1/* $OpenBSD: clientloop.c,v 1.236 2011/06/22 22:08:42 djm Exp $ */ 2/* 3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 5 * All rights reserved 6 * The main loop for the interactive session (client side). 7 * 8 * As far as I am concerned, the code I have written for this software 9 * can be used freely for any purpose. Any derived versions of this 10 * software must be clearly marked as such, and if the derived work is 11 * incompatible with the protocol description in the RFC file, it must be 12 * called by a name other than "ssh" or "Secure Shell". 13 * 14 * 15 * Copyright (c) 1999 Theo de Raadt. All rights reserved. 16 * 17 * Redistribution and use in source and binary forms, with or without 18 * modification, are permitted provided that the following conditions 19 * are met: 20 * 1. Redistributions of source code must retain the above copyright 21 * notice, this list of conditions and the following disclaimer. 22 * 2. Redistributions in binary form must reproduce the above copyright 23 * notice, this list of conditions and the following disclaimer in the 24 * documentation and/or other materials provided with the distribution. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 27 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 28 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 29 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 30 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 31 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 32 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 33 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 34 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 35 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 36 * 37 * 38 * SSH2 support added by Markus Friedl. 39 * Copyright (c) 1999, 2000, 2001 Markus Friedl. All rights reserved. 40 * 41 * Redistribution and use in source and binary forms, with or without 42 * modification, are permitted provided that the following conditions 43 * are met: 44 * 1. Redistributions of source code must retain the above copyright 45 * notice, this list of conditions and the following disclaimer. 46 * 2. Redistributions in binary form must reproduce the above copyright 47 * notice, this list of conditions and the following disclaimer in the 48 * documentation and/or other materials provided with the distribution. 49 * 50 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 51 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 52 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 53 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 54 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 55 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 56 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 57 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 58 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 59 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 60 */ 61 62#include "includes.h" 63 64#include <sys/types.h> 65#include <sys/ioctl.h> 66#include <sys/param.h> 67#ifdef HAVE_SYS_STAT_H 68# include <sys/stat.h> 69#endif 70#ifdef HAVE_SYS_TIME_H 71# include <sys/time.h> 72#endif 73#include <sys/socket.h> 74 75#include <ctype.h> 76#include <errno.h> 77#ifdef HAVE_PATHS_H 78#include <paths.h> 79#endif 80#include <signal.h> 81#include <stdarg.h> 82#include <stdio.h> 83#include <stdlib.h> 84#include <string.h> 85#include <termios.h> 86#include <pwd.h> 87#include <unistd.h> 88 89#include "openbsd-compat/sys-queue.h" 90#include "xmalloc.h" 91#include "ssh.h" 92#include "ssh1.h" 93#include "ssh2.h" 94#include "packet.h" 95#include "buffer.h" 96#include "compat.h" 97#include "channels.h" 98#include "dispatch.h" 99#include "key.h" 100#include "cipher.h" 101#include "kex.h" 102#include "log.h" 103#include "readconf.h" 104#include "clientloop.h" 105#include "sshconnect.h" 106#include "authfd.h" 107#include "atomicio.h" 108#include "sshpty.h" 109#include "misc.h" 110#include "match.h" 111#include "msg.h" 112#include "roaming.h" 113 114/* import options */ 115extern Options options; 116 117/* Flag indicating that stdin should be redirected from /dev/null. */ 118extern int stdin_null_flag; 119 120/* Flag indicating that no shell has been requested */ 121extern int no_shell_flag; 122 123/* Control socket */ 124extern int muxserver_sock; /* XXX use mux_client_cleanup() instead */ 125 126/* 127 * Name of the host we are connecting to. This is the name given on the 128 * command line, or the HostName specified for the user-supplied name in a 129 * configuration file. 130 */ 131extern char *host; 132 133/* 134 * Flag to indicate that we have received a window change signal which has 135 * not yet been processed. This will cause a message indicating the new 136 * window size to be sent to the server a little later. This is volatile 137 * because this is updated in a signal handler. 138 */ 139static volatile sig_atomic_t received_window_change_signal = 0; 140static volatile sig_atomic_t received_signal = 0; 141 142/* Flag indicating whether the user's terminal is in non-blocking mode. */ 143static int in_non_blocking_mode = 0; 144 145/* Time when backgrounded control master using ControlPersist should exit */ 146static time_t control_persist_exit_time = 0; 147 148/* Common data for the client loop code. */ 149volatile sig_atomic_t quit_pending; /* Set non-zero to quit the loop. */ 150static int escape_char1; /* Escape character. (proto1 only) */ 151static int escape_pending1; /* Last character was an escape (proto1 only) */ 152static int last_was_cr; /* Last character was a newline. */ 153static int exit_status; /* Used to store the command exit status. */ 154static int stdin_eof; /* EOF has been encountered on stderr. */ 155static Buffer stdin_buffer; /* Buffer for stdin data. */ 156static Buffer stdout_buffer; /* Buffer for stdout data. */ 157static Buffer stderr_buffer; /* Buffer for stderr data. */ 158static u_int buffer_high; /* Soft max buffer size. */ 159static int connection_in; /* Connection to server (input). */ 160static int connection_out; /* Connection to server (output). */ 161static int need_rekeying; /* Set to non-zero if rekeying is requested. */ 162static int session_closed; /* In SSH2: login session closed. */ 163static int x11_refuse_time; /* If >0, refuse x11 opens after this time. */ 164 165static void client_init_dispatch(void); 166int session_ident = -1; 167 168int session_resumed = 0; 169 170/* Track escape per proto2 channel */ 171struct escape_filter_ctx { 172 int escape_pending; 173 int escape_char; 174}; 175 176/* Context for channel confirmation replies */ 177struct channel_reply_ctx { 178 const char *request_type; 179 int id; 180 enum confirm_action action; 181}; 182 183/* Global request success/failure callbacks */ 184struct global_confirm { 185 TAILQ_ENTRY(global_confirm) entry; 186 global_confirm_cb *cb; 187 void *ctx; 188 int ref_count; 189}; 190TAILQ_HEAD(global_confirms, global_confirm); 191static struct global_confirms global_confirms = 192 TAILQ_HEAD_INITIALIZER(global_confirms); 193 194/*XXX*/ 195extern Kex *xxx_kex; 196 197void ssh_process_session2_setup(int, int, int, Buffer *); 198 199/* Restores stdin to blocking mode. */ 200 201static void 202leave_non_blocking(void) 203{ 204 if (in_non_blocking_mode) { 205 unset_nonblock(fileno(stdin)); 206 in_non_blocking_mode = 0; 207 } 208} 209 210/* Puts stdin terminal in non-blocking mode. */ 211 212static void 213enter_non_blocking(void) 214{ 215 in_non_blocking_mode = 1; 216 set_nonblock(fileno(stdin)); 217} 218 219/* 220 * Signal handler for the window change signal (SIGWINCH). This just sets a 221 * flag indicating that the window has changed. 222 */ 223/*ARGSUSED */ 224static void 225window_change_handler(int sig) 226{ 227 received_window_change_signal = 1; 228 signal(SIGWINCH, window_change_handler); 229} 230 231/* 232 * Signal handler for signals that cause the program to terminate. These 233 * signals must be trapped to restore terminal modes. 