13 #include "pageant.h" /* for AGENT_MAX_MSGLEN */
25 #define MIN_CTXT_LIFETIME 5 /* Avoid rekey with short lifetime (seconds) */
26 #define GSS_KEX_CAPABLE (1<<0) /* Can do GSS KEX */
27 #define GSS_CRED_UPDATED (1<<1) /* Cred updated since previous delegation */
28 #define GSS_CTXT_EXPIRES (1<<2) /* Context expires before next timer */
29 #define GSS_CTXT_MAYFAIL (1<<3) /* Context may expire during handshake */
37 struct ssh_version_receiver version_receiver
;
42 Interactor interactor
;
47 /* The last list returned from get_specials. */
48 SessionSpecial
*specials
;
51 ssh_sharing_state
*connshare
;
52 bool attempting_connshare
;
55 struct ssh_connection_shared_gss_state gss_state
;
67 int conn_throttle_count
;
68 size_t overall_bufsize
;
72 * logically_frozen is true if we're not currently _processing_
73 * data from the SSH socket (e.g. because a higher layer has asked
74 * us not to due to ssh_throttle_conn). socket_frozen is true if
75 * we're not even _reading_ data from the socket (i.e. it should
76 * always match the value we last passed to sk_set_frozen).
78 * The two differ in that socket_frozen can also become
79 * temporarily true because of a large backlog in the in_raw
80 * bufchain, to force no further plug_receive events until the BPP
81 * input function has had a chance to run. (Some front ends, like
82 * GTK, can persistently call the network and never get round to
83 * the toplevel callbacks.) If we've stopped reading from the
84 * socket for that reason, we absolutely _do_ want to carry on
85 * processing our input bufchain, because that's the only way
86 * it'll ever get cleared!
88 * ssh_check_frozen() resets socket_frozen, and should be called
89 * whenever either of logically_frozen and the bufchain size
92 bool logically_frozen
, socket_frozen
;
94 /* in case we find these out before we have a ConnectionLayer to tell */
95 int term_width
, term_height
;
97 bufchain in_raw
, out_raw
, user_input
;
99 IdempotentCallback ic_out_raw
;
101 PacketLogSettings pls
;
102 struct DataTransferStats stats
;
104 BinaryPacketProtocol
*bpp
;
107 * base_layer identifies the bottommost packet protocol layer, the
108 * one connected directly to the BPP's packet queues. Any
109 * operation that needs to talk to all layers (e.g. free, or
110 * get_specials) will do it by talking to this, which will
111 * recursively propagate it if necessary.
113 PacketProtocolLayer
*base_layer
;
116 * The ConnectionLayer vtable from our connection layer.
121 * A dummy ConnectionLayer that can be used for logging sharing
122 * downstreams that connect before the real one is ready.
124 ConnectionLayer cl_dummy
;
127 * session_started is false until we initialise the main protocol
128 * layers. So it distinguishes between base_layer==NULL meaning
129 * that the SSH protocol hasn't been set up _yet_, and
130 * base_layer==NULL meaning the SSH protocol has run and finished.
131 * It's also used to mark the point where we stop counting proxy
132 * command diagnostics as pre-session-startup.
134 bool session_started
;
138 char *deferred_abort_message
;
140 bool need_random_unref
;
144 #define ssh_logevent(params) ( \
145 logevent_and_free((ssh)->logctx, dupprintf params))
147 static void ssh_shutdown(Ssh
*ssh
);
148 static void ssh_throttle_all(Ssh
*ssh
, bool enable
, size_t bufsize
);
149 static void ssh_bpp_output_raw_data_callback(void *vctx
);
151 LogContext
*ssh_get_logctx(Ssh
*ssh
)
156 static void ssh_connect_bpp(Ssh
*ssh
)
159 ssh
->bpp
->in_raw
= &ssh
->in_raw
;
160 ssh
->bpp
->out_raw
= &ssh
->out_raw
;
161 bufchain_set_callback(ssh
->bpp
->out_raw
, &ssh
->ic_out_raw
);
162 ssh
->bpp
->pls
= &ssh
->pls
;
163 ssh
->bpp
->logctx
= ssh
->logctx
;
164 ssh
->bpp
->remote_bugs
= ssh
->remote_bugs
;
167 static void ssh_connect_ppl(Ssh
*ssh
, PacketProtocolLayer
*ppl
)
170 ppl
->seat
= ssh
->seat
;
171 ppl
->interactor
= &ssh
->interactor
;
173 ppl
->logctx
= ssh
->logctx
;
174 ppl
->remote_bugs
= ssh
->remote_bugs
;
177 static void ssh_got_ssh_version(struct ssh_version_receiver
*rcv
,
180 Ssh
*ssh
= container_of(rcv
, Ssh
, version_receiver
);
181 BinaryPacketProtocol
*old_bpp
;
182 PacketProtocolLayer
*connection_layer
;
184 ssh
->session_started
= true;
187 * We don't support choosing a major protocol version dynamically,
188 * so this should always be the same value we set up in
191 assert(ssh
->version
== major_version
);
194 ssh
->remote_bugs
= ssh_verstring_get_bugs(old_bpp
);
196 if (!ssh
->bare_connection
) {
197 if (ssh
->version
== 2) {
198 PacketProtocolLayer
*userauth_layer
, *transport_child_layer
;
201 * We use the 'simple' variant of the SSH protocol if
202 * we're asked to, except not if we're also doing
203 * connection-sharing (either tunnelling our packets over
204 * an upstream or expecting to be tunnelled over
205 * ourselves), since then the assumption that we have only
206 * one channel to worry about is not true after all.
