search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Upgrade libgit2
[TortoiseGit.git] / src / TortoisePlink / ssh / ssh.c
blobc0d92c9293c635c4a5151fc43fb23b1f8b1ffb56
1 /*
2 * SSH backend.
3 */
4
5 #include <stdio.h>
6 #include <stdlib.h>
7 #include <stdarg.h>
8 #include <assert.h>
9 #include <limits.h>
10 #include <signal.h>
11
12 #include "putty.h"
13 #include "pageant.h" /* for AGENT_MAX_MSGLEN */
14 #include "tree234.h"
15 #include "storage.h"
16 #include "marshal.h"
17 #include "ssh.h"
18 #include "sshcr.h"
19 #include "bpp.h"
20 #include "ppl.h"
21 #include "channel.h"
22 #ifndef NO_GSSAPI
23 #include "gssc.h"
24 #include "gss.h"
25 #define MIN_CTXT_LIFETIME 5 /* Avoid rekey with short lifetime (seconds) */
26 #define GSS_KEX_CAPABLE (1<<0) /* Can do GSS KEX */
27 #define GSS_CRED_UPDATED (1<<1) /* Cred updated since previous delegation */
28 #define GSS_CTXT_EXPIRES (1<<2) /* Context expires before next timer */
29 #define GSS_CTXT_MAYFAIL (1<<3) /* Context may expire during handshake */
30 #endif
31
32 struct Ssh {
33 Socket *s;
34 Seat *seat;
35 Conf *conf;
36
37 struct ssh_version_receiver version_receiver;
38 int remote_bugs;
39
40 Plug plug;
41 Backend backend;
42 Interactor interactor;
43
44 Ldisc *ldisc;
45 LogContext *logctx;
46
47 /* The last list returned from get_specials. */
48 SessionSpecial *specials;
49
50 bool bare_connection;
51 ssh_sharing_state *connshare;
52 bool attempting_connshare;
53
54 #ifndef NO_GSSAPI
55 struct ssh_connection_shared_gss_state gss_state;
56 #endif
57
58 char *savedhost;
59 int savedport;
60 char *fullhostname;
61 char *description;
62
63 bool fallback_cmd;
64 int exitcode;
65
66 int version;
67 int conn_throttle_count;
68 size_t overall_bufsize;
69 bool throttled_all;
70
71 /*
72 * logically_frozen is true if we're not currently _processing_
73 * data from the SSH socket (e.g. because a higher layer has asked
74 * us not to due to ssh_throttle_conn). socket_frozen is true if
75 * we're not even _reading_ data from the socket (i.e. it should
76 * always match the value we last passed to sk_set_frozen).
77 *
78 * The two differ in that socket_frozen can also become
79 * temporarily true because of a large backlog in the in_raw
80 * bufchain, to force no further plug_receive events until the BPP
81 * input function has had a chance to run. (Some front ends, like
82 * GTK, can persistently call the network and never get round to
83 * the toplevel callbacks.) If we've stopped reading from the
84 * socket for that reason, we absolutely _do_ want to carry on
85 * processing our input bufchain, because that's the only way
86 * it'll ever get cleared!
87 *
88 * ssh_check_frozen() resets socket_frozen, and should be called
89 * whenever either of logically_frozen and the bufchain size
90 * changes.
91 */
92 bool logically_frozen, socket_frozen;
93
94 /* in case we find these out before we have a ConnectionLayer to tell */
95 int term_width, term_height;
96
97 bufchain in_raw, out_raw, user_input;
98 bool pending_close;
99 IdempotentCallback ic_out_raw;
100
101 PacketLogSettings pls;
102 struct DataTransferStats stats;
103
104 BinaryPacketProtocol *bpp;
105
106 /*
107 * base_layer identifies the bottommost packet protocol layer, the
108 * one connected directly to the BPP's packet queues. Any
109 * operation that needs to talk to all layers (e.g. free, or
110 * get_specials) will do it by talking to this, which will
111 * recursively propagate it if necessary.
112 */
113 PacketProtocolLayer *base_layer;
114
115 /*
116 * The ConnectionLayer vtable from our connection layer.
117 */
118 ConnectionLayer *cl;
119
120 /*
121 * A dummy ConnectionLayer that can be used for logging sharing
122 * downstreams that connect before the real one is ready.
123 */
124 ConnectionLayer cl_dummy;
125
126 /*
127 * session_started is false until we initialise the main protocol
128 * layers. So it distinguishes between base_layer==NULL meaning
129 * that the SSH protocol hasn't been set up _yet_, and
130 * base_layer==NULL meaning the SSH protocol has run and finished.
131 * It's also used to mark the point where we stop counting proxy
132 * command diagnostics as pre-session-startup.
133 */
134 bool session_started;
135
136 Pinger *pinger;
137
138 char *deferred_abort_message;
139
140 bool need_random_unref;
141 };
142
143
144 #define ssh_logevent(params) ( \
145 logevent_and_free((ssh)->logctx, dupprintf params))
146
147 static void ssh_shutdown(Ssh *ssh);
148 static void ssh_throttle_all(Ssh *ssh, bool enable, size_t bufsize);
149 static void ssh_bpp_output_raw_data_callback(void *vctx);
150
151 LogContext *ssh_get_logctx(Ssh *ssh)
152 {
153 return ssh->logctx;
154 }
155
156 static void ssh_connect_bpp(Ssh *ssh)
157 {
158 ssh->bpp->ssh = ssh;
159 ssh->bpp->in_raw = &ssh->in_raw;
160 ssh->bpp->out_raw = &ssh->out_raw;
161 bufchain_set_callback(ssh->bpp->out_raw, &ssh->ic_out_raw);
162 ssh->bpp->pls = &ssh->pls;
163 ssh->bpp->logctx = ssh->logctx;
164 ssh->bpp->remote_bugs = ssh->remote_bugs;
165 }
166
167 static void ssh_connect_ppl(Ssh *ssh, PacketProtocolLayer *ppl)
168 {
169 ppl->bpp = ssh->bpp;
170 ppl->seat = ssh->seat;
171 ppl->interactor = &ssh->interactor;
172 ppl->ssh = ssh;
173 ppl->logctx = ssh->logctx;
174 ppl->remote_bugs = ssh->remote_bugs;
175 }
176
177 static void ssh_got_ssh_version(struct ssh_version_receiver *rcv,
178 int major_version)
179 {
180 Ssh *ssh = container_of(rcv, Ssh, version_receiver);
181 BinaryPacketProtocol *old_bpp;
182 PacketProtocolLayer *connection_layer;
183
184 ssh->session_started = true;
185
186 /*
187 * We don't support choosing a major protocol version dynamically,
188 * so this should always be the same value we set up in
189 * connect_to_host().