234 */ 235/*ARGSUSED */ 236static void 237signal_handler(int sig) 238{ 239 received_signal = sig; 240 quit_pending = 1; 241} 242 243/* 244 * Returns current time in seconds from Jan 1, 1970 with the maximum 245 * available resolution. 246 */ 247 248static double 249get_current_time(void) 250{ 251 struct timeval tv; 252 gettimeofday(&tv, NULL); 253 return (double) tv.tv_sec + (double) tv.tv_usec / 1000000.0; 254} 255 256/* 257 * Sets control_persist_exit_time to the absolute time when the 258 * backgrounded control master should exit due to expiry of the 259 * ControlPersist timeout. Sets it to 0 if we are not a backgrounded 260 * control master process, or if there is no ControlPersist timeout. 261 */ 262static void 263set_control_persist_exit_time(void) 264{ 265 if (muxserver_sock == -1 || !options.control_persist 266 || options.control_persist_timeout == 0) { 267 /* not using a ControlPersist timeout */ 268 control_persist_exit_time = 0; 269 } else if (channel_still_open()) { 270 /* some client connections are still open */ 271 if (control_persist_exit_time > 0) 272 debug2("%s: cancel scheduled exit", __func__); 273 control_persist_exit_time = 0; 274 } else if (control_persist_exit_time <= 0) { 275 /* a client connection has recently closed */ 276 control_persist_exit_time = time(NULL) + 277 (time_t)options.control_persist_timeout; 278 debug2("%s: schedule exit in %d seconds", __func__, 279 options.control_persist_timeout); 280 } 281 /* else we are already counting down to the timeout */ 282} 283 284#define SSH_X11_PROTO "MIT-MAGIC-COOKIE-1" 285void 286client_x11_get_proto(const char *display, const char *xauth_path, 287 u_int trusted, u_int timeout, char **_proto, char **_data) 288{ 289 char cmd[1024]; 290 char line[512]; 291 char xdisplay[512]; 292 static char proto[512], data[512]; 293 FILE *f; 294 int got_data = 0, generated = 0, do_unlink = 0, i; 295 char *xauthdir, *xauthfile; 296 struct stat st; 297 u_int now; 298 299 xauthdir = xauthfile = NULL; 300 *_proto = proto; 301 *_data = data; 302 proto[0] = data[0] = '\0'; 303 304 if (xauth_path == NULL ||(stat(xauth_path, &st) == -1)) { 305 debug("No xauth program."); 306 } else { 307 if (display == NULL) { 308 debug("x11_get_proto: DISPLAY not set"); 309 return; 310 } 311 /* 312 * Handle FamilyLocal case where $DISPLAY does 313 * not match an authorization entry. For this we 314 * just try "xauth list unix:displaynum.screennum". 315 * XXX: "localhost" match to determine FamilyLocal 316 * is not perfect. 317 */ 318 if (strncmp(display, "localhost:", 10) == 0) { 319 snprintf(xdisplay, sizeof(xdisplay), "unix:%s", 320 display + 10); 321 display = xdisplay; 322 } 323 if (trusted == 0) { 324 xauthdir = xmalloc(MAXPATHLEN); 325 xauthfile = xmalloc(MAXPATHLEN); 326 mktemp_proto(xauthdir, MAXPATHLEN); 327 if (mkdtemp(xauthdir) != NULL) { 328 do_unlink = 1; 329 snprintf(xauthfile, MAXPATHLEN, "%s/xauthfile", 330 xauthdir); 331 snprintf(cmd, sizeof(cmd), 332 "%s -f %s generate %s " SSH_X11_PROTO 333 " untrusted timeout %u 2>" _PATH_DEVNULL, 334 xauth_path, xauthfile, display, timeout); 335 debug2("x11_get_proto: %s", cmd); 336 if (system(cmd) == 0) 337 generated = 1; 338 if (x11_refuse_time == 0) { 339 now = time(NULL) + 1; 340 if (UINT_MAX - timeout < now) 341 x11_refuse_time = UINT_MAX; 342 else 343 x11_refuse_time = now + timeout; 344 } 345 } 346 } 347 348 /* 349 * When in untrusted mode, we read the cookie only if it was 350 * successfully generated as an untrusted one in the step 351 * above. 352 */ 353 if (trusted || generated) { 354 snprintf(cmd, sizeof(cmd), 355 "%s %s%s list %s 2>" _PATH_DEVNULL, 356 xauth_path, 357 generated ? "-f " : "" , 358 generated ? xauthfile : "", 359 display); 360 debug2("x11_get_proto: %s", cmd); 361 f = popen(cmd, "r"); 362 if (f && fgets(line, sizeof(line), f) && 363 sscanf(line, "%*s %511s %511s", proto, data) == 2) 364 got_data = 1; 365 if (f) 366 pclose(f); 367 } else 368 error("Warning: untrusted X11 forwarding setup failed: " 369 "xauth key data not generated"); 370 } 371 372 if (do_unlink) { 373 unlink(xauthfile); 374 rmdir(xauthdir); 375 } 376 if (xauthdir) 377 xfree(xauthdir); 378 if (xauthfile) 379 xfree(xauthfile); 380 381 /* 382 * If we didn't get authentication data, just make up some 383 * data. The forwarding code will check the validity of the 384 * response anyway, and substitute this data. The X11 385 * server, however, will ignore this fake data and use 386 * whatever authentication mechanisms it was using otherwise 387 * for the local connection. 388 */ 389 if (!got_data) { 390 u_int32_t rnd = 0; 391 392 logit("Warning: No xauth data; " 393 "using fake authentication data for X11 forwarding."); 394 strlcpy(proto, SSH_X11_PROTO, sizeof proto); 395 for (i = 0; i < 16; i++) { 396 if (i % 4 == 0) 397 rnd = arc4random(); 398 snprintf(data + 2 * i, sizeof data - 2 * i, "%02x", 399 rnd & 0xff); 400 rnd >>= 8; 401 } 402 } 403} 404 405/* 406 * This is called when the interactive is entered. This checks if there is 407 * an EOF coming on stdin. We must check this explicitly, as select() does 408 * not appear to wake up when redirecting from /dev/null. 409 */ 410 411static void 412client_check_initial_eof_on_stdin(void) 413{ 414 int len; 415 char buf[1]; 416 417 /* 418 * If standard input is to be "redirected from /dev/null", we simply 419 * mark that we have seen an EOF and send an EOF message to the 420 * server. Otherwise, we try to read a single character; it appears 421 * that for some files, such /dev/null, select() never wakes up for 422 * read for this descriptor, which means that we never get EOF. This 423 * way we will get the EOF if stdin comes from /dev/null or similar. 424 */ 425 if (stdin_null_flag) { 426 /* Fake EOF on stdin. */ 427 debug("Sending eof."); 428 stdin_eof = 1; 429 packet_start(SSH_CMSG_EOF); 430 packet_send(); 431 } else { 432 enter_non_blocking(); 433 434 /* Check for immediate EOF on stdin. */ 435 len = read(fileno(stdin), buf, 1); 436 if (len == 0) { 437 /* 438 * EOF. Record that we have seen it and send 439 * EOF to server. 440 */ 441 debug("Sending eof."); 442 stdin_eof = 1; 443 packet_start(SSH_CMSG_EOF); 444 packet_send(); 445 } else if (len > 0) { 446 /* 447 * Got data. We must store the data in the buffer, 448 * and also process it as an escape character if 449 * appropriate. 450 */ 451 if ((u_char) buf[0] == escape_char1) 452 escape_pending1 = 1; 453 else 454 buffer_append(&stdin_buffer, buf, 1); 455 } 456 leave_non_blocking(); 457 } 458} 459 460 461/* 462 * Make packets from buffered stdin data, and buffer them for sending to the 463 * connection. 464 */ 465 466static void 467client_make_packets_from_stdin_data(void) 468{ 469 u_int len; 470 471 /* Send buffered stdin data to the server. */ 472 while (buffer_len(&stdin_buffer) > 0 && 473 packet_not_very_much_data_to_write()) { 474 len = buffer_len(&stdin_buffer); 475 /* Keep the packets at reasonable size. */ 476 if (len > packet_get_maxsize()) 477 len = packet_get_maxsize(); 478 packet_start(SSH_CMSG_STDIN_DATA); 479 packet_put_string(buffer_ptr(&stdin_buffer), len); 480 packet_send(); 481 buffer_consume(&stdin_buffer, len); 482 /* If we have a pending EOF, send it now. */ 483 if (stdin_eof && buffer_len(&stdin_buffer) == 0) { 484 packet_start(SSH_CMSG_EOF); 485 packet_send(); 486 } 487 } 488} 489 490/* 491 * Checks if the client window has changed, and sends a packet about it to 492 * the server if so. The actual change is detected elsewhere (by a software 493 * interrupt on Unix); this just checks the flag and sends a message if 494 * appropriate. 