summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
-rw-r--r--channel.h11
-rw-r--r--cli-channel.c3
-rw-r--r--cli-chansession.c11
-rw-r--r--common-channel.c464
-rw-r--r--common-session.c47
-rw-r--r--debug.h2
-rw-r--r--session.h3
-rw-r--r--svr-chansession.c52
8 files changed, 311 insertions, 282 deletions
diff --git a/channel.h b/channel.h
index 7030a0f..1bfe392 100644
--- a/channel.h
+++ b/channel.h
@@ -73,10 +73,9 @@ struct Channel {
circbuffer *extrabuf; /* extended-data for the program - used like writebuf
but for stderr */
- int sentclosed, recvclosed;
-
- /* this is set when we receive/send a channel eof packet */
- int recveof, senteof;
+ /* whether close/eof messages have been exchanged */
+ int sent_close, recv_close;
+ int recv_eof, sent_eof;
int initconn; /* used for TCP forwarding, whether the channel has been
fully initialised */
@@ -85,6 +84,8 @@ struct Channel {
for this channel (and are awaiting a confirmation
or failure). */
+ int flushing;
+
const struct ChanType* type;
};
@@ -94,7 +95,7 @@ struct ChanType {
int sepfds; /* Whether this channel has seperate pipes for in/out or not */
char *name;
int (*inithandler)(struct Channel*);
- int (*checkclose)(struct Channel*);
+ int (*check_close)(struct Channel*);
void (*reqhandler)(struct Channel*);
void (*closehandler)(struct Channel*);
diff --git a/cli-channel.c b/cli-channel.c
index 1bd49ab..b88e913 100644
--- a/cli-channel.c
+++ b/cli-channel.c
@@ -39,9 +39,6 @@ void recv_msg_channel_extended_data() {
TRACE(("enter recv_msg_channel_extended_data"))
channel = getchannel();
- if (channel == NULL) {
- dropbear_exit("Unknown channel");
- }
if (channel->type != &clichansess) {
TRACE(("leave recv_msg_channel_extended_data: chantype is wrong"))
diff --git a/cli-chansession.c b/cli-chansession.c
index fee8a22..0f0d07a 100644
--- a/cli-chansession.c
+++ b/cli-chansession.c
@@ -64,16 +64,17 @@ static void cli_chansessreq(struct Channel *channel) {
type = buf_getstring(ses.payload, NULL);
wantreply = buf_getbool(ses.payload);
- if (strcmp(type, "exit-status") != 0) {
+ if (strcmp(type, "exit-status") == 0) {
+ cli_ses.retval = buf_getint(ses.payload);
+ TRACE(("got exit-status of '%d'", cli_ses.retval))
+ } else if (strcmp(type, "exit-signal") == 0) {
+ TRACE(("got exit-signal, ignoring it"))
+ } else {
TRACE(("unknown request '%s'", type))
send_msg_channel_failure(channel);
goto out;
}
- /* We'll just trust what they tell us */
- cli_ses.retval = buf_getint(ses.payload);
- TRACE(("got exit-status of '%d'", cli_ses.retval))
-
out:
m_free(type);
}
diff --git a/common-channel.c b/common-channel.c
index 0be354d..fdaeb24 100644
--- a/common-channel.c
+++ b/common-channel.c
@@ -43,22 +43,22 @@ static void send_msg_channel_open_confirmation(struct Channel* channel,
static void writechannel(struct Channel* channel, int fd, circbuffer *cbuf);
static void send_msg_channel_window_adjust(struct Channel *channel,
unsigned int incr);
-static void send_msg_channel_data(struct Channel *channel, int isextended,
- unsigned int exttype);
+static void send_msg_channel_data(struct Channel *channel, int isextended);
static void send_msg_channel_eof(struct Channel *channel);
static void send_msg_channel_close(struct Channel *channel);
-static void removechannel(struct Channel *channel);
-static void deletechannel(struct Channel *channel);