190 */
191 assert(ssh->version == major_version);
192
193 old_bpp = ssh->bpp;
194 ssh->remote_bugs = ssh_verstring_get_bugs(old_bpp);
195
196 if (!ssh->bare_connection) {
197 if (ssh->version == 2) {
198 PacketProtocolLayer *userauth_layer, *transport_child_layer;
199
200 /*
201 * We use the 'simple' variant of the SSH protocol if
202 * we're asked to, except not if we're also doing
203 * connection-sharing (either tunnelling our packets over
204 * an upstream or expecting to be tunnelled over
205 * ourselves), since then the assumption that we have only
206 * one channel to worry about is not true after all.
207 */
208 bool is_simple =
209 (conf_get_bool(ssh->conf, CONF_ssh_simple) && !ssh->connshare);
210
211 ssh->bpp = ssh2_bpp_new(ssh->logctx, &ssh->stats, false);
212 ssh_connect_bpp(ssh);
213
214 #ifndef NO_GSSAPI
215 /* Load and pick the highest GSS library on the preference
216 * list. */
217 if (!ssh->gss_state.libs)
218 ssh->gss_state.libs = ssh_gss_setup(ssh->conf);
219 ssh->gss_state.lib = NULL;
220 if (ssh->gss_state.libs->nlibraries > 0) {
221 int i, j;
222 for (i = 0; i < ngsslibs; i++) {
223 int want_id = conf_get_int_int(ssh->conf,
224 CONF_ssh_gsslist, i);
225 for (j = 0; j < ssh->gss_state.libs->nlibraries; j++)
226 if (ssh->gss_state.libs->libraries[j].id == want_id) {
227 ssh->gss_state.lib =
228 &ssh->gss_state.libs->libraries[j];
229 goto got_gsslib; /* double break */
230 }
231 }
232 got_gsslib:
233 /*
234 * We always expect to have found something in
235 * the above loop: we only came here if there
236 * was at least one viable GSS library, and the
237 * preference list should always mention
238 * everything and only change the order.
239 */
240 assert(ssh->gss_state.lib);
241 }
242 #endif
243
244 connection_layer = ssh2_connection_new(
245 ssh, ssh->connshare, is_simple, ssh->conf,
246 ssh_verstring_get_remote(old_bpp), &ssh->user_input, &ssh->cl);
247 ssh_connect_ppl(ssh, connection_layer);
248
249 if (conf_get_bool(ssh->conf, CONF_ssh_no_userauth)) {
250 userauth_layer = NULL;
251 transport_child_layer = connection_layer;
252 } else {
253 char *username = get_remote_username(ssh->conf);
254
255 userauth_layer = ssh2_userauth_new(
256 connection_layer, ssh->savedhost, ssh->savedport,
257 ssh->fullhostname,
258 conf_get_filename(ssh->conf, CONF_keyfile),
259 conf_get_filename(ssh->conf, CONF_detached_cert),
260 conf_get_bool(ssh->conf, CONF_ssh_show_banner),
261 conf_get_bool(ssh->conf, CONF_tryagent),
262 conf_get_bool(ssh->conf, CONF_ssh_no_trivial_userauth),
263 username,
264 conf_get_bool(ssh->conf, CONF_change_username),
265 conf_get_bool(ssh->conf, CONF_try_ki_auth),
266 #ifndef NO_GSSAPI
267 conf_get_bool(ssh->conf, CONF_try_gssapi_auth),
268 conf_get_bool(ssh->conf, CONF_try_gssapi_kex),
269 conf_get_bool(ssh->conf, CONF_gssapifwd),
270 &ssh->gss_state,
271 #else
272 false,
273 false,
274 false,
275 NULL,
276 #endif
277 conf_get_str(ssh->conf, CONF_auth_plugin));
278 ssh_connect_ppl(ssh, userauth_layer);
279 transport_child_layer = userauth_layer;
280
281 sfree(username);
282 }
283
284 ssh->base_layer = ssh2_transport_new(
285 ssh->conf, ssh->savedhost, ssh->savedport,
286 ssh->fullhostname,
287 ssh_verstring_get_local(old_bpp),
288 ssh_verstring_get_remote(old_bpp),
289 #ifndef NO_GSSAPI
290 &ssh->gss_state,
291 #else
292 NULL,
293 #endif
294 &ssh->stats, transport_child_layer, NULL);
295 ssh_connect_ppl(ssh, ssh->base_layer);
296
297 if (userauth_layer)
298 ssh2_userauth_set_transport_layer(userauth_layer,
299 ssh->base_layer);
300
301 } else {
302
303 ssh->bpp = ssh1_bpp_new(ssh->logctx);
304 ssh_connect_bpp(ssh);
305
306 connection_layer = ssh1_connection_new(
307 ssh, ssh->conf, &ssh->user_input, &ssh->cl);
308 ssh_connect_ppl(ssh, connection_layer);
309
310 ssh->base_layer = ssh1_login_new(
311 ssh->conf, ssh->savedhost, ssh->savedport, connection_layer);
312 ssh_connect_ppl(ssh, ssh->base_layer);
313
314 }
315
316 } else {
317 ssh->bpp = ssh2_bare_bpp_new(ssh->logctx);
318 ssh_connect_bpp(ssh);
319
320 connection_layer = ssh2_connection_new(
321 ssh, ssh->connshare, false, ssh->conf,
322 ssh_verstring_get_remote(old_bpp), &ssh->user_input, &ssh->cl);
323 ssh_connect_ppl(ssh, connection_layer);
324 ssh->base_layer = connection_layer;
325 }
326
327 /* Connect the base layer - whichever it is - to the BPP, and set
328 * up its selfptr. */
329 ssh->base_layer->selfptr = &ssh->base_layer;
330 ssh_ppl_setup_queues(ssh->base_layer, &ssh->bpp->in_pq, &ssh->bpp->out_pq);
331
332 seat_update_specials_menu(ssh->seat);
333 ssh->pinger = pinger_new(ssh->conf, &ssh->backend);
334
335 queue_idempotent_callback(&ssh->bpp->ic_in_raw);
336 ssh_ppl_process_queue(ssh->base_layer);
337
338 /* Pass in the initial terminal size, if we knew it already. */
339 ssh_terminal_size(ssh->cl, ssh->term_width, ssh->term_height);
340
341 ssh_bpp_free(old_bpp);
342 }
343
344 void ssh_check_frozen(Ssh *ssh)
345 {
346 if (!ssh->s)
347 return;
348
349 bool prev_frozen = ssh->socket_frozen;
350 ssh->socket_frozen = (ssh->logically_frozen ||
351 bufchain_size(&ssh->in_raw) > SSH_MAX_BACKLOG);
352 sk_set_frozen(ssh->s, ssh->socket_frozen);
353 if (prev_frozen && !ssh->socket_frozen && ssh->bpp) {
354 /*
355 * If we've just unfrozen, process any SSH connection data
356 * that was stashed in our queue while we were frozen.