209 (conf_get_bool(ssh
->conf
, CONF_ssh_simple
) && !ssh
->connshare
);
211 ssh
->bpp
= ssh2_bpp_new(ssh
->logctx
, &ssh
->stats
, false);
212 ssh_connect_bpp(ssh
);
215 /* Load and pick the highest GSS library on the preference
217 if (!ssh
->gss_state
.libs
)
218 ssh
->gss_state
.libs
= ssh_gss_setup(ssh
->conf
);
219 ssh
->gss_state
.lib
= NULL
;
220 if (ssh
->gss_state
.libs
->nlibraries
> 0) {
222 for (i
= 0; i
< ngsslibs
; i
++) {
223 int want_id
= conf_get_int_int(ssh
->conf
,
224 CONF_ssh_gsslist
, i
);
225 for (j
= 0; j
< ssh
->gss_state
.libs
->nlibraries
; j
++)
226 if (ssh
->gss_state
.libs
->libraries
[j
].id
== want_id
) {
228 &ssh
->gss_state
.libs
->libraries
[j
];
229 goto got_gsslib
; /* double break */
234 * We always expect to have found something in
235 * the above loop: we only came here if there
236 * was at least one viable GSS library, and the
237 * preference list should always mention
238 * everything and only change the order.
240 assert(ssh
->gss_state
.lib
);
244 connection_layer
= ssh2_connection_new(
245 ssh
, ssh
->connshare
, is_simple
, ssh
->conf
,
246 ssh_verstring_get_remote(old_bpp
), &ssh
->user_input
, &ssh
->cl
);
247 ssh_connect_ppl(ssh
, connection_layer
);
249 if (conf_get_bool(ssh
->conf
, CONF_ssh_no_userauth
)) {
250 userauth_layer
= NULL
;
251 transport_child_layer
= connection_layer
;
253 char *username
= get_remote_username(ssh
->conf
);
255 userauth_layer
= ssh2_userauth_new(
256 connection_layer
, ssh
->savedhost
, ssh
->savedport
,
258 conf_get_filename(ssh
->conf
, CONF_keyfile
),
259 conf_get_filename(ssh
->conf
, CONF_detached_cert
),
260 conf_get_bool(ssh
->conf
, CONF_ssh_show_banner
),
261 conf_get_bool(ssh
->conf
, CONF_tryagent
),
262 conf_get_bool(ssh
->conf
, CONF_ssh_no_trivial_userauth
),
264 conf_get_bool(ssh
->conf
, CONF_change_username
),
265 conf_get_bool(ssh
->conf
, CONF_try_ki_auth
),
267 conf_get_bool(ssh
->conf
, CONF_try_gssapi_auth
),
268 conf_get_bool(ssh
->conf
, CONF_try_gssapi_kex
),
269 conf_get_bool(ssh
->conf
, CONF_gssapifwd
),
277 conf_get_str(ssh
->conf
, CONF_auth_plugin
));
278 ssh_connect_ppl(ssh
, userauth_layer
);
279 transport_child_layer
= userauth_layer
;
284 ssh
->base_layer
= ssh2_transport_new(
285 ssh
->conf
, ssh
->savedhost
, ssh
->savedport
,
287 ssh_verstring_get_local(old_bpp
),
288 ssh_verstring_get_remote(old_bpp
),
294 &ssh
->stats
, transport_child_layer
, NULL
);
295 ssh_connect_ppl(ssh
, ssh
->base_layer
);
298 ssh2_userauth_set_transport_layer(userauth_layer
,
303 ssh
->bpp
= ssh1_bpp_new(ssh
->logctx
);
304 ssh_connect_bpp(ssh
);
306 connection_layer
= ssh1_connection_new(
307 ssh
, ssh
->conf
, &ssh
->user_input
, &ssh
->cl
);
308 ssh_connect_ppl(ssh
, connection_layer
);
310 ssh
->base_layer
= ssh1_login_new(
311 ssh
->conf
, ssh
->savedhost
, ssh
->savedport
, connection_layer
);
312 ssh_connect_ppl(ssh
, ssh
->base_layer
);
317 ssh
->bpp
= ssh2_bare_bpp_new(ssh
->logctx
);
318 ssh_connect_bpp(ssh
);
320 connection_layer
= ssh2_connection_new(
321 ssh
, ssh
->connshare
, false, ssh
->conf
,
322 ssh_verstring_get_remote(old_bpp
), &ssh
->user_input
, &ssh
->cl
);
323 ssh_connect_ppl(ssh
, connection_layer
);
324 ssh
->base_layer
= connection_layer
;
327 /* Connect the base layer - whichever it is - to the BPP, and set
329 ssh
->base_layer
->selfptr
= &ssh
->base_layer
;
330 ssh_ppl_setup_queues(ssh
->base_layer
, &ssh
->bpp
->in_pq
, &ssh
->bpp
->out_pq
);
332 seat_update_specials_menu(ssh
->seat
);
333 ssh
->pinger
= pinger_new(ssh
->conf
, &ssh
->backend
);
335 queue_idempotent_callback(&ssh
->bpp
->ic_in_raw
);
336 ssh_ppl_process_queue(ssh
->base_layer
);
338 /* Pass in the initial terminal size, if we knew it already. */
339 ssh_terminal_size(ssh
->cl
, ssh
->term_width
, ssh
->term_height
);
341 ssh_bpp_free(old_bpp
);
344 void ssh_check_frozen(Ssh
*ssh
)
349 bool prev_frozen
= ssh
->socket_frozen
;
350 ssh
->socket_frozen
= (ssh
->logically_frozen
||
351 bufchain_size(&ssh
->in_raw
) > SSH_MAX_BACKLOG
);
352 sk_set_frozen(ssh
->s
, ssh
->socket_frozen
);
353 if (prev_frozen
&& !ssh
->socket_frozen
&& ssh
->bpp
) {
355 * If we've just unfrozen, process any SSH connection data
356 * that was stashed in our queue while we were frozen.
