used freely for any purpose. Any derived versions of this
8 * software must be clearly marked as such, and if the derived work is
9 * incompatible with the protocol description in the RFC file, it must be
10 * called by a name other than "ssh" or "Secure Shell".
11 */
12/*
13 * Copyright (c) 2000 Markus Friedl. All rights reserved.
14 *
15 * Redistribution and use in source and binary forms, with or without
16 * modification, are permitted provided that the following conditions
17 * are met:
18 * 1. Redistributions of source code must retain the above copyright
19 * notice, this list of conditions and the following disclaimer.
20 * 2. Redistributions in binary form must reproduce the above copyright
21 * notice, this list of conditions and the following disclaimer in the
22 * documentation and/or other materials provided with the distribution.
23 *
24 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
25 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
26 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
27 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
28 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
29 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
30 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
31 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
32 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
33 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
34 */
Ben Lindstrom5744dc42001-04-13 23:28:01 +000035/* RCSID("$OpenBSD: channels.h,v 1.31 2001/04/13 22:46:53 beck Exp $"); */
Damien Millerd4a8b7e1999-10-27 13:42:43 +100036
37#ifndef CHANNELS_H
38#define CHANNELS_H
39
Ben Lindstrom7bb8b492001-03-17 00:47:54 +000040#include "buffer.h"
41
Damien Millerd4a8b7e1999-10-27 13:42:43 +100042/* Definitions for channel types. */
Damien Miller5428f641999-11-25 11:54:57 +110043#define SSH_CHANNEL_FREE 0 /* This channel is free (unused). */
44#define SSH_CHANNEL_X11_LISTENER 1 /* Listening for inet X11 conn. */
Damien Miller95def091999-11-25 00:26:21 +110045#define SSH_CHANNEL_PORT_LISTENER 2 /* Listening on a port. */
46#define SSH_CHANNEL_OPENING 3 /* waiting for confirmation */
47#define SSH_CHANNEL_OPEN 4 /* normal open two-way channel */
Damien Miller5428f641999-11-25 11:54:57 +110048#define SSH_CHANNEL_CLOSED 5 /* waiting for close confirmation */
Damien Millerb38eff82000-04-01 11:09:21 +100049#define SSH_CHANNEL_AUTH_SOCKET 6 /* authentication socket */
50#define SSH_CHANNEL_X11_OPEN 7 /* reading first X11 packet */
51#define SSH_CHANNEL_INPUT_DRAINING 8 /* sending remaining data to conn */
52#define SSH_CHANNEL_OUTPUT_DRAINING 9 /* sending remaining data to app */
53#define SSH_CHANNEL_LARVAL 10 /* larval session */
Damien Miller0bc1bd82000-11-13 22:57:25 +110054#define SSH_CHANNEL_RPORT_LISTENER 11 /* Listening to a R-style port */
Ben Lindstrom7ad97102000-12-06 01:42:49 +000055#define SSH_CHANNEL_CONNECTING 12
Ben Lindstrom3bb4f9d2001-04-08 18:30:26 +000056#define SSH_CHANNEL_DYNAMIC 13
57#define SSH_CHANNEL_MAX_TYPE 14
Damien Millerd4a8b7e1999-10-27 13:42:43 +100058
Damien Miller5428f641999-11-25 11:54:57 +110059/*
60 * Data structure for channel data. This is iniailized in channel_allocate
61 * and cleared in channel_free.