-static void checkinitdone(struct Channel *channel);
-static void checkclose(struct Channel *channel);
-
-static void closewritefd(struct Channel * channel);
-static void closereadfd(struct Channel * channel, int fd);
-static void closechanfd(struct Channel *channel, int fd, int how);
+static void remove_channel(struct Channel *channel);
+static void delete_channel(struct Channel *channel);
+static void check_in_progress(struct Channel *channel);
+static unsigned int write_pending(struct Channel * channel);
+static void check_close(struct Channel *channel);
+static void close_chan_fd(struct Channel *channel, int fd, int how);
#define FD_UNINIT (-2)
#define FD_CLOSED (-1)
+#define ERRFD_IS_READ(channel) ((channel)->extrabuf == NULL)
+#define ERRFD_IS_WRITE(channel) (!ERRFD_IS_READ(channel))
+
/* Initialise all the channels */
void chaninitialise(const struct ChanType *chantypes[]) {
@@ -85,7 +85,7 @@ void chancleanup() {
for (i = 0; i < ses.chansize; i++) {
if (ses.channels[i] != NULL) {
TRACE(("channel %d closing", i))
- removechannel(ses.channels[i]);
+ remove_channel(ses.channels[i]);
}
}
m_free(ses.channels);
@@ -135,8 +135,8 @@ struct Channel* newchannel(unsigned int remotechan,
newchan = (struct Channel*)m_malloc(sizeof(struct Channel));
newchan->type = type;
newchan->index = i;
- newchan->sentclosed = newchan->recvclosed = 0;
- newchan->senteof = newchan->recveof = 0;
+ newchan->sent_close = newchan->recv_close = 0;
+ newchan->sent_eof = newchan->recv_eof = 0;
newchan->remotechan = remotechan;
newchan->transwindow = transwindow;
@@ -148,6 +148,7 @@ struct Channel* newchannel(unsigned int remotechan,
newchan->errfd = FD_CLOSED; /* this isn't always set to start with */
newchan->initconn = 0;
newchan->await_open = 0;
+ newchan->flushing = 0;
newchan->writebuf = cbuf_new(RECV_MAXWINDOW);
newchan->extrabuf = NULL; /* The user code can set it up */
@@ -164,25 +165,35 @@ struct Channel* newchannel(unsigned int remotechan,
}
/* Returns the channel structure corresponding to the channel in the current
- * data packet (ses.payload must be positioned appropriately) */
-struct Channel* getchannel() {
+ * data packet (ses.payload must be positioned appropriately).
+ * A valid channel is always returns, it will fail fatally with an unknown
+ * channel */
+static struct Channel* getchannel_msg(const char* kind) {
unsigned int chan;
chan = buf_getint(ses.payload);
if (chan >= ses.chansize || ses.channels[chan] == NULL) {
- return NULL;
+ if (kind) {
+ dropbear_exit("%s for unknown channel %d", kind, chan);
+ } else {
+ dropbear_exit("Unknown channel %d", chan);
+ }
}
return ses.channels[chan];
}
+struct Channel* getchannel() {
+ return getchannel_msg(NULL);
+}
+
/* Iterate through the channels, performing IO if available */
void channelio(fd_set *readfds, fd_set *writefds) {
struct Channel *channel;
unsigned int i;
- /* iterate through all the possible channels */
+ /* foreach channel */
for (i = 0; i < ses.chansize; i++) {
channel = ses.channels[i];
@@ -193,35 +204,38 @@ void channelio(fd_set *readfds, fd_set *writefds) {
/* read data and send it over the wire */
if (channel->readfd >= 0 && FD_ISSET(channel->readfd, readfds)) {
- send_msg_channel_data(channel, 0, 0);
+ TRACE(("send normal readfd"))
+ send_msg_channel_data(channel, 0);
}