358 queue_idempotent_callback(&ssh
->bpp
->ic_in_raw
);
362 void ssh_conn_processed_data(Ssh
*ssh
)
364 ssh_check_frozen(ssh
);
367 static void ssh_bpp_output_raw_data_callback(void *vctx
)
369 Ssh
*ssh
= (Ssh
*)vctx
;
374 while (bufchain_size(&ssh
->out_raw
) > 0) {
377 ptrlen data
= bufchain_prefix(&ssh
->out_raw
);
380 log_packet(ssh
->logctx
, PKT_OUTGOING
, -1, NULL
, data
.ptr
, data
.len
,
381 0, NULL
, NULL
, 0, NULL
);
382 backlog
= sk_write(ssh
->s
, data
.ptr
, data
.len
);
384 bufchain_consume(&ssh
->out_raw
, data
.len
);
386 if (backlog
> SSH_MAX_BACKLOG
) {
387 ssh_throttle_all(ssh
, true, backlog
);
392 ssh_check_frozen(ssh
);
394 if (ssh
->pending_close
) {
397 seat_notify_remote_disconnect(ssh
->seat
);
401 static void ssh_shutdown_internal(Ssh
*ssh
)
403 expire_timer_context(ssh
);
405 if (ssh
->connshare
) {
406 sharestate_free(ssh
->connshare
);
407 ssh
->connshare
= NULL
;
411 pinger_free(ssh
->pinger
);
416 * We only need to free the base PPL, which will free the others
417 * (if any) transitively.
419 if (ssh
->base_layer
) {
420 ssh_ppl_free(ssh
->base_layer
);
421 ssh
->base_layer
= NULL
;
427 static void ssh_shutdown(Ssh
*ssh
)
429 ssh_shutdown_internal(ssh
);
432 ssh_bpp_free(ssh
->bpp
);
439 seat_notify_remote_disconnect(ssh
->seat
);
442 bufchain_clear(&ssh
->in_raw
);
443 bufchain_clear(&ssh
->out_raw
);
444 bufchain_clear(&ssh
->user_input
);
447 static void ssh_initiate_connection_close(Ssh
*ssh
)
449 /* Wind up everything above the BPP. */
450 ssh_shutdown_internal(ssh
);
452 /* Force any remaining queued SSH packets through the BPP, and
453 * schedule closing the network socket after they go out. */
454 ssh_bpp_handle_output(ssh
->bpp
);
455 ssh
->pending_close
= true;
456 queue_idempotent_callback(&ssh
->ic_out_raw
);
458 /* Now we expect the other end to close the connection too in
459 * response, so arrange that we'll receive notification of that
460 * via ssh_remote_eof. */
461 ssh
->bpp
->expect_close
= true;
464 #define GET_FORMATTED_MSG \
468 msg = dupvprintf(fmt, ap); \
470 ((void)0) /* eat trailing semicolon */
472 void ssh_remote_error(Ssh
*ssh
, const char *fmt
, ...)
474 if (ssh
->base_layer
|| !ssh
->session_started
) {
478 ssh_ppl_final_output(ssh
->base_layer
);
480 /* Error messages sent by the remote don't count as clean exits */
483 /* Close the socket immediately, since the server has already
484 * closed its end (or is about to). */
487 logevent(ssh
->logctx
, msg
);
488 seat_connection_fatal(ssh
->seat
, "%s", msg
);
493 void ssh_remote_eof(Ssh
*ssh
, const char *fmt
, ...)
495 if (ssh
->base_layer
|| !ssh
->session_started
) {
499 ssh_ppl_final_output(ssh
->base_layer
);
501 /* EOF from the remote, if we were expecting it, does count as
505 /* Close the socket immediately, since the server has already
509 logevent(ssh
->logctx
, msg
);
511 seat_notify_remote_exit(ssh
->seat
);
513 /* This is responding to EOF after we've already seen some
514 * other reason for terminating the session. */
519 void ssh_proto_error(Ssh
*ssh
, const char *fmt
, ...)
521 if (ssh
->base_layer
|| !ssh
->session_started
) {
525 ssh_ppl_final_output(ssh
->base_layer
);
529 ssh_bpp_queue_disconnect(ssh
->bpp
, msg
,
530 SSH2_DISCONNECT_PROTOCOL_ERROR
);
531 ssh_initiate_connection_close(ssh
);
533 logevent(ssh
->logctx
, msg
);
534 seat_connection_fatal(ssh
->seat
, "%s", msg
);
539 void ssh_sw_abort(Ssh
*ssh
, const char *fmt
, ...)