62 */
Damien Millerad833b32000-08-23 10:46:23 +100063struct Channel;
64typedef struct Channel Channel;
Damien Millerd4a8b7e1999-10-27 13:42:43 +100065
Damien Millerad833b32000-08-23 10:46:23 +100066typedef void channel_callback_fn(int id, void *arg);
67typedef int channel_filter_fn(struct Channel *c, char *buf, int len);
68
69struct Channel {
Damien Miller95def091999-11-25 00:26:21 +110070 int type; /* channel type/state */
71 int self; /* my own channel identifier */
72 int remote_id; /* channel identifier for remote peer */
73 /* peer can be reached over encrypted connection, via packet-sent */
74 int istate; /* input from channel (state of receive half) */
75 int ostate; /* output to channel (state of transmit half) */
Damien Miller33b13562000-04-04 14:38:59 +100076 int flags; /* close sent/rcvd */
Damien Millerb38eff82000-04-01 11:09:21 +100077 int rfd; /* read fd */
78 int wfd; /* write fd */
79 int efd; /* extended fd */
80 int sock; /* sock fd */
Damien Miller79438cc2001-02-16 12:34:57 +110081 int isatty; /* rfd is a tty */
Damien Miller95def091999-11-25 00:26:21 +110082 Buffer input; /* data read from socket, to be sent over
83 * encrypted connection */
84 Buffer output; /* data received over encrypted connection for
85 * send on socket */
Damien Millerb38eff82000-04-01 11:09:21 +100086 Buffer extended;
Damien Miller95def091999-11-25 00:26:21 +110087 char path[200]; /* path for unix domain sockets, or host name
88 * for forwards */
89 int listening_port; /* port being listened for forwards */
90 int host_port; /* remote port to connect for forwards */
91 char *remote_name; /* remote hostname */
Damien Millerb38eff82000-04-01 11:09:21 +100092
93 int remote_window;
94 int remote_maxpacket;
95 int local_window;
96 int local_window_max;
97 int local_consumed;
98 int local_maxpacket;
99 int extended_usage;
100
101 char *ctype; /* type */
102
Damien Millere247cc42000-05-07 12:03:14 +1000103 /* callback */
Damien Millerb38eff82000-04-01 11:09:21 +1000104 channel_callback_fn *cb_fn;
105 void *cb_arg;
106 int cb_event;
107 channel_callback_fn *dettach_user;
Damien Millerad833b32000-08-23 10:46:23 +1000108
109 /* filter */
110 channel_filter_fn *input_filter;
111};
Damien Millerb38eff82000-04-01 11:09:21 +1000112
113#define CHAN_EXTENDED_IGNORE 0
114#define CHAN_EXTENDED_READ 1
115#define CHAN_EXTENDED_WRITE 2
116
Damien Millere4340be2000-09-16 13:29:08 +1100117/* default window/packet sizes for tcp/x11-fwd-channel */
118#define CHAN_SES_WINDOW_DEFAULT (32*1024)
119#define CHAN_SES_PACKET_DEFAULT (CHAN_SES_WINDOW_DEFAULT/2)
120#define CHAN_TCP_WINDOW_DEFAULT (32*1024)
121#define CHAN_TCP_PACKET_DEFAULT (CHAN_TCP_WINDOW_DEFAULT/2)
122#define CHAN_X11_WINDOW_DEFAULT (4*1024)
123#define CHAN_X11_PACKET_DEFAULT (CHAN_X11_WINDOW_DEFAULT/2)
124
125
Damien Millerb38eff82000-04-01 11:09:21 +1000126void channel_open(int id);
Damien Miller33b13562000-04-04 14:38:59 +1000127void channel_request(int id, char *service, int wantconfirm);
128void channel_request_start(int id, char *service, int wantconfirm);
129void channel_register_callback(int id, int mtype, channel_callback_fn *fn, void *arg);
130void channel_register_cleanup(int id, channel_callback_fn *fn);
Damien Millerad833b32000-08-23 10:46:23 +1000131void channel_register_filter(int id, channel_filter_fn *fn);
Damien Miller33b13562000-04-04 14:38:59 +1000132void channel_cancel_cleanup(int id);
Damien Millerb38eff82000-04-01 11:09:21 +1000133Channel *channel_lookup(int id);
134
135int
136channel_new(char *ctype, int type, int rfd, int wfd, int efd,
Damien Miller69b69aa2000-10-28 14:19:58 +1100137 int window, int maxpack, int extended_usage, char *remote_name,
138 int nonblock);
139void
140channel_set_fds(int id, int rfd, int wfd, int efd,
141 int extusage, int nonblock);
142
143void deny_input_open(int type, int plen, void *ctxt);
Damien Millerb38eff82000-04-01 11:09:21 +1000144
Damien Miller62cee002000-09-23 17:15:56 +1100145void channel_input_channel_request(int type, int plen, void *ctxt);
146void channel_input_close(int type, int plen, void *ctxt);
147void channel_input_close_confirmation(int type, int plen, void *ctxt);
148void channel_input_data(int type, int plen, void *ctxt);
149void channel_input_extended_data(int type, int plen, void *ctxt);
150void channel_input_ieof(int type, int plen, void *ctxt);
151void channel_input_oclose(int type, int plen, void *ctxt);
152void channel_input_open_confirmation(int type, int plen, void *ctxt);
153void channel_input_open_failure(int type, int plen, void *ctxt);
154void channel_input_port_open(int type, int plen, void *ctxt);
155void channel_input_window_adjust(int type, int plen, void *ctxt);
Damien Millerb38eff82000-04-01 11:09:21 +1000156
157/* Sets specific protocol options. */
158void channel_set_options(int hostname_in_open);
159
160/*
161 * Allocate a new channel object and set its type and socket. Remote_name
162 * must have been allocated with xmalloc; this will free it when the channel
163 * is freed.