495 */ 496 497static void 498client_check_window_change(void) 499{ 500 struct winsize ws; 501 502 if (! received_window_change_signal) 503 return; 504 /** XXX race */ 505 received_window_change_signal = 0; 506 507 debug2("client_check_window_change: changed"); 508 509 if (compat20) { 510 channel_send_window_changes(); 511 } else { 512 if (ioctl(fileno(stdin), TIOCGWINSZ, &ws) < 0) 513 return; 514 packet_start(SSH_CMSG_WINDOW_SIZE); 515 packet_put_int((u_int)ws.ws_row); 516 packet_put_int((u_int)ws.ws_col); 517 packet_put_int((u_int)ws.ws_xpixel); 518 packet_put_int((u_int)ws.ws_ypixel); 519 packet_send(); 520 } 521} 522 523static void 524client_global_request_reply(int type, u_int32_t seq, void *ctxt) 525{ 526 struct global_confirm *gc; 527 528 if ((gc = TAILQ_FIRST(&global_confirms)) == NULL) 529 return; 530 if (gc->cb != NULL) 531 gc->cb(type, seq, gc->ctx); 532 if (--gc->ref_count <= 0) { 533 TAILQ_REMOVE(&global_confirms, gc, entry); 534 bzero(gc, sizeof(*gc)); 535 xfree(gc); 536 } 537 538 packet_set_alive_timeouts(0); 539} 540 541static void 542server_alive_check(void) 543{ 544 if (packet_inc_alive_timeouts() > options.server_alive_count_max) { 545 logit("Timeout, server %s not responding.", host); 546 cleanup_exit(255); 547 } 548 packet_start(SSH2_MSG_GLOBAL_REQUEST); 549 packet_put_cstring("keepalive@openssh.com"); 550 packet_put_char(1); /* boolean: want reply */ 551 packet_send(); 552 /* Insert an empty placeholder to maintain ordering */ 553 client_register_global_confirm(NULL, NULL); 554} 555 556/* 557 * Waits until the client can do something (some data becomes available on 558 * one of the file descriptors). 559 */ 560static void 561client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, 562 int *maxfdp, u_int *nallocp, int rekeying) 563{ 564 struct timeval tv, *tvp; 565 int timeout_secs; 566 int ret; 567 568 /* Add any selections by the channel mechanism. */ 569 channel_prepare_select(readsetp, writesetp, maxfdp, nallocp, rekeying); 570 571 if (!compat20) { 572 /* Read from the connection, unless our buffers are full. */ 573 if (buffer_len(&stdout_buffer) < buffer_high && 574 buffer_len(&stderr_buffer) < buffer_high && 575 channel_not_very_much_buffered_data()) 576 FD_SET(connection_in, *readsetp); 577 /* 578 * Read from stdin, unless we have seen EOF or have very much 579 * buffered data to send to the server. 580 */ 581 if (!stdin_eof && packet_not_very_much_data_to_write()) 582 FD_SET(fileno(stdin), *readsetp); 583 584 /* Select stdout/stderr if have data in buffer. */ 585 if (buffer_len(&stdout_buffer) > 0) 586 FD_SET(fileno(stdout), *writesetp); 587 if (buffer_len(&stderr_buffer) > 0) 588 FD_SET(fileno(stderr), *writesetp); 589 } else { 590 /* channel_prepare_select could have closed the last channel */ 591 if (session_closed && !channel_still_open() && 592 !packet_have_data_to_write()) { 593 /* clear mask since we did not call select() */ 594 memset(*readsetp, 0, *nallocp); 595 memset(*writesetp, 0, *nallocp); 596 return; 597 } else { 598 FD_SET(connection_in, *readsetp); 599 } 600 } 601 602 /* Select server connection if have data to write to the server. */ 603 if (packet_have_data_to_write()) 604 FD_SET(connection_out, *writesetp); 605 606 /* 607 * Wait for something to happen. This will suspend the process until 608 * some selected descriptor can be read, written, or has some other 609 * event pending, or a timeout expires. 610 */ 611 612 timeout_secs = INT_MAX; /* we use INT_MAX to mean no timeout */ 613 if (options.server_alive_interval > 0 && compat20) 614 timeout_secs = options.server_alive_interval; 615 set_control_persist_exit_time(); 616 if (control_persist_exit_time > 0) { 617 timeout_secs = MIN(timeout_secs, 618 control_persist_exit_time - time(NULL)); 619 if (timeout_secs < 0) 620 timeout_secs = 0; 621 } 622 if (timeout_secs == INT_MAX) 623 tvp = NULL; 624 else { 625 tv.tv_sec = timeout_secs; 626 tv.tv_usec = 0; 627 tvp = &tv; 628 } 629 630 ret = select((*maxfdp)+1, *readsetp, *writesetp, NULL, tvp); 631 if (ret < 0) { 632 char buf[100]; 633 634 /* 635 * We have to clear the select masks, because we return. 636 * We have to return, because the mainloop checks for the flags 637 * set by the signal handlers. 638 */ 639 memset(*readsetp, 0, *nallocp); 640 memset(*writesetp, 0, *nallocp); 641 642 if (errno == EINTR) 643 return; 644 /* Note: we might still have data in the buffers. */ 645 snprintf(buf, sizeof buf, "select: %s\r\n", strerror(errno)); 646 buffer_append(&stderr_buffer, buf, strlen(buf)); 647 quit_pending = 1; 648 } else if (ret == 0) 649 server_alive_check(); 650} 651 652static void 653client_suspend_self(Buffer *bin, Buffer *bout, Buffer *berr) 654{ 655 /* Flush stdout and stderr buffers. */ 656 if (buffer_len(bout) > 0) 657 atomicio(vwrite, fileno(stdout), buffer_ptr(bout), 658 buffer_len(bout)); 659 if (buffer_len(berr) > 0) 660 atomicio(vwrite, fileno(stderr), buffer_ptr(berr), 661 buffer_len(berr)); 662 663 leave_raw_mode(options.request_tty == REQUEST_TTY_FORCE); 664 665 /* 666 * Free (and clear) the buffer to reduce the amount of data that gets 667 * written to swap. 668 */ 669 buffer_free(bin); 670 buffer_free(bout); 671 buffer_free(berr); 672 673 /* Send the suspend signal to the program itself. */ 674 kill(getpid(), SIGTSTP); 675 676 /* Reset window sizes in case they have changed */ 677 received_window_change_signal = 1; 678 679 /* OK, we have been continued by the user. Reinitialize buffers. */ 680 buffer_init(bin); 681 buffer_init(bout); 682 buffer_init(berr); 683 684 enter_raw_mode(options.request_tty == REQUEST_TTY_FORCE); 685} 686 687static void 688client_process_net_input(fd_set *readset) 689{ 690 int len, cont = 0; 691 char buf[SSH_IOBUFSZ]; 692 693 /* 694 * Read input from the server, and add any such data to the buffer of 695 * the packet subsystem. 696 */ 697 if (FD_ISSET(connection_in, readset)) { 698 /* Read as much as possible. */ 699 len = roaming_read(connection_in, buf, sizeof(buf), &cont); 700 if (len == 0 && cont == 0) { 701 /* 702 * Received EOF. The remote host has closed the 703 * connection. 704 */ 705 snprintf(buf, sizeof buf, 706 "Connection to %.300s closed by remote host.\r\n", 707 host); 708 buffer_append(&stderr_buffer, buf, strlen(buf)); 709 quit_pending = 1; 710 return; 711 } 712 /* 713 * There is a kernel bug on Solaris that causes select to 714 * sometimes wake up even though there is no data available. 715 */ 716 if (len < 0 && 717 (errno == EAGAIN || errno == EINTR || errno == EWOULDBLOCK)) 718 len = 0; 719 720 if (len < 0) { 721 /* 722 * An error has encountered. Perhaps there is a 723 * network problem. 724 */ 725 snprintf(buf, sizeof buf, 726 "Read from remote host %.300s: %.100s\r\n", 727 host, strerror(errno)); 728 buffer_append(&stderr_buffer, buf, strlen(buf)); 729 quit_pending = 1; 730 return; 731 } 732 packet_process_incoming(buf, len); 733 } 734} 735 736static void 737client_status_confirm(int type, Channel *c, void *ctx) 738{ 739 struct channel_reply_ctx *cr = (struct channel_reply_ctx *)ctx; 740 char errmsg[256]; 741 int tochan; 742 743 /* 744 * If a TTY was explicitly requested, then a failure to allocate 745 * one is fatal. 746 */ 747 if (cr->action == CONFIRM_TTY && 748 (options.request_tty == REQUEST_TTY_FORCE || 749 options.request_tty == REQUEST_TTY_YES)) 750 cr->action = CONFIRM_CLOSE; 751 752 /* XXX supress on mux _client_ quietmode */ 753 tochan = options.log_level >= SYSLOG_LEVEL_ERROR && 754 c->ctl_chan != -1 && c->extended_usage == CHAN_EXTENDED_WRITE; 755 756 if (type == SSH2_MSG_CHANNEL_SUCCESS) { 757 debug2("%s request accepted on channel %d", 758 cr->request_type, c->self); 759 } else if (type == SSH2_MSG_CHANNEL_FAILURE) { 760 if (tochan) { 761 snprintf(errmsg, sizeof(errmsg), 762 "%s request failed\r\n", cr->request_type); 763 } else { 764 snprintf(errmsg, sizeof(errmsg), 765 "%s request failed on channel %d", 766 cr->request_type, c->self); 767 } 768 /* If error occurred on primary session channel, then exit */ 769 if (cr->action == CONFIRM_CLOSE && c->self == session_ident) 770 fatal("%s", errmsg); 771 /* 772 * If error occurred on mux client, append to 773 * their stderr. 