blob: 2cd82148e55259824403ca88a2eb1b31e64b0019 [file] [log] [blame]
Damien Millere4340be2000-09-16 13:29:08 +11001/*
2 * Author: Tatu Ylonen <ylo@cs.hut.fi>
3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4 * All rights reserved
5 *
6 * As far as I am concerned, the code I have written for this software
7 * can be used freely for any purpose. Any derived versions of this
8 * software must be clearly marked as such, and if the derived work is
9 * incompatible with the protocol description in the RFC file, it must be
10 * called by a name other than "ssh" or "Secure Shell".
11 */
12/*
13 * Copyright (c) 2000 Markus Friedl. All rights reserved.
14 *
15 * Redistribution and use in source and binary forms, with or without
16 * modification, are permitted provided that the following conditions
17 * are met:
18 * 1. Redistributions of source code must retain the above copyright
19 * notice, this list of conditions and the following disclaimer.
20 * 2. Redistributions in binary form must reproduce the above copyright
21 * notice, this list of conditions and the following disclaimer in the
22 * documentation and/or other materials provided with the distribution.
23 *
24 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
25 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
26 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
27 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
28 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
29 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
30 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
31 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
32 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
33 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
34 */
Ben Lindstrombe2cc432001-04-04 23:46:07 +000035/* RCSID("$OpenBSD: channels.h,v 1.29 2001/04/04 20:25:36 markus Exp $"); */
Damien Millerd4a8b7e1999-10-27 13:42:43 +100036
37#ifndef CHANNELS_H
38#define CHANNELS_H
39
Ben Lindstrom7bb8b492001-03-17 00:47:54 +000040#include "buffer.h"
41
Damien Millerd4a8b7e1999-10-27 13:42:43 +100042/* Definitions for channel types. */
Damien Miller5428f641999-11-25 11:54:57 +110043#define SSH_CHANNEL_FREE 0 /* This channel is free (unused). */
44#define SSH_CHANNEL_X11_LISTENER 1 /* Listening for inet X11 conn. */
Damien Miller95def091999-11-25 00:26:21 +110045#define SSH_CHANNEL_PORT_LISTENER 2 /* Listening on a port. */
46#define SSH_CHANNEL_OPENING 3 /* waiting for confirmation */
47#define SSH_CHANNEL_OPEN 4 /* normal open two-way channel */
Damien Miller5428f641999-11-25 11:54:57 +110048#define SSH_CHANNEL_CLOSED 5 /* waiting for close confirmation */
Damien Millerb38eff82000-04-01 11:09:21 +100049#define SSH_CHANNEL_AUTH_SOCKET 6 /* authentication socket */
50#define SSH_CHANNEL_X11_OPEN 7 /* reading first X11 packet */
51#define SSH_CHANNEL_INPUT_DRAINING 8 /* sending remaining data to conn */
52#define SSH_CHANNEL_OUTPUT_DRAINING 9 /* sending remaining data to app */
53#define SSH_CHANNEL_LARVAL 10 /* larval session */
Damien Miller0bc1bd82000-11-13 22:57:25 +110054#define SSH_CHANNEL_RPORT_LISTENER 11 /* Listening to a R-style port */
Ben Lindstrom7ad97102000-12-06 01:42:49 +000055#define SSH_CHANNEL_CONNECTING 12
56#define SSH_CHANNEL_MAX_TYPE 13
Damien Millerd4a8b7e1999-10-27 13:42:43 +100057
Damien Miller5428f641999-11-25 11:54:57 +110058/*
59 * Data structure for channel data. This is iniailized in channel_allocate
60 * and cleared in channel_free.