357 */
358 queue_idempotent_callback(&ssh->bpp->ic_in_raw);
359 }
360 }
361
362 void ssh_conn_processed_data(Ssh *ssh)
363 {
364 ssh_check_frozen(ssh);
365 }
366
367 static void ssh_bpp_output_raw_data_callback(void *vctx)
368 {
369 Ssh *ssh = (Ssh *)vctx;
370
371 if (!ssh->s)
372 return;
373
374 while (bufchain_size(&ssh->out_raw) > 0) {
375 size_t backlog;
376
377 ptrlen data = bufchain_prefix(&ssh->out_raw);
378
379 if (ssh->logctx)
380 log_packet(ssh->logctx, PKT_OUTGOING, -1, NULL, data.ptr, data.len,
381 0, NULL, NULL, 0, NULL);
382 backlog = sk_write(ssh->s, data.ptr, data.len);
383
384 bufchain_consume(&ssh->out_raw, data.len);
385
386 if (backlog > SSH_MAX_BACKLOG) {
387 ssh_throttle_all(ssh, true, backlog);
388 return;
389 }
390 }
391
392 ssh_check_frozen(ssh);
393
394 if (ssh->pending_close) {
395 sk_close(ssh->s);
396 ssh->s = NULL;
397 seat_notify_remote_disconnect(ssh->seat);
398 }
399 }
400
401 static void ssh_shutdown_internal(Ssh *ssh)
402 {
403 expire_timer_context(ssh);
404
405 if (ssh->connshare) {
406 sharestate_free(ssh->connshare);
407 ssh->connshare = NULL;
408 }
409
410 if (ssh->pinger) {
411 pinger_free(ssh->pinger);
412 ssh->pinger = NULL;
413 }
414
415 /*
416 * We only need to free the base PPL, which will free the others
417 * (if any) transitively.
418 */
419 if (ssh->base_layer) {
420 ssh_ppl_free(ssh->base_layer);
421 ssh->base_layer = NULL;
422 }
423
424 ssh->cl = NULL;
425 }
426
427 static void ssh_shutdown(Ssh *ssh)
428 {
429 ssh_shutdown_internal(ssh);
430
431 if (ssh->bpp) {
432 ssh_bpp_free(ssh->bpp);
433 ssh->bpp = NULL;
434 }
435
436 if (ssh->s) {
437 sk_close(ssh->s);
438 ssh->s = NULL;
439 seat_notify_remote_disconnect(ssh->seat);
440 }
441
442 bufchain_clear(&ssh->in_raw);
443 bufchain_clear(&ssh->out_raw);
444 bufchain_clear(&ssh->user_input);
445 }
446
447 static void ssh_initiate_connection_close(Ssh *ssh)
448 {
449 /* Wind up everything above the BPP. */
450 ssh_shutdown_internal(ssh);
451
452 /* Force any remaining queued SSH packets through the BPP, and
453 * schedule closing the network socket after they go out. */
454 ssh_bpp_handle_output(ssh->bpp);
455 ssh->pending_close = true;
456 queue_idempotent_callback(&ssh->ic_out_raw);
457
458 /* Now we expect the other end to close the connection too in
459 * response, so arrange that we'll receive notification of that
460 * via ssh_remote_eof. */
461 ssh->bpp->expect_close = true;
462 }
463
464 #define GET_FORMATTED_MSG \
465 char *msg; \
466 va_list ap; \
467 va_start(ap, fmt); \
468 msg = dupvprintf(fmt, ap); \
469 va_end(ap); \
470 ((void)0) /* eat trailing semicolon */
471
472 void ssh_remote_error(Ssh *ssh, const char *fmt, ...)
473 {
474 if (ssh->base_layer || !ssh->session_started) {
475 GET_FORMATTED_MSG;
476
477 if (ssh->base_layer)
478 ssh_ppl_final_output(ssh->base_layer);
479
480 /* Error messages sent by the remote don't count as clean exits */
481 ssh->exitcode = 128;
482
483 /* Close the socket immediately, since the server has already
484 * closed its end (or is about to). */
485 ssh_shutdown(ssh);
486
487 logevent(ssh->logctx, msg);
488 seat_connection_fatal(ssh->seat, "%s", msg);
489 sfree(msg);
490 }
491 }
492
493 void ssh_remote_eof(Ssh *ssh, const char *fmt, ...)