774 */ 775 if (tochan) { 776 buffer_append(&c->extended, errmsg, 777 strlen(errmsg)); 778 } else 779 error("%s", errmsg); 780 if (cr->action == CONFIRM_TTY) { 781 /* 782 * If a TTY allocation error occurred, then arrange 783 * for the correct TTY to leave raw mode. 784 */ 785 if (c->self == session_ident) 786 leave_raw_mode(0); 787 else 788 mux_tty_alloc_failed(c); 789 } else if (cr->action == CONFIRM_CLOSE) { 790 chan_read_failed(c); 791 chan_write_failed(c); 792 } 793 } 794 xfree(cr); 795} 796 797static void 798client_abandon_status_confirm(Channel *c, void *ctx) 799{ 800 xfree(ctx); 801} 802 803void 804client_expect_confirm(int id, const char *request, 805 enum confirm_action action) 806{ 807 struct channel_reply_ctx *cr = xmalloc(sizeof(*cr)); 808 809 cr->request_type = request; 810 cr->action = action; 811 812 channel_register_status_confirm(id, client_status_confirm, 813 client_abandon_status_confirm, cr); 814} 815 816void 817client_register_global_confirm(global_confirm_cb *cb, void *ctx) 818{ 819 struct global_confirm *gc, *last_gc; 820 821 /* Coalesce identical callbacks */ 822 last_gc = TAILQ_LAST(&global_confirms, global_confirms); 823 if (last_gc && last_gc->cb == cb && last_gc->ctx == ctx) { 824 if (++last_gc->ref_count >= INT_MAX) 825 fatal("%s: last_gc->ref_count = %d", 826 __func__, last_gc->ref_count); 827 return; 828 } 829 830 gc = xmalloc(sizeof(*gc)); 831 gc->cb = cb; 832 gc->ctx = ctx; 833 gc->ref_count = 1; 834 TAILQ_INSERT_TAIL(&global_confirms, gc, entry); 835} 836 837static void 838process_cmdline(void) 839{ 840 void (*handler)(int); 841 char *s, *cmd, *cancel_host; 842 int delete = 0; 843 int local = 0, remote = 0, dynamic = 0; 844 int cancel_port; 845 Forward fwd; 846 847 bzero(&fwd, sizeof(fwd)); 848 fwd.listen_host = fwd.connect_host = NULL; 849 850 leave_raw_mode(options.request_tty == REQUEST_TTY_FORCE); 851 handler = signal(SIGINT, SIG_IGN); 852 cmd = s = read_passphrase("\r\nssh> ", RP_ECHO); 853 if (s == NULL) 854 goto out; 855 while (isspace(*s)) 856 s++; 857 if (*s == '-') 858 s++; /* Skip cmdline '-', if any */ 859 if (*s == '\0') 860 goto out; 861 862 if (*s == 'h' || *s == 'H' || *s == '?') { 863 logit("Commands:"); 864 logit(" -L[bind_address:]port:host:hostport " 865 "Request local forward"); 866 logit(" -R[bind_address:]port:host:hostport " 867 "Request remote forward"); 868 logit(" -D[bind_address:]port " 869 "Request dynamic forward"); 870 logit(" -KR[bind_address:]port " 871 "Cancel remote forward"); 872 if (!options.permit_local_command) 873 goto out; 874 logit(" !args " 875 "Execute local command"); 876 goto out; 877 } 878 879 if (*s == '!' && options.permit_local_command) { 880 s++; 881 ssh_local_cmd(s); 882 goto out; 883 } 884 885 if (*s == 'K') { 886 delete = 1; 887 s++; 888 } 889 if (*s == 'L') 890 local = 1; 891 else if (*s == 'R') 892 remote = 1; 893 else if (*s == 'D') 894 dynamic = 1; 895 else { 896 logit("Invalid command."); 897 goto out; 898 } 899 900 if ((local || dynamic) && delete) { 901 logit("Not supported."); 902 goto out; 903 } 904 if (remote && delete && !compat20) { 905 logit("Not supported for SSH protocol version 1."); 906 goto out; 907 } 908 909 while (isspace(*++s)) 910 ; 911 912 /* XXX update list of forwards in options */ 913 if (delete) { 914 cancel_port = 0; 915 cancel_host = hpdelim(&s); /* may be NULL */ 916 if (s != NULL) { 917 cancel_port = a2port(s); 918 cancel_host = cleanhostname(cancel_host); 919 } else { 920 cancel_port = a2port(cancel_host); 921 cancel_host = NULL; 922 } 923 if (cancel_port <= 0) { 924 logit("Bad forwarding close port"); 925 goto out; 926 } 927 channel_request_rforward_cancel(cancel_host, cancel_port); 928 } else { 929 if (!parse_forward(&fwd, s, dynamic, remote)) { 930 logit("Bad forwarding specification."); 931 goto out; 932 } 933 if (local || dynamic) { 934 if (channel_setup_local_fwd_listener(fwd.listen_host, 935 fwd.listen_port, fwd.connect_host, 936 fwd.connect_port, options.gateway_ports) < 0) { 937 logit("Port forwarding failed."); 938 goto out; 939 } 940 } else { 941 if (channel_request_remote_forwarding(fwd.listen_host, 942 fwd.listen_port, fwd.connect_host, 943 fwd.connect_port) < 0) { 944 logit("Port forwarding failed."); 945 goto out; 946 } 947 } 948 949 logit("Forwarding port."); 950 } 951 952out: 953 signal(SIGINT, handler); 954 enter_raw_mode(options.request_tty == REQUEST_TTY_FORCE); 955 if (cmd) 956 xfree(cmd); 957 if (fwd.listen_host != NULL) 958 xfree(fwd.listen_host); 959 if (fwd.connect_host != NULL) 960 xfree(fwd.connect_host); 961} 962 963/* 964 * Process the characters one by one, call with c==NULL for proto1 case. 965 */ 966static int 967process_escapes(Channel *c, Buffer *bin, Buffer *bout, Buffer *berr, 968 char *buf, int len) 969{ 970 char string[1024]; 971 pid_t pid; 972 int bytes = 0; 973 u_int i; 974 u_char ch; 975 char *s; 976 int *escape_pendingp, escape_char; 977 struct escape_filter_ctx *efc; 978 979 if (c == NULL) { 980 escape_pendingp = &escape_pending1; 981 escape_char = escape_char1; 982 } else { 983 if (c->filter_ctx == NULL) 984 return 0; 985 efc = (struct escape_filter_ctx *)c->filter_ctx; 986 escape_pendingp = &efc->escape_pending; 987 escape_char = efc->escape_char; 988 } 989 990 if (len <= 0) 991 return (0); 992 993 for (i = 0; i < (u_int)len; i++) { 994 /* Get one character at a time. */ 995 ch = buf[i]; 996 997 if (*escape_pendingp) { 998 /* We have previously seen an escape character. */ 999 /* Clear the flag now. */ 1000 *escape_pendingp = 0; 1001 1002 /* Process the escaped character. */ 1003 switch (ch) { 1004 case '.': 1005 /* Terminate the connection. */ 1006 snprintf(string, sizeof string, "%c.\r\n", 1007 escape_char); 1008 buffer_append(berr, string, strlen(string)); 1009 1010 if (c && c->ctl_chan != -1) { 1011 chan_read_failed(c); 1012 chan_write_failed(c); 1013 return 0; 1014 } else 1015 quit_pending = 1; 1016 return -1; 1017 1018 case 'Z' - 64: 1019 /* XXX support this for mux clients */ 1020 if (c && c->ctl_chan != -1) { 1021 noescape: 1022 snprintf(string, sizeof string, 1023 "%c%c escape not available to " 1024 "multiplexed sessions\r\n", 1025 escape_char, ch); 1026 buffer_append(berr, string, 1027 strlen(string)); 1028 continue; 1029 } 1030 /* Suspend the program. Inform the user */ 1031 snprintf(string, sizeof string, 1032 "%c^Z [suspend ssh]\r\n", escape_char); 1033 buffer_append(berr, string, strlen(string)); 1034 1035 /* Restore terminal modes and suspend. */ 1036 client_suspend_self(bin, bout, berr); 1037 1038 /* We have been continued. */ 1039 continue; 1040 1041 case 'B': 1042 if (compat20) { 1043 snprintf(string, sizeof string, 1044 "%cB\r\n", escape_char); 1045 buffer_append(berr, string, 1046 strlen(string)); 1047 channel_request_start(session_ident, 1048 "break", 0); 1049 packet_put_int(1000); 1050 packet_send(); 1051 } 1052 continue; 1053 1054 case 'R': 1055 if (compat20) { 1056 if (datafellows & SSH_BUG_NOREKEY) 1057 logit("Server does not " 1058 "support re-keying"); 1059 else 1060 need_rekeying = 1; 1061 } 1062 continue; 1063 1064 case '&': 1065 if (c && c->ctl_chan != -1) 1066 goto noescape; 1067 /* 1068 * Detach the program (continue to serve 1069 * connections, but put in background and no 1070 * more new connections). 1071 */ 1072 /* Restore tty modes. */ 1073 leave_raw_mode( 1074 options.request_tty == REQUEST_TTY_FORCE); 1075 1076 /* Stop listening for new connections. */ 1077 channel_stop_listening(); 1078 1079 snprintf(string, sizeof string, 1080 "%c& [backgrounded]\n", escape_char); 1081 buffer_append(berr, string, strlen(string)); 1082 1083 /* Fork into background. */ 1084 pid = fork(); 1085 if (pid < 0) { 1086 error("fork: %.100s", strerror(errno)); 1087 continue; 1088 } 1089 if (pid != 0) { /* This is the parent. */ 1090 /* The parent just exits. */ 1091 exit(0); 1092 } 1093 /* The child continues serving connections. */ 1094 if (compat20) { 1095 buffer_append(bin, "\004", 1); 1096 /* fake EOF on stdin */ 1097 return -1; 1098 } else if (!stdin_eof) { 1099 /* 1100 * Sending SSH_CMSG_EOF alone does not 1101 * always appear to be enough. So we 1102 * try to send an EOF character first. 