61 */
Damien Millerad833b32000-08-23 10:46:23 +100062struct Channel;
63typedef struct Channel Channel;
Damien Millerd4a8b7e1999-10-27 13:42:43 +100064
Damien Millerad833b32000-08-23 10:46:23 +100065typedef void channel_callback_fn(int id, void *arg);
66typedef int channel_filter_fn(struct Channel *c, char *buf, int len);
67
68struct Channel {
Damien Miller95def091999-11-25 00:26:21 +110069 int type; /* channel type/state */
70 int self; /* my own channel identifier */
71 int remote_id; /* channel identifier for remote peer */
72 /* peer can be reached over encrypted connection, via packet-sent */
73 int istate; /* input from channel (state of receive half) */
74 int ostate; /* output to channel (state of transmit half) */
Damien Miller33b13562000-04-04 14:38:59 +100075 int flags; /* close sent/rcvd */
Damien Millerb38eff82000-04-01 11:09:21 +100076 int rfd; /* read fd */
77 int wfd; /* write fd */
78 int efd; /* extended fd */
79 int sock; /* sock fd */
Damien Miller79438cc2001-02-16 12:34:57 +110080 int isatty; /* rfd is a tty */
Damien Miller95def091999-11-25 00:26:21 +110081 Buffer input; /* data read from socket, to be sent over
82 * encrypted connection */
83 Buffer output; /* data received over encrypted connection for
84 * send on socket */
Damien Millerb38eff82000-04-01 11:09:21 +100085 Buffer extended;
Damien Miller95def091999-11-25 00:26:21 +110086 char path[200]; /* path for unix domain sockets, or host name
87 * for forwards */
88 int listening_port; /* port being listened for forwards */
89 int host_port; /* remote port to connect for forwards */
90 char *remote_name; /* remote hostname */
Damien Millerb38eff82000-04-01 11:09:21 +100091
92 int remote_window;
93 int remote_maxpacket;
94 int local_window;
95 int local_window_max;
96 int local_consumed;
97 int local_maxpacket;
98 int extended_usage;
99
100 char *ctype; /* type */
101
Damien Millere247cc42000-05-07 12:03:14 +1000102 /* callback */
Damien Millerb38eff82000-04-01 11:09:21 +1000103 channel_callback_fn *cb_fn;
104 void *cb_arg;
105 int cb_event;
106 channel_callback_fn *dettach_user;
Damien Millerad833b32000-08-23 10:46:23 +1000107
108 /* filter */
109 channel_filter_fn *input_filter;
110};
Damien Millerb38eff82000-04-01 11:09:21 +1000111
112#define CHAN_EXTENDED_IGNORE 0
113#define CHAN_EXTENDED_READ 1
114#define CHAN_EXTENDED_WRITE 2
115
Damien Millere4340be2000-09-16 13:29:08 +1100116/* default window/packet sizes for tcp/x11-fwd-channel */
117#define CHAN_SES_WINDOW_DEFAULT (32*1024)
118#define CHAN_SES_PACKET_DEFAULT (CHAN_SES_WINDOW_DEFAULT/2)
119#define CHAN_TCP_WINDOW_DEFAULT (32*1024)
120#define CHAN_TCP_PACKET_DEFAULT (CHAN_TCP_WINDOW_DEFAULT/2)
121#define CHAN_X11_WINDOW_DEFAULT (4*1024)
122#define CHAN_X11_PACKET_DEFAULT (CHAN_X11_WINDOW_DEFAULT/2)
123
124
Damien Millerb38eff82000-04-01 11:09:21 +1000125void channel_open(int id);
Damien Miller33b13562000-04-04 14:38:59 +1000126void channel_request(int id, char *service, int wantconfirm);
127void channel_request_start(int id, char *service, int wantconfirm);
128void channel_register_callback(int id, int mtype, channel_callback_fn *fn, void *arg);
129void channel_register_cleanup(int id, channel_callback_fn *fn);
Damien Millerad833b32000-08-23 10:46:23 +1000130void channel_register_filter(int id, channel_filter_fn *fn);
Damien Miller33b13562000-04-04 14:38:59 +1000131void channel_cancel_cleanup(int id);
Damien Millerb38eff82000-04-01 11:09:21 +1000132Channel *channel_lookup(int id);
133
134int
135channel_new(char *ctype, int type, int rfd, int wfd, int efd,
Damien Miller69b69aa2000-10-28 14:19:58 +1100136 int window, int maxpack, int extended_usage, char *remote_name,
137 int nonblock);
138void
139channel_set_fds(int id, int rfd, int wfd, int efd,
140 int extusage, int nonblock);
141
142void deny_input_open(int type, int plen, void *ctxt);
Damien Millerb38eff82000-04-01 11:09:21 +1000143
Damien Miller62cee002000-09-23 17:15:56 +1100144void channel_input_channel_request(int type, int plen, void *ctxt);
145void channel_input_close(int type, int plen, void *ctxt);
146void channel_input_close_confirmation(int type, int plen, void *ctxt);
147void channel_input_data(int type, int plen, void *ctxt);
148void channel_input_extended_data(int type, int plen, void *ctxt);
149void channel_input_ieof(int type, int plen, void *ctxt);
150void channel_input_oclose(int type, int plen, void *ctxt);
151void channel_input_open_confirmation(int type, int plen, void *ctxt);
152void channel_input_open_failure(int type, int plen, void *ctxt);
153void channel_input_port_open(int type, int plen, void *ctxt);
154void channel_input_window_adjust(int type, int plen, void *ctxt);
Damien Millerb38eff82000-04-01 11:09:21 +1000155
156/* Sets specific protocol options. */
157void channel_set_options(int hostname_in_open);
158
159/*
160 * Allocate a new channel object and set its type and socket. Remote_name
161 * must have been allocated with xmalloc; this will free it when the channel
162 * is freed.