541 if (ssh
->base_layer
|| !ssh
->session_started
) {
545 ssh_ppl_final_output(ssh
->base_layer
);
549 ssh_initiate_connection_close(ssh
);
551 logevent(ssh
->logctx
, msg
);
552 seat_connection_fatal(ssh
->seat
, "%s", msg
);
555 seat_notify_remote_exit(ssh
->seat
);
559 void ssh_user_close(Ssh
*ssh
, const char *fmt
, ...)
561 if (ssh
->base_layer
|| !ssh
->session_started
) {
565 ssh_ppl_final_output(ssh
->base_layer
);
567 /* Closing the connection due to user action, even if the
568 * action is the user aborting during authentication prompts,
569 * does count as a clean exit - except that this is also how
570 * we signal ordinary session termination, in which case we
571 * should use the exit status already sent from the main
572 * session (if any). */
573 if (ssh
->exitcode
< 0)
576 ssh_initiate_connection_close(ssh
);
578 logevent(ssh
->logctx
, msg
);
581 seat_notify_remote_exit(ssh
->seat
);
585 static void ssh_deferred_abort_callback(void *vctx
)
587 Ssh
*ssh
= (Ssh
*)vctx
;
588 char *msg
= ssh
->deferred_abort_message
;
589 ssh
->deferred_abort_message
= NULL
;
590 ssh_sw_abort(ssh
, "%s", msg
);
594 void ssh_sw_abort_deferred(Ssh
*ssh
, const char *fmt
, ...)
596 if (!ssh
->deferred_abort_message
) {
598 ssh
->deferred_abort_message
= msg
;
599 queue_toplevel_callback(ssh_deferred_abort_callback
, ssh
);
603 static void ssh_socket_log(Plug
*plug
, PlugLogType type
, SockAddr
*addr
,
604 int port
, const char *error_msg
, int error_code
)
606 Ssh
*ssh
= container_of(plug
, Ssh
, plug
);
609 * While we're attempting connection sharing, don't loudly log
610 * everything that happens. Real TCP connections need to be logged
611 * when we _start_ trying to connect, because it might be ages
612 * before they respond if something goes wrong; but connection
613 * sharing is local and quick to respond, and it's sufficient to
614 * simply wait and see whether it worked afterwards.
617 if (!ssh
->attempting_connshare
)
618 backend_socket_log(ssh
->seat
, ssh
->logctx
, type
, addr
, port
,
619 error_msg
, error_code
, ssh
->conf
,
620 ssh
->session_started
);
623 static void ssh_closing(Plug
*plug
, PlugCloseType type
, const char *error_msg
)
625 Ssh
*ssh
= container_of(plug
, Ssh
, plug
);
626 if (type
== PLUGCLOSE_USER_ABORT
) {
627 ssh_user_close(ssh
, "%s", error_msg
);
628 } else if (type
!= PLUGCLOSE_NORMAL
) {
629 ssh_remote_error(ssh
, "%s", error_msg
);
630 } else if (ssh
->bpp
) {
631 ssh
->bpp
->input_eof
= true;
632 queue_idempotent_callback(&ssh
->bpp
->ic_in_raw
);
636 static void ssh_receive(Plug
*plug
, int urgent
, const char *data
, size_t len
)
638 Ssh
*ssh
= container_of(plug
, Ssh
, plug
);
640 /* Log raw data, if we're in that mode. */
642 log_packet(ssh
->logctx
, PKT_INCOMING
, -1, NULL
, data
, len
,
643 0, NULL
, NULL
, 0, NULL
);
645 bufchain_add(&ssh
->in_raw
, data
, len
);
646 if (!ssh
->logically_frozen
&& ssh
->bpp
)
647 queue_idempotent_callback(&ssh
->bpp
->ic_in_raw
);
649 ssh_check_frozen(ssh
);
652 static void ssh_sent(Plug
*plug
, size_t bufsize
)
654 Ssh
*ssh
= container_of(plug
, Ssh
, plug
);
656 * If the send backlog on the SSH socket itself clears, we should
657 * unthrottle the whole world if it was throttled. Also trigger an
658 * extra call to the consumer of the BPP's output, to try to send
659 * some more data off its bufchain.
661 if (bufsize
< SSH_MAX_BACKLOG
) {
662 ssh_throttle_all(ssh
, false, bufsize
);
663 queue_idempotent_callback(&ssh
->ic_out_raw
);
664 ssh_sendbuffer_changed(ssh
);
668 static void ssh_hostport_setup(const char *host
, int port
, Conf
*conf
,
669 char **savedhost
, int *savedport
,
672 char *loghost
= conf_get_str(conf
, CONF_loghost
);
674 *loghost_ret
= loghost
;
680 tmphost
= dupstr(loghost
);
681 *savedport
= 22; /* default ssh port */
684 * A colon suffix on the hostname string also lets us affect
685 * savedport. (Unless there are multiple colons, in which case
686 * we assume this is an unbracketed IPv6 literal.)