1103 */ 1104 packet_start(SSH_CMSG_STDIN_DATA); 1105 packet_put_string("\004", 1); 1106 packet_send(); 1107 /* Close stdin. */ 1108 stdin_eof = 1; 1109 if (buffer_len(bin) == 0) { 1110 packet_start(SSH_CMSG_EOF); 1111 packet_send(); 1112 } 1113 } 1114 continue; 1115 1116 case '?': 1117 if (c && c->ctl_chan != -1) { 1118 snprintf(string, sizeof string, 1119"%c?\r\n\ 1120Supported escape sequences:\r\n\ 1121 %c. - terminate session\r\n\ 1122 %cB - send a BREAK to the remote system\r\n\ 1123 %cR - Request rekey (SSH protocol 2 only)\r\n\ 1124 %c# - list forwarded connections\r\n\ 1125 %c? - this message\r\n\ 1126 %c%c - send the escape character by typing it twice\r\n\ 1127(Note that escapes are only recognized immediately after newline.)\r\n", 1128 escape_char, escape_char, 1129 escape_char, escape_char, 1130 escape_char, escape_char, 1131 escape_char, escape_char); 1132 } else { 1133 snprintf(string, sizeof string, 1134"%c?\r\n\ 1135Supported escape sequences:\r\n\ 1136 %c. - terminate connection (and any multiplexed sessions)\r\n\ 1137 %cB - send a BREAK to the remote system\r\n\ 1138 %cC - open a command line\r\n\ 1139 %cR - Request rekey (SSH protocol 2 only)\r\n\ 1140 %c^Z - suspend ssh\r\n\ 1141 %c# - list forwarded connections\r\n\ 1142 %c& - background ssh (when waiting for connections to terminate)\r\n\ 1143 %c? - this message\r\n\ 1144 %c%c - send the escape character by typing it twice\r\n\ 1145(Note that escapes are only recognized immediately after newline.)\r\n", 1146 escape_char, escape_char, 1147 escape_char, escape_char, 1148 escape_char, escape_char, 1149 escape_char, escape_char, 1150 escape_char, escape_char, 1151 escape_char); 1152 } 1153 buffer_append(berr, string, strlen(string)); 1154 continue; 1155 1156 case '#': 1157 snprintf(string, sizeof string, "%c#\r\n", 1158 escape_char); 1159 buffer_append(berr, string, strlen(string)); 1160 s = channel_open_message(); 1161 buffer_append(berr, s, strlen(s)); 1162 xfree(s); 1163 continue; 1164 1165 case 'C': 1166 if (c && c->ctl_chan != -1) 1167 goto noescape; 1168 process_cmdline(); 1169 continue; 1170 1171 default: 1172 if (ch != escape_char) { 1173 buffer_put_char(bin, escape_char); 1174 bytes++; 1175 } 1176 /* Escaped characters fall through here */ 1177 break; 1178 } 1179 } else { 1180 /* 1181 * The previous character was not an escape char. 1182 * Check if this is an escape. 1183 */ 1184 if (last_was_cr && ch == escape_char) { 1185 /* 1186 * It is. Set the flag and continue to 1187 * next character. 1188 */ 1189 *escape_pendingp = 1; 1190 continue; 1191 } 1192 } 1193 1194 /* 1195 * Normal character. Record whether it was a newline, 1196 * and append it to the buffer. 1197 */ 1198 last_was_cr = (ch == '\r' || ch == '\n'); 1199 buffer_put_char(bin, ch); 1200 bytes++; 1201 } 1202 return bytes; 1203} 1204 1205static void 1206client_process_input(fd_set *readset) 1207{ 1208 int len; 1209 char buf[SSH_IOBUFSZ]; 1210 1211 /* Read input from stdin. */ 1212 if (FD_ISSET(fileno(stdin), readset)) { 1213 /* Read as much as possible. */ 1214 len = read(fileno(stdin), buf, sizeof(buf)); 1215 if (len < 0 && 1216 (errno == EAGAIN || errno == EINTR || errno == EWOULDBLOCK)) 1217 return; /* we'll try again later */ 1218 if (len <= 0) { 1219 /* 1220 * Received EOF or error. They are treated 1221 * similarly, except that an error message is printed 1222 * if it was an error condition. 1223 */ 1224 if (len < 0) { 1225 snprintf(buf, sizeof buf, "read: %.100s\r\n", 1226 strerror(errno)); 1227 buffer_append(&stderr_buffer, buf, strlen(buf)); 1228 } 1229 /* Mark that we have seen EOF. */ 1230 stdin_eof = 1; 1231 /* 1232 * Send an EOF message to the server unless there is 1233 * data in the buffer. If there is data in the 1234 * buffer, no message will be sent now. Code 1235 * elsewhere will send the EOF when the buffer 1236 * becomes empty if stdin_eof is set. 1237 */ 1238 if (buffer_len(&stdin_buffer) == 0) { 1239 packet_start(SSH_CMSG_EOF); 1240 packet_send(); 1241 } 1242 } else if (escape_char1 == SSH_ESCAPECHAR_NONE) { 1243 /* 1244 * Normal successful read, and no escape character. 1245 * Just append the data to buffer. 1246 */ 1247 buffer_append(&stdin_buffer, buf, len); 1248 } else { 1249 /* 1250 * Normal, successful read. But we have an escape 1251 * character and have to process the characters one 1252 * by one. 1253 */ 1254 if (process_escapes(NULL, &stdin_buffer, 1255 &stdout_buffer, &stderr_buffer, buf, len) == -1) 1256 return; 1257 } 1258 } 1259} 1260 1261static void 1262client_process_output(fd_set *writeset) 1263{ 1264 int len; 1265 char buf[100]; 1266 1267 /* Write buffered output to stdout. */ 1268 if (FD_ISSET(fileno(stdout), writeset)) { 1269 /* Write as much data as possible. */ 1270 len = write(fileno(stdout), buffer_ptr(&stdout_buffer), 1271 buffer_len(&stdout_buffer)); 1272 if (len <= 0) { 1273 if (errno == EINTR || errno == EAGAIN || 1274 errno == EWOULDBLOCK) 1275 len = 0; 1276 else { 1277 /* 1278 * An error or EOF was encountered. Put an 1279 * error message to stderr buffer. 1280 */ 1281 snprintf(buf, sizeof buf, 1282 "write stdout: %.50s\r\n", strerror(errno)); 1283 buffer_append(&stderr_buffer, buf, strlen(buf)); 1284 quit_pending = 1; 1285 return; 1286 } 1287 } 1288 /* Consume printed data from the buffer. */ 1289 buffer_consume(&stdout_buffer, len); 1290 } 1291 /* Write buffered output to stderr. */ 1292 if (FD_ISSET(fileno(stderr), writeset)) { 1293 /* Write as much data as possible. */ 1294 len = write(fileno(stderr), buffer_ptr(&stderr_buffer), 1295 buffer_len(&stderr_buffer)); 1296 if (len <= 0) { 1297 if (errno == EINTR || errno == EAGAIN || 1298 errno == EWOULDBLOCK) 1299 len = 0; 1300 else { 1301 /* 1302 * EOF or error, but can't even print 1303 * error message. 1304 */ 1305 quit_pending = 1; 1306 return; 1307 } 1308 } 1309 /* Consume printed characters from the buffer. */ 1310 buffer_consume(&stderr_buffer, len); 1311 } 1312} 1313 1314/* 1315 * Get packets from the connection input buffer, and process them as long as 1316 * there are packets available. 1317 * 1318 * Any unknown packets received during the actual 1319 * session cause the session to terminate. This is 1320 * intended to make debugging easier since no 1321 * confirmations are sent. Any compatible protocol 1322 * extensions must be negotiated during the 1323 * preparatory phase. 1324 */ 1325 1326static void 1327client_process_buffered_input_packets(void) 1328{ 1329 dispatch_run(DISPATCH_NONBLOCK, &quit_pending, 1330 compat20 ? xxx_kex : NULL); 1331} 1332 1333/* scan buf[] for '~' before sending data to the peer */ 1334 1335/* Helper: allocate a new escape_filter_ctx and fill in its escape char */ 1336void * 1337client_new_escape_filter_ctx(int escape_char) 1338{ 1339 struct escape_filter_ctx *ret; 1340 1341 ret = xmalloc(sizeof(*ret)); 1342 ret->escape_pending = 0; 1343 ret->escape_char = escape_char; 1344 return (void *)ret; 1345} 1346 1347/* Free the escape filter context on channel free */ 1348void 1349client_filter_cleanup(int cid, void *ctx) 1350{ 1351 xfree(ctx); 1352} 1353 1354int 1355client_simple_escape_filter(Channel *c, char *buf, int len) 1356{ 1357 if (c->extended_usage != CHAN_EXTENDED_WRITE) 1358 return 0; 1359 1360 return process_escapes(c, &c->input, &c->output, &c->extended, 1361 buf, len); 1362} 1363 1364static void 1365client_channel_closed(int id, void *arg) 1366{ 1367 channel_cancel_cleanup(id); 1368 session_closed = 1; 1369 leave_raw_mode(options.request_tty == REQUEST_TTY_FORCE); 1370} 1371 1372/* 1373 * Implements the interactive session with the server. This is called after 1374 * the user has been authenticated, and a command has been started on the 1375 * remote host. If escape_char != SSH_ESCAPECHAR_NONE, it is the character 1376 * used as an escape character for terminating or suspending the session. 