494 {
495 if (ssh->base_layer || !ssh->session_started) {
496 GET_FORMATTED_MSG;
497
498 if (ssh->base_layer)
499 ssh_ppl_final_output(ssh->base_layer);
500
501 /* EOF from the remote, if we were expecting it, does count as
502 * a clean exit */
503 ssh->exitcode = 0;
504
505 /* Close the socket immediately, since the server has already
506 * closed its end. */
507 ssh_shutdown(ssh);
508
509 logevent(ssh->logctx, msg);
510 sfree(msg);
511 seat_notify_remote_exit(ssh->seat);
512 } else {
513 /* This is responding to EOF after we've already seen some
514 * other reason for terminating the session. */
515 ssh_shutdown(ssh);
516 }
517 }
518
519 void ssh_proto_error(Ssh *ssh, const char *fmt, ...)
520 {
521 if (ssh->base_layer || !ssh->session_started) {
522 GET_FORMATTED_MSG;
523
524 if (ssh->base_layer)
525 ssh_ppl_final_output(ssh->base_layer);
526
527 ssh->exitcode = 128;
528
529 ssh_bpp_queue_disconnect(ssh->bpp, msg,
530 SSH2_DISCONNECT_PROTOCOL_ERROR);
531 ssh_initiate_connection_close(ssh);
532
533 logevent(ssh->logctx, msg);
534 seat_connection_fatal(ssh->seat, "%s", msg);
535 sfree(msg);
536 }
537 }
538
539 void ssh_sw_abort(Ssh *ssh, const char *fmt, ...)
540 {
541 if (ssh->base_layer || !ssh->session_started) {
542 GET_FORMATTED_MSG;
543
544 if (ssh->base_layer)
545 ssh_ppl_final_output(ssh->base_layer);
546
547 ssh->exitcode = 128;
548
549 ssh_initiate_connection_close(ssh);
550
551 logevent(ssh->logctx, msg);
552 seat_connection_fatal(ssh->seat, "%s", msg);
553 sfree(msg);
554
555 seat_notify_remote_exit(ssh->seat);
556 }
557 }
558
559 void ssh_user_close(Ssh *ssh, const char *fmt, ...)
560 {
561 if (ssh->base_layer || !ssh->session_started) {
562 GET_FORMATTED_MSG;
563
564 if (ssh->base_layer)
565 ssh_ppl_final_output(ssh->base_layer);
566
567 /* Closing the connection due to user action, even if the
568 * action is the user aborting during authentication prompts,
569 * does count as a clean exit - except that this is also how
570 * we signal ordinary session termination, in which case we
571 * should use the exit status already sent from the main
572 * session (if any). */
573 if (ssh->exitcode < 0)
574 ssh->exitcode = 0;
575
576 ssh_initiate_connection_close(ssh);
577
578 logevent(ssh->logctx, msg);
579 sfree(msg);
580
581 seat_notify_remote_exit(ssh->seat);
582 }
583 }
584
585 static void ssh_deferred_abort_callback(void *vctx)
586 {
587 Ssh *ssh = (Ssh *)vctx;
588 char *msg = ssh->deferred_abort_message;
589 ssh->deferred_abort_message = NULL;
590 ssh_sw_abort(ssh, "%s", msg);
591 sfree(msg);
592 }
593
594 void ssh_sw_abort_deferred(Ssh *ssh, const char *fmt, ...)
595 {
596 if (!ssh->deferred_abort_message) {
597 GET_FORMATTED_MSG;
598 ssh->deferred_abort_message = msg;
599 queue_toplevel_callback(ssh_deferred_abort_callback, ssh);
600 }
601 }
602
603 static void ssh_socket_log(Plug *plug, PlugLogType type, SockAddr *addr,
604 int port, const char *error_msg, int error_code)
605 {
606 Ssh *ssh = container_of(plug, Ssh, plug);
607
608 /*
609 * While we're attempting connection sharing, don't loudly log
610 * everything that happens. Real TCP connections need to be logged
611 * when we _start_ trying to connect, because it might be ages
612 * before they respond if something goes wrong; but connection
613 * sharing is local and quick to respond, and it's sufficient to
614 * simply wait and see whether it worked afterwards.
615 */
616
617 if (!ssh->attempting_connshare)
618 backend_socket_log(ssh->seat, ssh->logctx, type, addr, port,
619 error_msg, error_code, ssh->conf,
620 ssh->session_started);
621 }
622
623 static void ssh_closing(Plug *plug, PlugCloseType type, const char *error_msg)
624 {
625 Ssh *ssh = container_of(plug, Ssh, plug);
626 if (type == PLUGCLOSE_USER_ABORT) {
627 ssh_user_close(ssh, "%s", error_msg);
628 } else if (type != PLUGCLOSE_NORMAL) {
629 ssh_remote_error(ssh, "%s", error_msg);
630 } else if (ssh->bpp) {
631 ssh->bpp->input_eof = true;
632 queue_idempotent_callback(&ssh->bpp->ic_in_raw);
633 }
634 }
635
636 static void ssh_receive(Plug *plug, int urgent, const char *data, size_t len)
637 {
638 Ssh *ssh = container_of(plug, Ssh, plug);
639
640 /* Log raw data, if we're in that mode. */
641 if (ssh->logctx)
642 log_packet(ssh->logctx, PKT_INCOMING, -1, NULL, data, len,
643 0, NULL, NULL, 0, NULL);
644
645 bufchain_add(&ssh->in_raw, data, len);
646 if (!ssh->logically_frozen && ssh->bpp)
647 queue_idempotent_callback(&ssh->bpp->ic_in_raw);
648
649 ssh_check_frozen(ssh);
650 }
651
652 static void ssh_sent(Plug *plug, size_t bufsize)
653 {
654 Ssh *ssh = container_of(plug, Ssh, plug);
655 /*
656 * If the send backlog on the SSH socket itself clears, we should
657 * unthrottle the whole world if it was throttled. Also trigger an
658 * extra call to the consumer of the BPP's output, to try to send
659 * some more data off its bufchain.