688 colon
= host_strrchr(tmphost
, ':');
689 if (colon
&& colon
== host_strchr(tmphost
, ':')) {
692 *savedport
= atoi(colon
);
695 *savedhost
= host_strduptrim(tmphost
);
698 *savedhost
= host_strduptrim(host
);
700 port
= 22; /* default ssh port */
705 static bool ssh_test_for_upstream(const char *host
, int port
, Conf
*conf
)
711 random_ref(); /* platform may need this to determine share socket name */
712 ssh_hostport_setup(host
, port
, conf
, &savedhost
, &savedport
, NULL
);
713 ret
= ssh_share_test_for_upstream(savedhost
, savedport
, conf
);
720 static char *ssh_close_warn_text(Backend
*be
)
722 Ssh
*ssh
= container_of(be
, Ssh
, backend
);
725 int ndowns
= share_ndownstreams(ssh
->connshare
);
728 char *msg
= dupprintf("This will also close %d downstream connection%s.",
729 ndowns
, ndowns
==1 ? "" : "s");
733 static const PlugVtable Ssh_plugvt
= {
734 .log
= ssh_socket_log
,
735 .closing
= ssh_closing
,
736 .receive
= ssh_receive
,
740 static char *ssh_description(Interactor
*itr
)
742 Ssh
*ssh
= container_of(itr
, Ssh
, interactor
);
743 return dupstr(ssh
->description
);
746 static LogPolicy
*ssh_logpolicy(Interactor
*itr
)
748 Ssh
*ssh
= container_of(itr
, Ssh
, interactor
);
749 return log_get_policy(ssh
->logctx
);
752 static Seat
*ssh_get_seat(Interactor
*itr
)
754 Ssh
*ssh
= container_of(itr
, Ssh
, interactor
);
758 static void ssh_set_seat(Interactor
*itr
, Seat
*seat
)
760 Ssh
*ssh
= container_of(itr
, Ssh
, interactor
);
764 static const InteractorVtable Ssh_interactorvt
= {
765 .description
= ssh_description
,
766 .logpolicy
= ssh_logpolicy
,
767 .get_seat
= ssh_get_seat
,
768 .set_seat
= ssh_set_seat
,
772 * Connect to specified host and port.
773 * Returns an error message, or NULL on success.
774 * Also places the canonical host name into `realhost'. It must be
775 * freed by the caller.
777 static char *connect_to_host(
778 Ssh
*ssh
, const char *host
, int port
, char *loghost
, char **realhost
,
779 bool nodelay
, bool keepalive
)
783 int addressfamily
, sshprot
;
785 ssh
->plug
.vt
= &Ssh_plugvt
;
788 * Try connection-sharing, in case that means we don't open a
789 * socket after all. ssh_connection_sharing_init will connect to a
790 * previously established upstream if it can, and failing that,
791 * establish a listening socket for _us_ to be the upstream. In
792 * the latter case it will return NULL just as if it had done
793 * nothing, because here we only need to care if we're a
794 * downstream and need to do our connection setup differently.
796 ssh
->connshare
= NULL
;
797 ssh
->attempting_connshare
= true; /* affects socket logging behaviour */
798 ssh
->s
= ssh_connection_sharing_init(
799 ssh
->savedhost
, ssh
->savedport
, ssh
->conf
, ssh
->logctx
,
800 &ssh
->plug
, &ssh
->connshare
);
802 ssh_connshare_provide_connlayer(ssh
->connshare
, &ssh
->cl_dummy
);
803 ssh
->attempting_connshare
= false;
804 if (ssh
->s
!= NULL
) {
806 * We are a downstream.
808 ssh
->bare_connection
= true;
809 ssh
->fullhostname
= NULL
;
810 *realhost
= dupstr(host
); /* best we can do */
812 if (seat_verbose(ssh
->seat
) || seat_interactive(ssh
->seat
)) {
813 /* In an interactive session, or in verbose mode, announce
814 * in the console window that we're a sharing downstream,
815 * to avoid confusing users as to why this session doesn't
816 * behave in quite the usual way. */
818 "Reusing a shared connection to this server.\r\n";
819 seat_stderr_pl(ssh
->seat
, ptrlen_from_asciz(msg
));
823 * We're not a downstream, so open a normal socket.
829 addressfamily
= conf_get_int(ssh
->conf
, CONF_addressfamily
);
830 addr
= name_lookup(host
, port
, realhost
, ssh
->conf
, addressfamily
,
831 ssh
->logctx
, "SSH connection");
832 if ((err
= sk_addr_error(addr
)) != NULL
) {
836 ssh
->fullhostname
= dupstr(*realhost
); /* save in case of GSSAPI */
838 ssh
->s
= new_connection(addr
, *realhost
, port
,
839 false, true, nodelay
, keepalive
,
840 &ssh
->plug
, ssh
->conf
, &ssh
->interactor
);
841 if ((err
= sk_socket_error(ssh
->s
)) != NULL
) {
843 seat_notify_remote_exit(ssh
->seat
);
844 seat_notify_remote_disconnect(ssh
->seat
);
850 * The SSH version number is always fixed (since we no longer support
851 * fallback between versions), so set it now.
853 sshprot
= conf_get_int(ssh
->conf
, CONF_sshprot
);
854 assert(sshprot
== 0 || sshprot
== 3);
858 if (sshprot
== 3 || ssh
->bare_connection
) {
864 * Set up the initial BPP that will do the version string
865 * exchange, and get it started so that it can send the outgoing
866 * version string early if it wants to.