1377 */ 1378 1379int 1380client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id) 1381{ 1382 fd_set *readset = NULL, *writeset = NULL; 1383 double start_time, total_time; 1384 int max_fd = 0, max_fd2 = 0, len, rekeying = 0; 1385 u_int64_t ibytes, obytes; 1386 u_int nalloc = 0; 1387 char buf[100]; 1388 1389 debug("Entering interactive session."); 1390 1391 start_time = get_current_time(); 1392 1393 /* Initialize variables. */ 1394 escape_pending1 = 0; 1395 last_was_cr = 1; 1396 exit_status = -1; 1397 stdin_eof = 0; 1398 buffer_high = 64 * 1024; 1399 connection_in = packet_get_connection_in(); 1400 connection_out = packet_get_connection_out(); 1401 max_fd = MAX(connection_in, connection_out); 1402 1403 if (!compat20) { 1404 /* enable nonblocking unless tty */ 1405 if (!isatty(fileno(stdin))) 1406 set_nonblock(fileno(stdin)); 1407 if (!isatty(fileno(stdout))) 1408 set_nonblock(fileno(stdout)); 1409 if (!isatty(fileno(stderr))) 1410 set_nonblock(fileno(stderr)); 1411 max_fd = MAX(max_fd, fileno(stdin)); 1412 max_fd = MAX(max_fd, fileno(stdout)); 1413 max_fd = MAX(max_fd, fileno(stderr)); 1414 } 1415 quit_pending = 0; 1416 escape_char1 = escape_char_arg; 1417 1418 /* Initialize buffers. */ 1419 buffer_init(&stdin_buffer); 1420 buffer_init(&stdout_buffer); 1421 buffer_init(&stderr_buffer); 1422 1423 client_init_dispatch(); 1424 1425 /* 1426 * Set signal handlers, (e.g. to restore non-blocking mode) 1427 * but don't overwrite SIG_IGN, matches behaviour from rsh(1) 1428 */ 1429 if (signal(SIGHUP, SIG_IGN) != SIG_IGN) 1430 signal(SIGHUP, signal_handler); 1431 if (signal(SIGINT, SIG_IGN) != SIG_IGN) 1432 signal(SIGINT, signal_handler); 1433 if (signal(SIGQUIT, SIG_IGN) != SIG_IGN) 1434 signal(SIGQUIT, signal_handler); 1435 if (signal(SIGTERM, SIG_IGN) != SIG_IGN) 1436 signal(SIGTERM, signal_handler); 1437 signal(SIGWINCH, window_change_handler); 1438 1439 if (have_pty) 1440 enter_raw_mode(options.request_tty == REQUEST_TTY_FORCE); 1441 1442 if (compat20) { 1443 session_ident = ssh2_chan_id; 1444 if (session_ident != -1) { 1445 if (escape_char_arg != SSH_ESCAPECHAR_NONE) { 1446 channel_register_filter(session_ident, 1447 client_simple_escape_filter, NULL, 1448 client_filter_cleanup, 1449 client_new_escape_filter_ctx( 1450 escape_char_arg)); 1451 } 1452 channel_register_cleanup(session_ident, 1453 client_channel_closed, 0); 1454 } 1455 } else { 1456 /* Check if we should immediately send eof on stdin. */ 1457 client_check_initial_eof_on_stdin(); 1458 } 1459 1460 /* Main loop of the client for the interactive session mode. */ 1461 while (!quit_pending) { 1462 1463 /* Process buffered packets sent by the server. */ 1464 client_process_buffered_input_packets(); 1465 1466 if (compat20 && session_closed && !channel_still_open()) 1467 break; 1468 1469 rekeying = (xxx_kex != NULL && !xxx_kex->done); 1470 1471 if (rekeying) { 1472 debug("rekeying in progress"); 1473 } else { 1474 /* 1475 * Make packets of buffered stdin data, and buffer 1476 * them for sending to the server. 1477 */ 1478 if (!compat20) 1479 client_make_packets_from_stdin_data(); 1480 1481 /* 1482 * Make packets from buffered channel data, and 1483 * enqueue them for sending to the server. 1484 */ 1485 if (packet_not_very_much_data_to_write()) 1486 channel_output_poll(); 1487 1488 /* 1489 * Check if the window size has changed, and buffer a 1490 * message about it to the server if so. 1491 */ 1492 client_check_window_change(); 1493 1494 if (quit_pending) 1495 break; 1496 } 1497 /* 1498 * Wait until we have something to do (something becomes 1499 * available on one of the descriptors). 1500 */ 1501 max_fd2 = max_fd; 1502 client_wait_until_can_do_something(&readset, &writeset, 1503 &max_fd2, &nalloc, rekeying); 1504 1505 if (quit_pending) 1506 break; 1507 1508 /* Do channel operations unless rekeying in progress. */ 1509 if (!rekeying) { 1510 channel_after_select(readset, writeset); 1511 if (need_rekeying || packet_need_rekeying()) { 1512 debug("need rekeying"); 1513 xxx_kex->done = 0; 1514 kex_send_kexinit(xxx_kex); 1515 need_rekeying = 0; 1516 } 1517 } 1518 1519 /* Buffer input from the connection. */ 1520 client_process_net_input(readset); 1521 1522 if (quit_pending) 1523 break; 1524 1525 if (!compat20) { 1526 /* Buffer data from stdin */ 1527 client_process_input(readset); 1528 /* 1529 * Process output to stdout and stderr. Output to 1530 * the connection is processed elsewhere (above). 1531 */ 1532 client_process_output(writeset); 1533 } 1534 1535 if (session_resumed) { 1536 connection_in = packet_get_connection_in(); 1537 connection_out = packet_get_connection_out(); 1538 max_fd = MAX(max_fd, connection_out); 1539 max_fd = MAX(max_fd, connection_in); 1540 session_resumed = 0; 1541 } 1542 1543 /* 1544 * Send as much buffered packet data as possible to the 1545 * sender. 1546 */ 1547 if (FD_ISSET(connection_out, writeset)) 1548 packet_write_poll(); 1549 1550 /* 1551 * If we are a backgrounded control master, and the 1552 * timeout has expired without any active client 1553 * connections, then quit. 1554 */ 1555 if (control_persist_exit_time > 0) { 1556 if (time(NULL) >= control_persist_exit_time) { 1557 debug("ControlPersist timeout expired"); 1558 break; 1559 } 1560 } 1561 } 1562 if (readset) 1563 xfree(readset); 1564 if (writeset) 1565 xfree(writeset); 1566 1567 /* Terminate the session. */ 1568 1569 /* Stop watching for window change. */ 1570 signal(SIGWINCH, SIG_DFL); 1571 1572 if (compat20) { 1573 packet_start(SSH2_MSG_DISCONNECT); 1574 packet_put_int(SSH2_DISCONNECT_BY_APPLICATION); 1575 packet_put_cstring("disconnected by user"); 1576 packet_put_cstring(""); /* language tag */ 1577 packet_send(); 1578 packet_write_wait(); 1579 } 1580 1581 channel_free_all(); 1582 1583 if (have_pty) 1584 leave_raw_mode(options.request_tty == REQUEST_TTY_FORCE); 1585 1586 /* restore blocking io */ 1587 if (!isatty(fileno(stdin))) 1588 unset_nonblock(fileno(stdin)); 1589 if (!isatty(fileno(stdout))) 1590 unset_nonblock(fileno(stdout)); 1591 if (!isatty(fileno(stderr))) 1592 unset_nonblock(fileno(stderr)); 1593 1594 /* 1595 * If there was no shell or command requested, there will be no remote 1596 * exit status to be returned. In that case, clear error code if the 1597 * connection was deliberately terminated at this end. 1598 */ 1599 if (no_shell_flag && received_signal == SIGTERM) { 1600 received_signal = 0; 1601 exit_status = 0; 1602 } 1603 1604 if (received_signal) 1605 fatal("Killed by signal %d.", (int) received_signal); 1606 1607 /* 1608 * In interactive mode (with pseudo tty) display a message indicating 1609 * that the connection has been closed. 1610 */ 1611 if (have_pty && options.log_level != SYSLOG_LEVEL_QUIET) { 1612 snprintf(buf, sizeof buf, 1613 "Connection to %.64s closed.\r\n", host); 1614 buffer_append(&stderr_buffer, buf, strlen(buf)); 1615 } 1616 1617 /* Output any buffered data for stdout. */ 1618 if (buffer_len(&stdout_buffer) > 0) { 1619 len = atomicio(vwrite, fileno(stdout), 1620 buffer_ptr(&stdout_buffer), buffer_len(&stdout_buffer)); 1621 if (len < 0 || (u_int)len != buffer_len(&stdout_buffer)) 1622 error("Write failed flushing stdout buffer."); 1623 else 1624 buffer_consume(&stdout_buffer, len); 1625 } 1626 1627 /* Output any buffered data for stderr. */ 1628 if (buffer_len(&stderr_buffer) > 0) { 1629 len = atomicio(vwrite, fileno(stderr), 1630 buffer_ptr(&stderr_buffer), buffer_len(&stderr_buffer)); 1631 if (len < 0 || (u_int)len != buffer_len(&stderr_buffer)) 1632 error("Write failed flushing stderr buffer."); 1633 else 1634 buffer_consume(&stderr_buffer, len); 1635 } 1636 1637 /* Clear and free any buffers. */ 1638 memset(buf, 0, sizeof(buf)); 1639 buffer_free(&stdin_buffer); 1640 buffer_free(&stdout_buffer); 1641 buffer_free(&stderr_buffer); 1642 1643 /* Report bytes transferred, and transfer rates. */ 1644 total_time = get_current_time() - start_time; 1645 packet_get_state(MODE_IN, NULL, NULL, NULL, &ibytes); 1646 packet_get_state(MODE_OUT, NULL, NULL, NULL, &obytes); 1647 verbose("Transferred: sent %llu, received %llu bytes, in %.1f seconds", 1648 (unsigned long long)obytes, (unsigned long long)ibytes, total_time); 1649 if (total_time > 0) 1650 verbose("Bytes per second: sent %.1f, received %.1f", 1651 obytes / total_time, ibytes / total_time); 1652 /* Return the exit status of the