164 */
165int channel_allocate(int type, int sock, char *remote_name);
166
167/* Free the channel and close its socket. */
168void channel_free(int channel);
169
Damien Miller5e953212001-01-30 09:14:00 +1100170/*
171 * Allocate/update select bitmasks and add any bits relevant to channels in
172 * select bitmasks.
173 */
174void
Ben Lindstrombe2cc432001-04-04 23:46:07 +0000175channel_prepare_select(fd_set **readsetp, fd_set **writesetp, int *maxfdp,
176 int rekeying);
Damien Millerb38eff82000-04-01 11:09:21 +1000177
178/*
179 * After select, perform any appropriate operations for channels which have
180 * events pending.
181 */
182void channel_after_select(fd_set * readset, fd_set * writeset);
183
184/* If there is data to send to the connection, send some of it now. */
185void channel_output_poll(void);
186
187/* Returns true if no channel has too much buffered data. */
188int channel_not_very_much_buffered_data(void);
189
190/* This closes any sockets that are listening for connections; this removes
191 any unix domain sockets. */
192void channel_stop_listening(void);
193
194/*
195 * Closes the sockets of all channels. This is used to close extra file
196 * descriptors after a fork.
197 */
198void channel_close_all(void);
199
Damien Millerb38eff82000-04-01 11:09:21 +1000200/* Returns true if there is still an open channel over the connection. */
201int channel_still_open(void);
202
203/*
204 * Returns a string containing a list of all open channels. The list is
205 * suitable for displaying to the user. It uses crlf instead of newlines.
206 * The caller should free the string with xfree.
207 */
208char *channel_open_message(void);
209
210/*
211 * Initiate forwarding of connections to local port "port" through the secure
Damien Miller0bc1bd82000-11-13 22:57:25 +1100212 * channel to host:port from remote side.
Damien Millerb38eff82000-04-01 11:09:21 +1000213 */
Kevin Steves12057502001-02-05 14:54:34 +0000214int
Damien Miller0bc1bd82000-11-13 22:57:25 +1100215channel_request_local_forwarding(u_short listen_port,
216 const char *host_to_connect, u_short port_to_connect, int gateway_ports);
Kevin Steves12057502001-02-05 14:54:34 +0000217int
Damien Miller0bc1bd82000-11-13 22:57:25 +1100218channel_request_forwarding(const char *listen_address, u_short listen_port,
219 const char *host_to_connect, u_short port_to_connect, int gateway_ports,
220 int remote_fwd);
Damien Millerb38eff82000-04-01 11:09:21 +1000221
222/*
223 * Initiate forwarding of connections to port "port" on remote host through
224 * the secure channel to host:port from local side. This never returns if
225 * there was an error. This registers that open requests for that port are
226 * permitted.
227 */
Damien Miller4af51302000-04-16 11:18:38 +1000228void
Damien Millerb38eff82000-04-01 11:09:21 +1000229channel_request_remote_forwarding(u_short port, const char *host,
230 u_short remote_port);
231
232/*
Ben Lindstrom7bb8b492001-03-17 00:47:54 +0000233 * Permits opening to any host/port if permitted_opens[] is empty. This is
234 * usually called by the server, because the user could connect to any port
235 * anyway, and the server has no way to know but to trust the client anyway.