660 */
661 if (bufsize < SSH_MAX_BACKLOG) {
662 ssh_throttle_all(ssh, false, bufsize);
663 queue_idempotent_callback(&ssh->ic_out_raw);
664 ssh_sendbuffer_changed(ssh);
665 }
666 }
667
668 static void ssh_hostport_setup(const char *host, int port, Conf *conf,
669 char **savedhost, int *savedport,
670 char **loghost_ret)
671 {
672 char *loghost = conf_get_str(conf, CONF_loghost);
673 if (loghost_ret)
674 *loghost_ret = loghost;
675
676 if (*loghost) {
677 char *tmphost;
678 char *colon;
679
680 tmphost = dupstr(loghost);
681 *savedport = 22; /* default ssh port */
682
683 /*
684 * A colon suffix on the hostname string also lets us affect
685 * savedport. (Unless there are multiple colons, in which case
686 * we assume this is an unbracketed IPv6 literal.)
687 */
688 colon = host_strrchr(tmphost, ':');
689 if (colon && colon == host_strchr(tmphost, ':')) {
690 *colon++ = '\0';
691 if (*colon)
692 *savedport = atoi(colon);
693 }
694
695 *savedhost = host_strduptrim(tmphost);
696 sfree(tmphost);
697 } else {
698 *savedhost = host_strduptrim(host);
699 if (port < 0)
700 port = 22; /* default ssh port */
701 *savedport = port;
702 }
703 }
704
705 static bool ssh_test_for_upstream(const char *host, int port, Conf *conf)
706 {
707 char *savedhost;
708 int savedport;
709 bool ret;
710
711 random_ref(); /* platform may need this to determine share socket name */
712 ssh_hostport_setup(host, port, conf, &savedhost, &savedport, NULL);
713 ret = ssh_share_test_for_upstream(savedhost, savedport, conf);
714 sfree(savedhost);
715 random_unref();
716
717 return ret;
718 }
719
720 static char *ssh_close_warn_text(Backend *be)
721 {
722 Ssh *ssh = container_of(be, Ssh, backend);
723 if (!ssh->connshare)
724 return NULL;
725 int ndowns = share_ndownstreams(ssh->connshare);
726 if (ndowns == 0)
727 return NULL;
728 char *msg = dupprintf("This will also close %d downstream connection%s.",
729 ndowns, ndowns==1 ? "" : "s");
730 return msg;
731 }
732
733 static const PlugVtable Ssh_plugvt = {
734 .log = ssh_socket_log,
735 .closing = ssh_closing,
736 .receive = ssh_receive,
737 .sent = ssh_sent,
738 };
739
740 static char *ssh_description(Interactor *itr)
741 {
742 Ssh *ssh = container_of(itr, Ssh, interactor);
743 return dupstr(ssh->description);
744 }
745
746 static LogPolicy *ssh_logpolicy(Interactor *itr)
747 {
748 Ssh *ssh = container_of(itr, Ssh, interactor);
749 return log_get_policy(ssh->logctx);
750 }
751
752 static Seat *ssh_get_seat(Interactor *itr)
753 {
754 Ssh *ssh = container_of(itr, Ssh, interactor);
755 return ssh->seat;
756 }
757
758 static void ssh_set_seat(Interactor *itr, Seat *seat)
759 {
760 Ssh *ssh = container_of(itr, Ssh, interactor);
761 ssh->seat = seat;
762 }
763
764 static const InteractorVtable Ssh_interactorvt = {
765 .description = ssh_description,
766 .logpolicy = ssh_logpolicy,
767 .get_seat = ssh_get_seat,
768 .set_seat = ssh_set_seat,
769 };
770
771 /*
772 * Connect to specified host and port.
773 * Returns an error message, or NULL on success.
774 * Also places the canonical host name into `realhost'. It must be
775 * freed by the caller.
776 */
777 static char *connect_to_host(
778 Ssh *ssh, const char *host, int port, char *loghost, char **realhost,
779 bool nodelay, bool keepalive)
780 {
781 SockAddr *addr;
782 const char *err;
783 int addressfamily, sshprot;
784
785 ssh->plug.vt = &Ssh_plugvt;
786
787 /*
788 * Try connection-sharing, in case that means we don't open a
789 * socket after all. ssh_connection_sharing_init will connect to a
790 * previously established upstream if it can, and failing that,
791 * establish a listening socket for _us_ to be the upstream. In
792 * the latter case it will return NULL just as if it had done
793 * nothing, because here we only need to care if we're a
794 * downstream and need to do our connection setup differently.
795 */
796 ssh->connshare = NULL;
797 ssh->attempting_connshare = true; /* affects socket logging behaviour */
798 ssh->s = ssh_connection_sharing_init(
799 ssh->savedhost, ssh->savedport, ssh->conf, ssh->logctx,
800 &ssh->plug, &ssh->connshare);
801 if (ssh->connshare)
802 ssh_connshare_provide_connlayer(ssh->connshare, &ssh->cl_dummy);
803 ssh->attempting_connshare = false;
804 if (ssh->s != NULL) {
805 /*
806 * We are a downstream.
807 */
808 ssh->bare_connection = true;
809 ssh->fullhostname = NULL;
810 *realhost = dupstr(host); /* best we can do */
811
812 if (seat_verbose(ssh->seat) || seat_interactive(ssh->seat)) {
813 /* In an interactive session, or in verbose mode, announce
814 * in the console window that we're a sharing downstream,
815 * to avoid confusing users as to why this session doesn't
816 * behave in quite the usual way. */
817 const char *msg =
818 "Reusing a shared connection to this server.\r\n";
819 seat_stderr_pl(ssh->seat, ptrlen_from_asciz(msg));
820 }
821 } else {
822 /*
823 * We're not a downstream, so open a normal socket.
824 */
825
826 /*
827 * Try to find host.
828 */
829 addressfamily = conf_get_int(ssh->conf, CONF_addressfamily);
830 addr = name_lookup(host, port, realhost, ssh->conf, addressfamily,
831 ssh->logctx, "SSH connection");
832 if ((err = sk_addr_error(addr)) != NULL) {
833 sk_addr_free(addr);
834 return dupstr(err);
835 }
836 ssh->fullhostname = dupstr(*realhost); /* save in case of GSSAPI */
837
838 ssh->s = new_connection(addr, *realhost, port,
839 false, true, nodelay, keepalive,
840 &ssh->plug, ssh->conf, &ssh->interactor);
841 if ((err = sk_socket_error(ssh->s)) != NULL) {
842 ssh->s = NULL;
843 seat_notify_remote_exit(ssh->seat);
844 seat_notify_remote_disconnect(ssh->seat);
845 return dupstr(err);
846 }
847 }
848
849 /*
850 * The SSH version number is always fixed (since we no longer support
851 * fallback between versions), so set it now.