program. */ 1653 debug("Exit status %d", exit_status); 1654 return exit_status; 1655} 1656 1657/*********/ 1658 1659static void 1660client_input_stdout_data(int type, u_int32_t seq, void *ctxt) 1661{ 1662 u_int data_len; 1663 char *data = packet_get_string(&data_len); 1664 packet_check_eom(); 1665 buffer_append(&stdout_buffer, data, data_len); 1666 memset(data, 0, data_len); 1667 xfree(data); 1668} 1669static void 1670client_input_stderr_data(int type, u_int32_t seq, void *ctxt) 1671{ 1672 u_int data_len; 1673 char *data = packet_get_string(&data_len); 1674 packet_check_eom(); 1675 buffer_append(&stderr_buffer, data, data_len); 1676 memset(data, 0, data_len); 1677 xfree(data); 1678} 1679static void 1680client_input_exit_status(int type, u_int32_t seq, void *ctxt) 1681{ 1682 exit_status = packet_get_int(); 1683 packet_check_eom(); 1684 /* Acknowledge the exit. */ 1685 packet_start(SSH_CMSG_EXIT_CONFIRMATION); 1686 packet_send(); 1687 /* 1688 * Must wait for packet to be sent since we are 1689 * exiting the loop. 1690 */ 1691 packet_write_wait(); 1692 /* Flag that we want to exit. */ 1693 quit_pending = 1; 1694} 1695static void 1696client_input_agent_open(int type, u_int32_t seq, void *ctxt) 1697{ 1698 Channel *c = NULL; 1699 int remote_id, sock; 1700 1701 /* Read the remote channel number from the message. */ 1702 remote_id = packet_get_int(); 1703 packet_check_eom(); 1704 1705 /* 1706 * Get a connection to the local authentication agent (this may again 1707 * get forwarded). 1708 */ 1709 sock = ssh_get_authentication_socket(); 1710 1711 /* 1712 * If we could not connect the agent, send an error message back to 1713 * the server. This should never happen unless the agent dies, 1714 * because authentication forwarding is only enabled if we have an 1715 * agent. 1716 */ 1717 if (sock >= 0) { 1718 c = channel_new("", SSH_CHANNEL_OPEN, sock, sock, 1719 -1, 0, 0, 0, "authentication agent connection", 1); 1720 c->remote_id = remote_id; 1721 c->force_drain = 1; 1722 } 1723 if (c == NULL) { 1724 packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE); 1725 packet_put_int(remote_id); 1726 } else { 1727 /* Send a confirmation to the remote host. */ 1728 debug("Forwarding authentication connection."); 1729 packet_start(SSH_MSG_CHANNEL_OPEN_CONFIRMATION); 1730 packet_put_int(remote_id); 1731 packet_put_int(c->self); 1732 } 1733 packet_send(); 1734} 1735 1736static Channel * 1737client_request_forwarded_tcpip(const char *request_type, int rchan) 1738{ 1739 Channel *c = NULL; 1740 char *listen_address, *originator_address; 1741 u_short listen_port, originator_port; 1742 1743 /* Get rest of the packet */ 1744 listen_address = packet_get_string(NULL); 1745 listen_port = packet_get_int(); 1746 originator_address = packet_get_string(NULL); 1747 originator_port = packet_get_int(); 1748 packet_check_eom(); 1749 1750 debug("client_request_forwarded_tcpip: listen %s port %d, " 1751 "originator %s port %d", listen_address, listen_port, 1752 originator_address, originator_port); 1753 1754 c = channel_connect_by_listen_address(listen_port, 1755 "forwarded-tcpip", originator_address); 1756 1757 xfree(originator_address); 1758 xfree(listen_address); 1759 return c; 1760} 1761 1762static Channel * 1763client_request_x11(const char *request_type, int rchan) 1764{ 1765 Channel *c = NULL; 1766 char *originator; 1767 u_short originator_port; 1768 int sock; 1769 1770 if (!options.forward_x11) { 1771 error("Warning: ssh server tried X11 forwarding."); 1772 error("Warning: this is probably a break-in attempt by a " 1773 "malicious server."); 1774 return NULL; 1775 } 1776 if (x11_refuse_time != 0 && time(NULL) >= x11_refuse_time) { 1777 verbose("Rejected X11 connection after ForwardX11Timeout " 1778 "expired"); 1779 return NULL; 1780 } 1781 originator = packet_get_string(NULL); 1782 if (datafellows & SSH_BUG_X11FWD) { 1783 debug2("buggy server: x11 request w/o originator_port"); 1784 originator_port = 0; 1785 } else { 1786 originator_port = packet_get_int(); 1787 } 1788 packet_check_eom(); 1789 /* XXX check permission */ 1790 debug("client_request_x11: request from %s %d", originator, 1791 originator_port); 1792 xfree(originator); 1793 sock = x11_connect_display(); 1794 if (sock < 0) 1795 return NULL; 1796 c = channel_new("x11", 1797 SSH_CHANNEL_X11_OPEN, sock, sock, -1, 1798 CHAN_TCP_WINDOW_DEFAULT, CHAN_X11_PACKET_DEFAULT, 0, "x11", 1); 1799 c->force_drain = 1; 1800 return c; 1801} 1802 1803static Channel * 1804client_request_agent(const char *request_type, int rchan) 1805{ 1806 Channel *c = NULL; 1807 int sock; 1808 1809 if (!options.forward_agent) { 1810 error("Warning: ssh server tried agent forwarding."); 1811 error("Warning: this is probably a break-in attempt by a " 1812 "malicious server."); 1813 return NULL; 1814 } 1815 sock = ssh_get_authentication_socket(); 1816 if (sock < 0) 1817 return NULL; 1818 c = channel_new("authentication agent connection", 1819 SSH_CHANNEL_OPEN, sock, sock, -1, 1820 CHAN_X11_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, 0, 1821 "authentication agent connection", 1); 1822 c->force_drain = 1; 1823 return c; 1824} 1825 1826int 1827client_request_tun_fwd(int tun_mode, int local_tun, int remote_tun) 1828{ 1829 Channel *c; 1830 int fd; 1831 1832 if (tun_mode == SSH_TUNMODE_NO) 1833 return 0; 1834 1835 if (!compat20) { 1836 error("Tunnel forwarding is not supported for protocol 1"); 1837 return -1; 1838 } 1839 1840 debug("Requesting tun unit %d in mode %d", local_tun, tun_mode); 1841 1842 /* Open local tunnel device */ 1843 if ((fd = tun_open(local_tun, tun_mode)) == -1) { 1844 error("Tunnel device open failed."); 1845 return -1; 1846 } 1847 1848 c = channel_new("tun", SSH_CHANNEL_OPENING, fd, fd, -1, 1849 CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, 0, "tun", 1); 1850 c->datagram = 1; 1851 1852#if defined(SSH_TUN_FILTER) 1853 if (options.tun_open == SSH_TUNMODE_POINTOPOINT) 1854 channel_register_filter(c->self, sys_tun_infilter, 1855 sys_tun_outfilter, NULL, NULL); 1856#endif 1857 1858 packet_start(SSH2_MSG_CHANNEL_OPEN); 1859 packet_put_cstring("tun@openssh.com"); 1860 packet_put_int(c->self); 1861 packet_put_int(c->local_window_max); 1862 packet_put_int(c->local_maxpacket); 1863 packet_put_int(tun_mode); 1864 packet_put_int(remote_tun); 1865 packet_send(); 1866 1867 return 0; 1868} 1869 1870/* XXXX move to generic input handler */ 1871static void 1872client_input_channel_open(int type, u_int32_t seq, void *ctxt) 1873{ 1874 Channel *c = NULL; 1875 char *ctype; 1876 int rchan; 1877 u_int rmaxpack, rwindow, len; 1878 1879 ctype = packet_get_string(&len); 1880 rchan = packet_get_int(); 1881 rwindow = packet_get_int(); 1882 rmaxpack = packet_get_int(); 1883 1884 debug("client_input_channel_open: ctype %s rchan %d win %d max %d", 1885 ctype, rchan, rwindow, rmaxpack); 1886 1887 if (strcmp(ctype, "forwarded-tcpip") == 0) { 1888 c = client_request_forwarded_tcpip(ctype, rchan); 1889 } else if (strcmp(ctype, "x11") == 0) { 1890 c = client_request_x11(ctype, rchan); 1891 } else if (strcmp(ctype, "auth-agent@openssh.com") == 0) { 1892 c = client_request_agent(ctype, rchan); 1893 } 1894/* XXX duplicate : */ 1895 if (c != NULL) { 1896 debug("confirm %s", ctype); 1897 c->remote_id = rchan; 1898 c->remote_window = rwindow; 1899 c->remote_maxpacket = rmaxpack; 1900 if (c->type != SSH_CHANNEL_CONNECTING) { 1901 packet_start(SSH2_MSG_CHANNEL_OPEN_CONFIRMATION); 1902 packet_put_int(c->remote_id); 1903 packet_put_int(c->self); 1904 packet_put_int(c->local_window); 1905 packet_put_int(c->local_maxpacket); 1906 packet_send(); 1907 } 1908 } else { 1909 debug("failure %s", ctype); 1910 packet_start(SSH2_MSG_CHANNEL_OPEN_FAILURE); 1911 packet_put_int(rchan); 1912 packet_put_int(SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED); 1913 if (!