Damien Millerb38eff82000-04-01 11:09:21 +1000236 */
237void channel_permit_all_opens(void);
238
Ben Lindstrom7bb8b492001-03-17 00:47:54 +0000239/* Add host/port to list of allowed targets for port forwarding */
240void channel_add_permitted_opens(char *host, int port);
241
242/* Flush list */
243void channel_clear_permitted_opens(void);
244
Damien Millerb38eff82000-04-01 11:09:21 +1000245/*
246 * This is called after receiving CHANNEL_FORWARDING_REQUEST. This initates
247 * listening for the port, and sends back a success reply (or disconnect
248 * message if there was an error). This never returns if there was an error.
249 */
Damien Millere247cc42000-05-07 12:03:14 +1000250void channel_input_port_forward_request(int is_root, int gateway_ports);
Damien Millerb38eff82000-04-01 11:09:21 +1000251
252/*
253 * Creates a port for X11 connections, and starts listening for it. Returns
254 * the display name, or NULL if an error was encountered.
255 */
256char *x11_create_display(int screen);
257
258/*
259 * Creates an internet domain socket for listening for X11 connections.
260 * Returns a suitable value for the DISPLAY variable, or NULL if an error
261 * occurs.
262 */
263char *x11_create_display_inet(int screen, int x11_display_offset);
264
265/*
266 * This is called when SSH_SMSG_X11_OPEN is received. The packet contains
267 * the remote channel number. We should do whatever we want, and respond
268 * with either SSH_MSG_OPEN_CONFIRMATION or SSH_MSG_OPEN_FAILURE.
269 */
Damien Miller62cee002000-09-23 17:15:56 +1100270void x11_input_open(int type, int plen, void *ctxt);
Damien Millerb38eff82000-04-01 11:09:21 +1000271
272/*
273 * Requests forwarding of X11 connections. This should be called on the
274 * client only.
275 */
276void x11_request_forwarding(void);
277
278/*
279 * Requests forwarding for X11 connections, with authentication spoofing.
280 * This should be called in the client only.
281 */
Damien Millerbd483e72000-04-30 10:00:53 +1000282void
283x11_request_forwarding_with_spoofing(int client_session_id,
284 const char *proto, const char *data);
Damien Millerb38eff82000-04-01 11:09:21 +1000285
286/* Sends a message to the server to request authentication fd forwarding. */
287void auth_request_forwarding(void);
288
289/*
290 * Returns the name of the forwarded authentication socket. Returns NULL if
291 * there is no forwarded authentication socket. The returned value points to
292 * a static buffer.
293 */
294char *auth_get_socket_name(void);
295
296/*
Damien Millerd3a18572000-06-07 19:55:44 +1000297 * This is called to process SSH_CMSG_AGENT_REQUEST_FORWARDING on the server.
Damien Millerb38eff82000-04-01 11:09:21 +1000298 * This starts forwarding authentication requests.
299 */
Damien Millerd3a18572000-06-07 19:55:44 +1000300int auth_input_request_forwarding(struct passwd * pw);
Damien Millerb38eff82000-04-01 11:09:21 +1000301
302/* This is called to process an SSH_SMSG_AGENT_OPEN message. */
Damien Miller62cee002000-09-23 17:15:56 +1100303void auth_input_open_request(int type, int plen, void *ctxt);
Damien Millerb38eff82000-04-01 11:09:21 +1000304
Damien Miller33b13562000-04-04 14:38:59 +1000305/* XXX */
306int channel_connect_to(const char *host, u_short host_port);
Damien Miller0bc1bd82000-11-13 22:57:25 +1100307int channel_connect_by_listen_adress(u_short listen_port);
Damien Millerbd483e72000-04-30 10:00:53 +1000308int x11_connect_display(void);
Damien Miller33b13562000-04-04 14:38:59 +1000309
Ben Lindstrom5744dc42001-04-13 23:28:01 +0000310int channel_find_open(void);
311
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000312#endif