852 */
853 sshprot = conf_get_int(ssh->conf, CONF_sshprot);
854 assert(sshprot == 0 || sshprot == 3);
855 if (sshprot == 0)
856 /* SSH-1 only */
857 ssh->version = 1;
858 if (sshprot == 3 || ssh->bare_connection) {
859 /* SSH-2 only */
860 ssh->version = 2;
861 }
862
863 /*
864 * Set up the initial BPP that will do the version string
865 * exchange, and get it started so that it can send the outgoing
866 * version string early if it wants to.
867 */
868 ssh->version_receiver.got_ssh_version = ssh_got_ssh_version;
869 ssh->bpp = ssh_verstring_new(
870 ssh->conf, ssh->logctx, ssh->bare_connection,
871 ssh->version == 1 ? "1.5" : "2.0", &ssh->version_receiver,
872 false, "PuTTY");
873 ssh_connect_bpp(ssh);
874 queue_idempotent_callback(&ssh->bpp->ic_in_raw);
875
876 /*
877 * loghost, if configured, overrides realhost.
878 */
879 if (*loghost) {
880 sfree(*realhost);
881 *realhost = dupstr(loghost);
882 }
883
884 return NULL;
885 }
886
887 /*
888 * Throttle or unthrottle the SSH connection.
889 */
890 void ssh_throttle_conn(Ssh *ssh, int adjust)
891 {
892 int old_count = ssh->conn_throttle_count;
893 bool frozen;
894
895 ssh->conn_throttle_count += adjust;
896 assert(ssh->conn_throttle_count >= 0);
897
898 if (ssh->conn_throttle_count && !old_count) {
899 frozen = true;
900 } else if (!ssh->conn_throttle_count && old_count) {
901 frozen = false;
902 } else {
903 return; /* don't change current frozen state */
904 }
905
906 ssh->logically_frozen = frozen;
907 ssh_check_frozen(ssh);
908 }
909
910 /*
911 * Throttle or unthrottle _all_ local data streams (for when sends
912 * on the SSH connection itself back up).
913 */
914 static void ssh_throttle_all(Ssh *ssh, bool enable, size_t bufsize)
915 {
916 if (enable == ssh->throttled_all)
917 return;
918 ssh->throttled_all = enable;
919 ssh->overall_bufsize = bufsize;
920
921 ssh_throttle_all_channels(ssh->cl, enable);
922 }
923
924 static void ssh_cache_conf_values(Ssh *ssh)
925 {
926 ssh->pls.omit_passwords = conf_get_bool(ssh->conf, CONF_logomitpass);
927 ssh->pls.omit_data = conf_get_bool(ssh->conf, CONF_logomitdata);
928 }
929
930 bool ssh_is_bare(Ssh *ssh)
931 {
932 return ssh->backend.vt->protocol == PROT_SSHCONN;
933 }
934
935 /* Dummy connlayer must provide ssh_sharing_no_more_downstreams,
936 * because it might be called early due to plink -shareexists */
937 static void dummy_sharing_no_more_downstreams(ConnectionLayer *cl) {}
938 static const ConnectionLayerVtable dummy_connlayer_vtable = {
939 .sharing_no_more_downstreams = dummy_sharing_no_more_downstreams,
940 };
941
942 /*
943 * Called to set up the connection.
944 *
945 * Returns an error message, or NULL on success.
946 */
947 static char *ssh_init(const BackendVtable *vt, Seat *seat,
948 Backend **backend_handle, LogContext *logctx,
949 Conf *conf, const char *host, int port,
950 char **realhost, bool nodelay, bool keepalive)
951 {
952 Ssh *ssh;
953
954 ssh = snew(Ssh);
955 memset(ssh, 0, sizeof(Ssh));
956
957 ssh->conf = conf_copy(conf);
958 ssh_cache_conf_values(ssh);
959 ssh->exitcode = -1;
960 ssh->pls.kctx = SSH2_PKTCTX_NOKEX;
961 ssh->pls.actx = SSH2_PKTCTX_NOAUTH;
962 bufchain_init(&ssh->in_raw);
963 bufchain_init(&ssh->out_raw);
964 bufchain_init(&ssh->user_input);
965 ssh->ic_out_raw.fn = ssh_bpp_output_raw_data_callback;
966 ssh->ic_out_raw.ctx = ssh;
967
968 ssh->term_width = conf_get_int(ssh->conf, CONF_width);
969 ssh->term_height = conf_get_int(ssh->conf, CONF_height);
970
971 ssh->backend.vt = vt;
972 ssh->interactor.vt = &Ssh_interactorvt;
973 ssh->backend.interactor = &ssh->interactor;
974 *backend_handle = &ssh->backend;
975
976 ssh->bare_connection = (vt->protocol == PROT_SSHCONN);
977
978 ssh->seat = seat;
979 ssh->cl_dummy.vt = &dummy_connlayer_vtable;
980 ssh->cl_dummy.logctx = ssh->logctx = logctx;
981
982 char *loghost;
983
984 ssh_hostport_setup(host, port, ssh->conf,
985 &ssh->savedhost, &ssh->savedport, &loghost);
986 ssh->description = default_description(vt, ssh->savedhost, ssh->savedport);
987
988 random_ref(); /* do this now - may be needed by sharing setup code */
989 ssh->need_random_unref = true;
990
991 char *conn_err = connect_to_host(
992 ssh, host, port, loghost, realhost, nodelay, keepalive);
993 if (conn_err) {
994 /* Call random_unref now instead of waiting until the caller
995 * frees this useless Ssh object, in case the caller is
996 * impatient and just exits without bothering, in which case
997 * the random seed won't be re-saved. */
998 ssh->need_random_unref = false;
999 random_unref();
1000 return conn_err;
1001 }
1002
1003 return NULL;
1004 }
1005
1006 static void ssh_free(Backend *be)
1007 {
1008 Ssh *ssh = container_of(be, Ssh, backend);
1009 bool need_random_unref;
1010
1011 ssh_shutdown(ssh);
1012
1013 if (is_tempseat(ssh->seat))
1014 tempseat_free(ssh->seat);
1015
1016 conf_free(ssh->conf);
1017 if (ssh->connshare)
1018 sharestate_free(ssh->connshare);
1019 sfree(ssh->savedhost);
1020 sfree(ssh->fullhostname);
1021 sfree(ssh->specials);
1022
1023 #ifndef NO_GSSAPI
1024 if (ssh->gss_state.srv_name)
1025 ssh->gss_state.lib->release_name(
1026 ssh->gss_state.lib, &ssh->gss_state.srv_name);
1027 if (ssh->gss_state.ctx != NULL)
1028 ssh->gss_state.lib->release_cred(
1029 ssh->gss_state.lib, &ssh->gss_state.ctx);
1030 if (ssh->gss_state.libs)
1031 ssh_gss_cleanup(ssh->gss_state.libs);
1032 #endif
1033
1034 sfree(ssh->deferred_abort_message);
1035 sfree(ssh->description);
1036
1037 delete_callbacks_for_context(ssh); /* likely to catch ic_out_raw */
1038
1039 need_random_unref = ssh->need_random_unref;
1040 sfree(ssh);
1041
1042 if (need_random_unref)
1043 random_unref();
1044 }
1045
1046 /*
1047 * Reconfigure the SSH backend.