868 ssh
->version_receiver
.got_ssh_version
= ssh_got_ssh_version
;
869 ssh
->bpp
= ssh_verstring_new(
870 ssh
->conf
, ssh
->logctx
, ssh
->bare_connection
,
871 ssh
->version
== 1 ? "1.5" : "2.0", &ssh
->version_receiver
,
873 ssh_connect_bpp(ssh
);
874 queue_idempotent_callback(&ssh
->bpp
->ic_in_raw
);
877 * loghost, if configured, overrides realhost.
881 *realhost
= dupstr(loghost
);
888 * Throttle or unthrottle the SSH connection.
890 void ssh_throttle_conn(Ssh
*ssh
, int adjust
)
892 int old_count
= ssh
->conn_throttle_count
;
895 ssh
->conn_throttle_count
+= adjust
;
896 assert(ssh
->conn_throttle_count
>= 0);
898 if (ssh
->conn_throttle_count
&& !old_count
) {
900 } else if (!ssh
->conn_throttle_count
&& old_count
) {
903 return; /* don't change current frozen state */
906 ssh
->logically_frozen
= frozen
;
907 ssh_check_frozen(ssh
);
911 * Throttle or unthrottle _all_ local data streams (for when sends
912 * on the SSH connection itself back up).
914 static void ssh_throttle_all(Ssh
*ssh
, bool enable
, size_t bufsize
)
916 if (enable
== ssh
->throttled_all
)
918 ssh
->throttled_all
= enable
;
919 ssh
->overall_bufsize
= bufsize
;
921 ssh_throttle_all_channels(ssh
->cl
, enable
);
924 static void ssh_cache_conf_values(Ssh
*ssh
)
926 ssh
->pls
.omit_passwords
= conf_get_bool(ssh
->conf
, CONF_logomitpass
);
927 ssh
->pls
.omit_data
= conf_get_bool(ssh
->conf
, CONF_logomitdata
);
930 bool ssh_is_bare(Ssh
*ssh
)
932 return ssh
->backend
.vt
->protocol
== PROT_SSHCONN
;
935 /* Dummy connlayer must provide ssh_sharing_no_more_downstreams,
936 * because it might be called early due to plink -shareexists */
937 static void dummy_sharing_no_more_downstreams(ConnectionLayer
*cl
) {}
938 static const ConnectionLayerVtable dummy_connlayer_vtable
= {
939 .sharing_no_more_downstreams
= dummy_sharing_no_more_downstreams
,
943 * Called to set up the connection.
945 * Returns an error message, or NULL on success.
947 static char *ssh_init(const BackendVtable
*vt
, Seat
*seat
,
948 Backend
**backend_handle
, LogContext
*logctx
,
949 Conf
*conf
, const char *host
, int port
,
950 char **realhost
, bool nodelay
, bool keepalive
)
955 memset(ssh
, 0, sizeof(Ssh
));
957 ssh
->conf
= conf_copy(conf
);
958 ssh_cache_conf_values(ssh
);
960 ssh
->pls
.kctx
= SSH2_PKTCTX_NOKEX
;
961 ssh
->pls
.actx
= SSH2_PKTCTX_NOAUTH
;
962 bufchain_init(&ssh
->in_raw
);
963 bufchain_init(&ssh
->out_raw
);
964 bufchain_init(&ssh
->user_input
);
965 ssh
->ic_out_raw
.fn
= ssh_bpp_output_raw_data_callback
;
966 ssh
->ic_out_raw
.ctx
= ssh
;
968 ssh
->term_width
= conf_get_int(ssh
->conf
, CONF_width
);
969 ssh
->term_height
= conf_get_int(ssh
->conf
, CONF_height
);
971 ssh
->backend
.vt
= vt
;
972 ssh
->interactor
.vt
= &Ssh_interactorvt
;
973 ssh
->backend
.interactor
= &ssh
->interactor
;
974 *backend_handle
= &ssh
->backend
;
976 ssh
->bare_connection
= (vt
->protocol
== PROT_SSHCONN
);
979 ssh
->cl_dummy
.vt
= &dummy_connlayer_vtable
;
980 ssh
->cl_dummy
.logctx
= ssh
->logctx
= logctx
;
984 ssh_hostport_setup(host
, port
, ssh
->conf
,
985 &ssh
->savedhost
, &ssh
->savedport
, &loghost
);
986 ssh
->description
= default_description(vt
, ssh
->savedhost
, ssh
->savedport
);
988 random_ref(); /* do this now - may be needed by sharing setup code */
989 ssh
->need_random_unref
= true;
991 char *conn_err
= connect_to_host(
992 ssh
, host
, port
, loghost
, realhost
, nodelay
, keepalive
);
994 /* Call random_unref now instead of waiting until the caller
995 * frees this useless Ssh object, in case the caller is
996 * impatient and just exits without bothering, in which case
997 * the random seed won't be re-saved. */
998 ssh
->need_random_unref
= false;
1006 static void ssh_free(Backend
*be
)
1008 Ssh
*ssh
= container_of(be
, Ssh
, backend
);
1009 bool need_random_unref
;
1013 if (is_tempseat(ssh
->seat
))
1014 tempseat_free(ssh
->seat
);
1016 conf_free(ssh
->conf
);
1018 sharestate_free(ssh
->connshare
);
1019 sfree(ssh
->savedhost
);
1020 sfree(ssh
->fullhostname
);
1021 sfree(ssh
->specials
);
1024 if (ssh
->gss_state
.srv_name
)
1025 ssh
->gss_state
.lib
->release_name(
1026 ssh
->gss_state
.lib
, &ssh
->gss_state
.srv_name
);
1027 if (ssh
->gss_state
.ctx
!= NULL
)
1028 ssh
->gss_state
.lib
->release_cred(
1029 ssh
->gss_state
.lib
, &ssh
->gss_state
.ctx
);
1030 if (ssh
->gss_state
.libs
)
1031 ssh_gss_cleanup(ssh
->gss_state
.libs
);
1034 sfree(ssh
->deferred_abort_message
);
1035 sfree(ssh
->description
);
1037 delete_callbacks_for_context(ssh
); /* likely to catch ic_out_raw */
1039 need_random_unref
= ssh
->need_random_unref
;
1042 if (need_random_unref
)
1047 * Reconfigure the SSH backend.