163 */
164int channel_allocate(int type, int sock, char *remote_name);
165
166/* Free the channel and close its socket. */
167void channel_free(int channel);
168
Damien Miller5e953212001-01-30 09:14:00 +1100169/*
170 * Allocate/update select bitmasks and add any bits relevant to channels in
171 * select bitmasks.
172 */
173void
Ben Lindstrombe2cc432001-04-04 23:46:07 +0000174channel_prepare_select(fd_set **readsetp, fd_set **writesetp, int *maxfdp,
175 int rekeying);
Damien Millerb38eff82000-04-01 11:09:21 +1000176
177/*
178 * After select, perform any appropriate operations for channels which have
179 * events pending.
180 */
181void channel_after_select(fd_set * readset, fd_set * writeset);
182
183/* If there is data to send to the connection, send some of it now. */
184void channel_output_poll(void);
185
186/* Returns true if no channel has too much buffered data. */
187int channel_not_very_much_buffered_data(void);
188
189/* This closes any sockets that are listening for connections; this removes
190 any unix domain sockets. */
191void channel_stop_listening(void);
192
193/*
194 * Closes the sockets of all channels. This is used to close extra file
195 * descriptors after a fork.
196 */
197void channel_close_all(void);
198
Damien Millerb38eff82000-04-01 11:09:21 +1000199/* Returns true if there is still an open channel over the connection. */
200int channel_still_open(void);
201
202/*
203 * Returns a string containing a list of all open channels. The list is
204 * suitable for displaying to the user. It uses crlf instead of newlines.
205 * The caller should free the string with xfree.
206 */
207char *channel_open_message(void);
208
209/*
210 * Initiate forwarding of connections to local port "port" through the secure
Damien Miller0bc1bd82000-11-13 22:57:25 +1100211 * channel to host:port from remote side.
Damien Millerb38eff82000-04-01 11:09:21 +1000212 */
Kevin Steves12057502001-02-05 14:54:34 +0000213int
Damien Miller0bc1bd82000-11-13 22:57:25 +1100214channel_request_local_forwarding(u_short listen_port,
215 const char *host_to_connect, u_short port_to_connect, int gateway_ports);
Kevin Steves12057502001-02-05 14:54:34 +0000216int
Damien Miller0bc1bd82000-11-13 22:57:25 +1100217channel_request_forwarding(const char *listen_address, u_short listen_port,
218 const char *host_to_connect, u_short port_to_connect, int gateway_ports,
219 int remote_fwd);
Damien Millerb38eff82000-04-01 11:09:21 +1000220
221/*
222 * Initiate forwarding of connections to port "port" on remote host through
223 * the secure channel to host:port from local side. This never returns if
224 * there was an error. This registers that open requests for that port are
225 * permitted.