1048 */
1049 static void ssh_reconfig(Backend *be, Conf *conf)
1050 {
1051 Ssh *ssh = container_of(be, Ssh, backend);
1052
1053 if (ssh->pinger)
1054 pinger_reconfig(ssh->pinger, ssh->conf, conf);
1055
1056 if (ssh->base_layer)
1057 ssh_ppl_reconfigure(ssh->base_layer, conf);
1058
1059 conf_free(ssh->conf);
1060 ssh->conf = conf_copy(conf);
1061 ssh_cache_conf_values(ssh);
1062 }
1063
1064 /*
1065 * Called to send data down the SSH connection.
1066 */
1067 static void ssh_send(Backend *be, const char *buf, size_t len)
1068 {
1069 Ssh *ssh = container_of(be, Ssh, backend);
1070
1071 if (ssh == NULL || ssh->s == NULL)
1072 return;
1073
1074 bufchain_add(&ssh->user_input, buf, len);
1075 if (ssh->cl)
1076 ssh_got_user_input(ssh->cl);
1077 }
1078
1079 /*
1080 * Called to query the current amount of buffered stdin data.
1081 */
1082 static size_t ssh_sendbuffer(Backend *be)
1083 {
1084 Ssh *ssh = container_of(be, Ssh, backend);
1085 size_t backlog;
1086
1087 if (!ssh || !ssh->s || !ssh->cl)
1088 return 0;
1089
1090 backlog = ssh_stdin_backlog(ssh->cl);
1091
1092 if (ssh->base_layer)
1093 backlog += ssh_ppl_queued_data_size(ssh->base_layer);
1094
1095 /*
1096 * If the SSH socket itself has backed up, add the total backup
1097 * size on that to any individual buffer on the stdin channel.
1098 */
1099 if (ssh->throttled_all)
1100 backlog += ssh->overall_bufsize;
1101
1102 return backlog;
1103 }
1104
1105 void ssh_sendbuffer_changed(Ssh *ssh)
1106 {
1107 seat_sent(ssh->seat, ssh_sendbuffer(&ssh->backend));
1108 }
1109
1110 /*
1111 * Called to set the size of the window from SSH's POV.
1112 */
1113 static void ssh_size(Backend *be, int width, int height)
1114 {
1115 Ssh *ssh = container_of(be, Ssh, backend);
1116
1117 ssh->term_width = width;
1118 ssh->term_height = height;
1119 if (ssh->cl)
1120 ssh_terminal_size(ssh->cl, ssh->term_width, ssh->term_height);
1121 }
1122
1123 struct ssh_add_special_ctx {
1124 SessionSpecial *specials;
1125 size_t nspecials, specials_size;
1126 };
1127
1128 static void ssh_add_special(void *vctx, const char *text,
1129 SessionSpecialCode code, int arg)
1130 {
1131 struct ssh_add_special_ctx *ctx = (struct ssh_add_special_ctx *)vctx;
1132 SessionSpecial *spec;
1133
1134 sgrowarray(ctx->specials, ctx->specials_size, ctx->nspecials);
1135 spec = &ctx->specials[ctx->nspecials++];
1136 spec->name = text;
1137 spec->code = code;
1138 spec->arg = arg;
1139 }
1140
1141 /*
1142 * Return a list of the special codes that make sense in this
1143 * protocol.
1144 */
1145 static const SessionSpecial *ssh_get_specials(Backend *be)
1146 {
1147 Ssh *ssh = container_of(be, Ssh, backend);
1148
1149 /*
1150 * Ask all our active protocol layers what specials they've got,
1151 * and amalgamate the list into one combined one.
1152 */
1153
1154 struct ssh_add_special_ctx ctx[1];
1155
1156 ctx->specials = NULL;
1157 ctx->nspecials = ctx->specials_size = 0;
1158
1159 if (ssh->base_layer)
1160 ssh_ppl_get_specials(ssh->base_layer, ssh_add_special, ctx);
1161
1162 if (ctx->specials) {
1163 /* If the list is non-empty, terminate it with a SS_EXITMENU. */
1164 ssh_add_special(ctx, NULL, SS_EXITMENU, 0);
1165 }
1166
1167 sfree(ssh->specials);
1168 ssh->specials = ctx->specials;
1169 return ssh->specials;
1170 }
1171
1172 /*
1173 * Send special codes.
1174 */
1175 static void ssh_special(Backend *be, SessionSpecialCode code, int arg)
1176 {
1177 Ssh *ssh = container_of(be, Ssh, backend);
1178
1179 if (ssh->base_layer)
1180 ssh_ppl_special_cmd(ssh->base_layer, code, arg);
1181 }
1182
1183 /*
1184 * This is called when the seat's output channel manages to clear some
1185 * backlog.