1049 static void ssh_reconfig(Backend
*be
, Conf
*conf
)
1051 Ssh
*ssh
= container_of(be
, Ssh
, backend
);
1054 pinger_reconfig(ssh
->pinger
, ssh
->conf
, conf
);
1056 if (ssh
->base_layer
)
1057 ssh_ppl_reconfigure(ssh
->base_layer
, conf
);
1059 conf_free(ssh
->conf
);
1060 ssh
->conf
= conf_copy(conf
);
1061 ssh_cache_conf_values(ssh
);
1065 * Called to send data down the SSH connection.
1067 static void ssh_send(Backend
*be
, const char *buf
, size_t len
)
1069 Ssh
*ssh
= container_of(be
, Ssh
, backend
);
1071 if (ssh
== NULL
|| ssh
->s
== NULL
)
1074 bufchain_add(&ssh
->user_input
, buf
, len
);
1076 ssh_got_user_input(ssh
->cl
);
1080 * Called to query the current amount of buffered stdin data.
1082 static size_t ssh_sendbuffer(Backend
*be
)
1084 Ssh
*ssh
= container_of(be
, Ssh
, backend
);
1087 if (!ssh
|| !ssh
->s
|| !ssh
->cl
)
1090 backlog
= ssh_stdin_backlog(ssh
->cl
);
1092 if (ssh
->base_layer
)
1093 backlog
+= ssh_ppl_queued_data_size(ssh
->base_layer
);
1096 * If the SSH socket itself has backed up, add the total backup
1097 * size on that to any individual buffer on the stdin channel.
1099 if (ssh
->throttled_all
)
1100 backlog
+= ssh
->overall_bufsize
;
1105 void ssh_sendbuffer_changed(Ssh
*ssh
)
1107 seat_sent(ssh
->seat
, ssh_sendbuffer(&ssh
->backend
));
1111 * Called to set the size of the window from SSH's POV.
1113 static void ssh_size(Backend
*be
, int width
, int height
)
1115 Ssh
*ssh
= container_of(be
, Ssh
, backend
);
1117 ssh
->term_width
= width
;
1118 ssh
->term_height
= height
;
1120 ssh_terminal_size(ssh
->cl
, ssh
->term_width
, ssh
->term_height
);
1123 struct ssh_add_special_ctx
{
1124 SessionSpecial
*specials
;
1125 size_t nspecials
, specials_size
;
1128 static void ssh_add_special(void *vctx
, const char *text
,
1129 SessionSpecialCode code
, int arg
)
1131 struct ssh_add_special_ctx
*ctx
= (struct ssh_add_special_ctx
*)vctx
;
1132 SessionSpecial
*spec
;
1134 sgrowarray(ctx
->specials
, ctx
->specials_size
, ctx
->nspecials
);
1135 spec
= &ctx
->specials
[ctx
->nspecials
++];
1142 * Return a list of the special codes that make sense in this
1145 static const SessionSpecial
*ssh_get_specials(Backend
*be
)
1147 Ssh
*ssh
= container_of(be
, Ssh
, backend
);
1150 * Ask all our active protocol layers what specials they've got,
1151 * and amalgamate the list into one combined one.
1154 struct ssh_add_special_ctx ctx
[1];
1156 ctx
->specials
= NULL
;
1157 ctx
->nspecials
= ctx
->specials_size
= 0;
1159 if (ssh
->base_layer
)
1160 ssh_ppl_get_specials(ssh
->base_layer
, ssh_add_special
, ctx
);
1162 if (ctx
->specials
) {
1163 /* If the list is non-empty, terminate it with a SS_EXITMENU. */
1164 ssh_add_special(ctx
, NULL
, SS_EXITMENU
, 0);
1167 sfree(ssh
->specials
);
1168 ssh
->specials
= ctx
->specials
;
1169 return ssh
->specials
;
1173 * Send special codes.