(datafellows & SSH_BUG_OPENFAILURE)) { 1914 packet_put_cstring("open failed"); 1915 packet_put_cstring(""); 1916 } 1917 packet_send(); 1918 } 1919 xfree(ctype); 1920} 1921static void 1922client_input_channel_req(int type, u_int32_t seq, void *ctxt) 1923{ 1924 Channel *c = NULL; 1925 int exitval, id, reply, success = 0; 1926 char *rtype; 1927 1928 id = packet_get_int(); 1929 rtype = packet_get_string(NULL); 1930 reply = packet_get_char(); 1931 1932 debug("client_input_channel_req: channel %d rtype %s reply %d", 1933 id, rtype, reply); 1934 1935 if (id == -1) { 1936 error("client_input_channel_req: request for channel -1"); 1937 } else if ((c = channel_lookup(id)) == NULL) { 1938 error("client_input_channel_req: channel %d: " 1939 "unknown channel", id); 1940 } else if (strcmp(rtype, "eow@openssh.com") == 0) { 1941 packet_check_eom(); 1942 chan_rcvd_eow(c); 1943 } else if (strcmp(rtype, "exit-status") == 0) { 1944 exitval = packet_get_int(); 1945 if (c->ctl_chan != -1) { 1946 mux_exit_message(c, exitval); 1947 success = 1; 1948 } else if (id == session_ident) { 1949 /* Record exit value of local session */ 1950 success = 1; 1951 exit_status = exitval; 1952 } else { 1953 /* Probably for a mux channel that has already closed */ 1954 debug("%s: no sink for exit-status on channel %d", 1955 __func__, id); 1956 } 1957 packet_check_eom(); 1958 } 1959 if (reply && c != NULL) { 1960 packet_start(success ? 1961 SSH2_MSG_CHANNEL_SUCCESS : SSH2_MSG_CHANNEL_FAILURE); 1962 packet_put_int(c->remote_id); 1963 packet_send(); 1964 } 1965 xfree(rtype); 1966} 1967static void 1968client_input_global_request(int type, u_int32_t seq, void *ctxt) 1969{ 1970 char *rtype; 1971 int want_reply; 1972 int success = 0; 1973 1974 rtype = packet_get_string(NULL); 1975 want_reply = packet_get_char(); 1976 debug("client_input_global_request: rtype %s want_reply %d", 1977 rtype, want_reply); 1978 if (want_reply) { 1979 packet_start(success ? 1980 SSH2_MSG_REQUEST_SUCCESS : SSH2_MSG_REQUEST_FAILURE); 1981 packet_send(); 1982 packet_write_wait(); 1983 } 1984 xfree(rtype); 1985} 1986 1987void 1988client_session2_setup(int id, int want_tty, int want_subsystem, 1989 const char *term, struct termios *tiop, int in_fd, Buffer *cmd, char **env) 1990{ 1991 int len; 1992 Channel *c = NULL; 1993 1994 debug2("%s: id %d", __func__, id); 1995 1996 if ((c = channel_lookup(id)) == NULL) 1997 fatal("client_session2_setup: channel %d: unknown channel", id); 1998 1999 packet_set_interactive(want_tty, 2000 options.ip_qos_interactive, options.ip_qos_bulk); 2001 2002 if (want_tty) { 2003 struct winsize ws; 2004 2005 /* Store window size in the packet. */ 2006 if (ioctl(in_fd, TIOCGWINSZ, &ws) < 0) 2007 memset(&ws, 0, sizeof(ws)); 2008 2009 channel_request_start(id, "pty-req", 1); 2010 client_expect_confirm(id, "PTY allocation", CONFIRM_TTY); 2011 packet_put_cstring(term != NULL ? term : ""); 2012 packet_put_int((u_int)ws.ws_col); 2013 packet_put_int((u_int)ws.ws_row); 2014 packet_put_int((u_int)ws.ws_xpixel); 2015 packet_put_int((u_int)ws.ws_ypixel); 2016 if (tiop == NULL) 2017 tiop = get_saved_tio(); 2018 tty_make_modes(-1, tiop); 2019 packet_send(); 2020 /* XXX wait for reply */ 2021 c->client_tty = 1; 2022 } 2023 2024 /* Transfer any environment variables from client to server */ 2025 if (options.num_send_env != 0 && env != NULL) { 2026 int i, j, matched; 2027 char *name, *val; 2028 2029 debug("Sending environment."); 2030 for (i = 0; env[i] != NULL; i++) { 2031 /* Split */ 2032 name = xstrdup(env[i]); 2033 if ((val = strchr(name, '=')) == NULL) { 2034 xfree(name); 2035 continue; 2036 } 2037 *val++ = '\0'; 2038 2039 matched = 0; 2040 for (j = 0; j < options.num_send_env; j++) { 2041 if (match_pattern(name, options.send_env[j])) { 2042 matched = 1; 2043 break; 2044 } 2045 } 2046 if (!matched) { 2047 debug3("Ignored env %s", name); 2048 xfree(name); 2049 continue; 2050 } 2051 2052 debug("Sending env %s = %s", name, val); 2053 channel_request_start(id, "env", 0); 2054 packet_put_cstring(name); 2055 packet_put_cstring(val); 2056 packet_send(); 2057 xfree(name); 2058 } 2059 } 2060 2061 len = buffer_len(cmd); 2062 if (len > 0) { 2063 if (len > 900) 2064 len = 900; 2065 if (want_subsystem) { 2066 debug("Sending subsystem: %.*s", 2067 len, (u_char*)buffer_ptr(cmd)); 2068 channel_request_start(id, "subsystem", 1); 2069 client_expect_confirm(id, "subsystem", CONFIRM_CLOSE); 2070 } else { 2071 debug("Sending command: %.*s", 2072 len, (u_char*)buffer_ptr(cmd)); 2073 channel_request_start(id, "exec", 1); 2074 client_expect_confirm(id, "exec", CONFIRM_CLOSE); 2075 } 2076 packet_put_string(buffer_ptr(cmd), buffer_len(cmd)); 2077 packet_send(); 2078 } else { 2079 channel_request_start(id, "shell", 1); 2080 client_expect_confirm(id, "shell", CONFIRM_CLOSE); 2081 packet_send(); 2082 } 2083} 2084 2085static void 2086client_init_dispatch_20(void) 2087{ 2088 dispatch_init(&dispatch_protocol_error); 2089 2090 dispatch_set(SSH2_MSG_CHANNEL_CLOSE, &channel_input_oclose); 2091 dispatch_set(SSH2_MSG_CHANNEL_DATA, &channel_input_data); 2092 dispatch_set(SSH2_MSG_CHANNEL_EOF, &channel_input_ieof); 2093 dispatch_set(SSH2_MSG_CHANNEL_EXTENDED_DATA, &channel_input_extended_data); 2094 dispatch_set(SSH2_MSG_CHANNEL_OPEN, &client_input_channel_open); 2095 dispatch_set(SSH2_MSG_CHANNEL_OPEN_CONFIRMATION, &channel_input_open_confirmation); 2096 dispatch_set(SSH2_MSG_CHANNEL_OPEN_FAILURE, &channel_input_open_failure); 2097 dispatch_set(SSH2_MSG_CHANNEL_REQUEST, &client_input_channel_req); 2098 dispatch_set(SSH2_MSG_CHANNEL_WINDOW_ADJUST, &channel_input_window_adjust); 2099 dispatch_set(SSH2_MSG_CHANNEL_SUCCESS, &channel_input_status_confirm); 2100 dispatch_set(SSH2_MSG_CHANNEL_FAILURE, &channel_input_status_confirm); 2101 dispatch_set(SSH2_MSG_GLOBAL_REQUEST, &client_input_global_request); 2102 2103 /* rekeying */ 2104 dispatch_set(SSH2_MSG_KEXINIT, &kex_input_kexinit); 2105 2106 /* global request reply messages */ 2107 dispatch_set(SSH2_MSG_REQUEST_FAILURE, &client_global_request_reply); 2108 dispatch_set(SSH2_MSG_REQUEST_SUCCESS, &client_global_request_reply); 2109} 2110 2111static void 2112client_init_dispatch_13(void) 2113{ 2114 dispatch_init(NULL); 2115 dispatch_set(SSH_MSG_CHANNEL_CLOSE, &channel_input_close); 2116 dispatch_set(SSH_MSG_CHANNEL_CLOSE_CONFIRMATION, &channel_input_close_confirmation); 2117 dispatch_set(SSH_MSG_CHANNEL_DATA, &channel_input_data); 2118 dispatch_set(SSH_MSG_CHANNEL_OPEN_CONFIRMATION, &channel_input_open_confirmation); 2119 dispatch_set(SSH_MSG_CHANNEL_OPEN_FAILURE, &channel_input_open_failure); 2120 dispatch_set(SSH_MSG_PORT_OPEN, &channel_input_port_open); 2121 dispatch_set(SSH_SMSG_EXITSTATUS, &client_input_exit_status); 2122 dispatch_set(SSH_SMSG_STDERR_DATA, &client_input_stderr_data); 2123 dispatch_set(SSH_SMSG_STDOUT_DATA, &client_input_stdout_data); 2124 2125 dispatch_set(SSH_SMSG_AGENT_OPEN, options.forward_agent ? 2126 &client_input_agent_open : &deny_input_open); 2127 dispatch_set(SSH_SMSG_X11_OPEN, options.forward_x11 ? 2128 &x11_input_open : &deny_input_open); 2129} 2130 2131static void 2132client_init_dispatch_15(void) 2133{ 2134 client_init_dispatch_13(); 2135 dispatch_set(SSH_MSG_CHANNEL_CLOSE, &channel_input_ieof); 2136 dispatch_set(SSH_MSG_CHANNEL_CLOSE_CONFIRMATION, & channel_input_oclose); 2137} 2138 2139static void 2140client_init_dispatch(void) 2141{ 2142 if (compat20) 2143 client_init_dispatch_20(); 2144 else if (compat13) 2145 client_init_dispatch_13(); 2146 else 2147 client_init_dispatch_15(); 2148} 2149 2150void 2151client_stop_mux(void) 2152{ 2153 if (options.control_path != NULL && muxserver_sock != -1) 2154 unlink(options.control_path); 2155 /* 2156 * If we are in persist mode, signal that we should close when all 2157 * active channels are closed. 2158 */ 2159 if (options.control_persist) { 2160 session_closed = 1; 2161 setproctitle("[stopped mux]"); 2162 } 2163} 2164 2165/* client specific fatal cleanup */ 2166void 2167cleanup_exit(int i) 2168{ 2169 leave_raw_mode(options.request_tty == REQUEST_TTY_FORCE); 2170 leave_non_blocking(); 2171 if (options.control_path != NULL && muxserver_sock != -1) 2172 unlink(options.control_path); 2173 ssh_kill_proxy_command(); 2174 _exit(i); 2175} 2176