1186 */
1187 static void ssh_unthrottle(Backend *be, size_t bufsize)
1188 {
1189 Ssh *ssh = container_of(be, Ssh, backend);
1190
1191 if (ssh->cl)
1192 ssh_stdout_unthrottle(ssh->cl, bufsize);
1193 }
1194
1195 static bool ssh_connected(Backend *be)
1196 {
1197 Ssh *ssh = container_of(be, Ssh, backend);
1198 return ssh->s != NULL;
1199 }
1200
1201 static bool ssh_sendok(Backend *be)
1202 {
1203 Ssh *ssh = container_of(be, Ssh, backend);
1204 return ssh->cl && ssh_get_wants_user_input(ssh->cl);
1205 }
1206
1207 void ssh_check_sendok(Ssh *ssh)
1208 {
1209 /* Called when the connection layer might have caused ssh_sendok
1210 * to start returning true */
1211 if (ssh->ldisc)
1212 ldisc_check_sendok(ssh->ldisc);
1213 }
1214
1215 void ssh_ldisc_update(Ssh *ssh)
1216 {
1217 /* Called when the connection layer wants to propagate an update
1218 * to the line discipline options */
1219 if (ssh->ldisc)
1220 ldisc_echoedit_update(ssh->ldisc);
1221 }
1222
1223 static bool ssh_ldisc(Backend *be, int option)
1224 {
1225 Ssh *ssh = container_of(be, Ssh, backend);
1226 return ssh->cl ? ssh_ldisc_option(ssh->cl, option) : false;
1227 }
1228
1229 static void ssh_provide_ldisc(Backend *be, Ldisc *ldisc)
1230 {
1231 Ssh *ssh = container_of(be, Ssh, backend);
1232 ssh->ldisc = ldisc;
1233 }
1234
1235 void ssh_got_exitcode(Ssh *ssh, int exitcode)
1236 {
1237 ssh->exitcode = exitcode;
1238 }
1239
1240 static int ssh_return_exitcode(Backend *be)
1241 {
1242 Ssh *ssh = container_of(be, Ssh, backend);
1243 if (ssh->s && (!ssh->session_started || ssh->base_layer))
1244 return -1;
1245 else
1246 return (ssh->exitcode >= 0 ? ssh->exitcode : INT_MAX);
1247 }
1248
1249 /*
1250 * cfg_info for SSH is the protocol running in this session.
1251 * (1 or 2 for the full SSH-1 or SSH-2 protocol; -1 for the bare
1252 * SSH-2 connection protocol, i.e. a downstream; 0 for not-decided-yet.)
1253 */
1254 static int ssh_cfg_info(Backend *be)
1255 {
1256 Ssh *ssh = container_of(be, Ssh, backend);
1257 if (ssh->version == 0)
1258 return 0; /* don't know yet */
1259 else if (ssh->bare_connection)
1260 return -1;
1261 else
1262 return ssh->version;
1263 }
1264
1265 /*
1266 * Gross hack: pscp will try to start SFTP but fall back to scp1 if
1267 * that fails. This variable is the means by which pscp.c can reach
1268 * into the SSH code and find out which one it got.
1269 */
1270 extern bool ssh_fallback_cmd(Backend *be)
1271 {
1272 Ssh *ssh = container_of(be, Ssh, backend);
1273 return ssh->fallback_cmd;
1274 }
1275
1276 void ssh_got_fallback_cmd(Ssh *ssh)
1277 {
1278 ssh->fallback_cmd = true;
1279 }
1280
1281 const BackendVtable ssh_backend = {
1282 .init = ssh_init,
1283 .free = ssh_free,
1284 .reconfig = ssh_reconfig,
1285 .send = ssh_send,
1286 .sendbuffer = ssh_sendbuffer,
1287 .size = ssh_size,
1288 .special = ssh_special,
1289 .get_specials = ssh_get_specials,
1290 .connected = ssh_connected,
1291 .exitcode = ssh_return_exitcode,
1292 .sendok = ssh_sendok,
1293 .ldisc_option_state = ssh_ldisc,
1294 .provide_ldisc = ssh_provide_ldisc,
1295 .unthrottle = ssh_unthrottle,
1296 .cfg_info = ssh_cfg_info,
1297 .test_for_upstream = ssh_test_for_upstream,
1298 .close_warn_text = ssh_close_warn_text,
1299 .id = "ssh",
1300 .displayname_tc = "SSH",
1301 .displayname_lc = "SSH", /* proper name, so capitalise it anyway */
1302 .protocol = PROT_SSH,
1303 .flags = BACKEND_SUPPORTS_NC_HOST | BACKEND_NOTIFIES_SESSION_START,
1304 .default_port = 22,
1305 };
1306
1307 const BackendVtable sshconn_backend = {
1308 .init = ssh_init,
1309 .free = ssh_free,
1310 .reconfig = ssh_reconfig,
1311 .send = ssh_send,
1312 .sendbuffer = ssh_sendbuffer,
1313 .size = ssh_size,
1314 .special = ssh_special,
1315 .get_specials = ssh_get_specials,
1316 .connected = ssh_connected,
1317 .exitcode = ssh_return_exitcode,
1318 .sendok = ssh_sendok,
1319 .ldisc_option_state = ssh_ldisc,
1320 .provide_ldisc = ssh_provide_ldisc,
1321 .unthrottle = ssh_unthrottle,
1322 .cfg_info = ssh_cfg_info,
1323 .test_for_upstream = ssh_test_for_upstream,
1324 .close_warn_text = ssh_close_warn_text,
1325 .id = "ssh-connection",
1326 .displayname_tc = "Bare ssh-connection",
1327 .displayname_lc = "bare ssh-connection",
1328 .protocol = PROT_SSHCONN,
1329 .flags = BACKEND_SUPPORTS_NC_HOST | BACKEND_NOTIFIES_SESSION_START,
1330 };
Windows Explorer Extension to Operate Git