1175 static void ssh_special(Backend
*be
, SessionSpecialCode code
, int arg
)
1177 Ssh
*ssh
= container_of(be
, Ssh
, backend
);
1179 if (ssh
->base_layer
)
1180 ssh_ppl_special_cmd(ssh
->base_layer
, code
, arg
);
1184 * This is called when the seat's output channel manages to clear some
1187 static void ssh_unthrottle(Backend
*be
, size_t bufsize
)
1189 Ssh
*ssh
= container_of(be
, Ssh
, backend
);
1192 ssh_stdout_unthrottle(ssh
->cl
, bufsize
);
1195 static bool ssh_connected(Backend
*be
)
1197 Ssh
*ssh
= container_of(be
, Ssh
, backend
);
1198 return ssh
->s
!= NULL
;
1201 static bool ssh_sendok(Backend
*be
)
1203 Ssh
*ssh
= container_of(be
, Ssh
, backend
);
1204 return ssh
->cl
&& ssh_get_wants_user_input(ssh
->cl
);
1207 void ssh_check_sendok(Ssh
*ssh
)
1209 /* Called when the connection layer might have caused ssh_sendok
1210 * to start returning true */
1212 ldisc_check_sendok(ssh
->ldisc
);
1215 void ssh_ldisc_update(Ssh
*ssh
)
1217 /* Called when the connection layer wants to propagate an update
1218 * to the line discipline options */
1220 ldisc_echoedit_update(ssh
->ldisc
);
1223 static bool ssh_ldisc(Backend
*be
, int option
)
1225 Ssh
*ssh
= container_of(be
, Ssh
, backend
);
1226 return ssh
->cl
? ssh_ldisc_option(ssh
->cl
, option
) : false;
1229 static void ssh_provide_ldisc(Backend
*be
, Ldisc
*ldisc
)
1231 Ssh
*ssh
= container_of(be
, Ssh
, backend
);
1235 void ssh_got_exitcode(Ssh
*ssh
, int exitcode
)
1237 ssh
->exitcode
= exitcode
;
1240 static int ssh_return_exitcode(Backend
*be
)
1242 Ssh
*ssh
= container_of(be
, Ssh
, backend
);
1243 if (ssh
->s
&& (!ssh
->session_started
|| ssh
->base_layer
))
1246 return (ssh
->exitcode
>= 0 ? ssh
->exitcode
: INT_MAX
);
1250 * cfg_info for SSH is the protocol running in this session.
1251 * (1 or 2 for the full SSH-1 or SSH-2 protocol; -1 for the bare
1252 * SSH-2 connection protocol, i.e. a downstream; 0 for not-decided-yet.)
1254 static int ssh_cfg_info(Backend
*be
)
1256 Ssh
*ssh
= container_of(be
, Ssh
, backend
);
1257 if (ssh
->version
== 0)
1258 return 0; /* don't know yet */
1259 else if (ssh
->bare_connection
)
1262 return ssh
->version
;
1266 * Gross hack: pscp will try to start SFTP but fall back to scp1 if
1267 * that fails. This variable is the means by which pscp.c can reach
1268 * into the SSH code and find out which one it got.
1270 extern bool ssh_fallback_cmd(Backend
*be
)
1272 Ssh
*ssh
= container_of(be
, Ssh
, backend
);
1273 return ssh
->fallback_cmd
;
1276 void ssh_got_fallback_cmd(Ssh
*ssh
)
1278 ssh
->fallback_cmd
= true;
1281 const BackendVtable ssh_backend
= {
1284 .reconfig
= ssh_reconfig
,
1286 .sendbuffer
= ssh_sendbuffer
,
1288 .special
= ssh_special
,
1289 .get_specials
= ssh_get_specials
,
1290 .connected
= ssh_connected
,
1291 .exitcode
= ssh_return_exitcode
,
1292 .sendok
= ssh_sendok
,
1293 .ldisc_option_state
= ssh_ldisc
,
1294 .provide_ldisc
= ssh_provide_ldisc
,
1295 .unthrottle
= ssh_unthrottle
,
1296 .cfg_info
= ssh_cfg_info
,
1297 .test_for_upstream
= ssh_test_for_upstream
,
1298 .close_warn_text
= ssh_close_warn_text
,
1300 .displayname_tc
= "SSH",
1301 .displayname_lc
= "SSH", /* proper name, so capitalise it anyway */
1302 .protocol
= PROT_SSH
,
1303 .flags
= BACKEND_SUPPORTS_NC_HOST
| BACKEND_NOTIFIES_SESSION_START
,
1307 const BackendVtable sshconn_backend
= {
1310 .reconfig
= ssh_reconfig
,
1312 .sendbuffer
= ssh_sendbuffer
,
1314 .special
= ssh_special
,
1315 .get_specials
= ssh_get_specials
,
1316 .connected
= ssh_connected
,
1317 .exitcode
= ssh_return_exitcode
,
1318 .sendok
= ssh_sendok
,
1319 .ldisc_option_state
= ssh_ldisc
,
1320 .provide_ldisc
= ssh_provide_ldisc
,
1321 .unthrottle
= ssh_unthrottle
,
1322 .cfg_info
= ssh_cfg_info
,
1323 .test_for_upstream
= ssh_test_for_upstream
,
1324 .close_warn_text
= ssh_close_warn_text
,
1325 .id
= "ssh-connection",
1326 .displayname_tc
= "Bare ssh-connection",
1327 .displayname_lc
= "bare ssh-connection",
1328 .protocol
= PROT_SSHCONN
,
1329 .flags
= BACKEND_SUPPORTS_NC_HOST
| BACKEND_NOTIFIES_SESSION_START
,