226 */
Damien Miller4af51302000-04-16 11:18:38 +1000227void
Damien Millerb38eff82000-04-01 11:09:21 +1000228channel_request_remote_forwarding(u_short port, const char *host,
229 u_short remote_port);
230
231/*
Ben Lindstrom7bb8b492001-03-17 00:47:54 +0000232 * Permits opening to any host/port if permitted_opens[] is empty. This is
233 * usually called by the server, because the user could connect to any port
234 * anyway, and the server has no way to know but to trust the client anyway.
Damien Millerb38eff82000-04-01 11:09:21 +1000235 */
236void channel_permit_all_opens(void);
237
Ben Lindstrom7bb8b492001-03-17 00:47:54 +0000238/* Add host/port to list of allowed targets for port forwarding */
239void channel_add_permitted_opens(char *host, int port);
240
241/* Flush list */
242void channel_clear_permitted_opens(void);
243
Damien Millerb38eff82000-04-01 11:09:21 +1000244/*
245 * This is called after receiving CHANNEL_FORWARDING_REQUEST. This initates
246 * listening for the port, and sends back a success reply (or disconnect
247 * message if there was an error). This never returns if there was an error.
248 */
Damien Millere247cc42000-05-07 12:03:14 +1000249void channel_input_port_forward_request(int is_root, int gateway_ports);
Damien Millerb38eff82000-04-01 11:09:21 +1000250
251/*
252 * Creates a port for X11 connections, and starts listening for it. Returns
253 * the display name, or NULL if an error was encountered.
254 */
255char *x11_create_display(int screen);
256
257/*
258 * Creates an internet domain socket for listening for X11 connections.
259 * Returns a suitable value for the DISPLAY variable, or NULL if an error
260 * occurs.
261 */
262char *x11_create_display_inet(int screen, int x11_display_offset);
263
264/*
265 * This is called when SSH_SMSG_X11_OPEN is received. The packet contains
266 * the remote channel number. We should do whatever we want, and respond
267 * with either SSH_MSG_OPEN_CONFIRMATION or SSH_MSG_OPEN_FAILURE.
268 */
Damien Miller62cee002000-09-23 17:15:56 +1100269void x11_input_open(int type, int plen, void *ctxt);
Damien Millerb38eff82000-04-01 11:09:21 +1000270
271/*
272 * Requests forwarding of X11 connections. This should be called on the
273 * client only.
274 */
275void x11_request_forwarding(void);
276
277/*
278 * Requests forwarding for X11 connections, with authentication spoofing.
279 * This should be called in the client only.
280 */
Damien Millerbd483e72000-04-30 10:00:53 +1000281void
282x11_request_forwarding_with_spoofing(int client_session_id,
283 const char *proto, const char *data);
Damien Millerb38eff82000-04-01 11:09:21 +1000284
285/* Sends a message to the server to request authentication fd forwarding. */
286void auth_request_forwarding(void);
287
288/*
289 * Returns the name of the forwarded authentication socket. Returns NULL if
290 * there is no forwarded authentication socket. The returned value points to
291 * a static buffer.
292 */
293char *auth_get_socket_name(void);
294
295/*
Damien Millerd3a18572000-06-07 19:55:44 +1000296 * This is called to process SSH_CMSG_AGENT_REQUEST_FORWARDING on the server.
Damien Millerb38eff82000-04-01 11:09:21 +1000297 * This starts forwarding authentication requests.
298 */
Damien Millerd3a18572000-06-07 19:55:44 +1000299int auth_input_request_forwarding(struct passwd * pw);
Damien Millerb38eff82000-04-01 11:09:21 +1000300
301/* This is called to process an SSH_SMSG_AGENT_OPEN message. */
Damien Miller62cee002000-09-23 17:15:56 +1100302void auth_input_open_request(int type, int plen, void *ctxt);
Damien Millerb38eff82000-04-01 11:09:21 +1000303
Damien Miller33b13562000-04-04 14:38:59 +1000304/* XXX */
305int channel_connect_to(const char *host, u_short host_port);
Damien Miller0bc1bd82000-11-13 22:57:25 +1100306int channel_connect_by_listen_adress(u_short listen_port);
Damien Millerbd483e72000-04-30 10:00:53 +1000307int x11_connect_display(void);
Damien Miller33b13562000-04-04 14:38:59 +1000308
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000309#endif