/* read stderr data and send it over the wire */
- if (channel->extrabuf == NULL &&
- channel->errfd >= 0 && FD_ISSET(channel->errfd, readfds)) {
- send_msg_channel_data(channel, 1, SSH_EXTENDED_DATA_STDERR);
+ if (ERRFD_IS_READ(channel) && channel->errfd >= 0
+ && FD_ISSET(channel->errfd, readfds)) {
+ TRACE(("send normal errfd"))
+ send_msg_channel_data(channel, 1);
}
/* write to program/pipe stdin */
if (channel->writefd >= 0 && FD_ISSET(channel->writefd, writefds)) {
if (channel->initconn) {
- checkinitdone(channel);
+ /* XXX should this go somewhere cleaner? */
+ check_in_progress(channel);
continue; /* Important not to use the channel after
- checkinitdone(), as it may be NULL */
+ check_in_progress(), as it may be NULL */
}
writechannel(channel, channel->writefd, channel->writebuf);
}
/* stderr for client mode */
- if (channel->extrabuf != NULL
+ if (ERRFD_IS_WRITE(channel)
&& channel->errfd >= 0 && FD_ISSET(channel->errfd, writefds)) {
writechannel(channel, channel->errfd, channel->extrabuf);
}
- /* now handle any of the channel-closing type stuff */
- checkclose(channel);
+ /* handle any channel closing etc */
+ check_close(channel);
- } /* foreach channel */
+ }
/* Listeners such as TCP, X11, agent-auth */
#ifdef USING_LISTENERS
@@ -230,94 +244,114 @@ void channelio(fd_set *readfds, fd_set *writefds) {
}
-/* do all the EOF/close type stuff checking for a channel */
-static void checkclose(struct Channel *channel) {
+/* Returns true if there is data remaining to be written to stdin or
+ * stderr of a channel's endpoint. */
+static unsigned int write_pending(struct Channel * channel) {
- TRACE(("checkclose: writefd %d, readfd %d, errfd %d, sentclosed %d, recvclosed %d",
+ if (channel->writefd >= 0 && cbuf_getused(channel->writebuf) > 0) {
+ return 1;
+ } else if (channel->errfd >= 0 && channel->extrabuf &&
+ cbuf_getused(channel->extrabuf) > 0) {
+ return 1;
+ }
+ return 0;
+}
+
+
+/* EOF/close handling */
+static void check_close(struct Channel *channel) {
+
+ TRACE(("check_close: writefd %d, readfd %d, errfd %d, sent_close %d, recv_close %d",
channel->writefd, channel->readfd,
- channel->errfd, channel->sentclosed, channel->recvclosed))
- TRACE(("writebuf size %d extrabuf ptr 0x%x extrabuf size %d",
+ channel->errfd, channel->sent_close, channel->recv_close))
+ TRACE(("writebuf size %d extrabuf size %d",
cbuf_getused(channel->writebuf),
- channel->writebuf,
- channel->writebuf ? 0 : cbuf_getused(channel->extrabuf)))
+ channel->extrabuf ? cbuf_getused(channel->extrabuf) : 0))
- if (!channel->sentclosed) {
+ if (!channel->flushing && channel->type->check_close
+ && channel->type->check_close(channel))
+ {
+ channel->flushing = 1;
+ }
- /* check for exited - currently only used for server sessions,
- * if the shell has exited etc */
- if (channel->type->checkclose) {
- if (channel->type->checkclose(channel)) {
- closewritefd(channel);
- }
+ if (channel->recv_close && !write_pending(channel)) {
+ if (!channel->sent_close) {
+ TRACE(("Sending MSG_CHANNEL_CLOSE in response to same."))
+ send_msg_channel_close(channel);
}
+ remove_channel(channel);
+ return;
+ }
- if (!channel->senteof
- && channel->readfd == FD_CLOSED
- && (channel->extrabuf != NULL || channel->errfd == FD_CLOSED)) {
- send_msg_channel_eof(channel);
- }
+ if (channel->recv_eof && !write_pending(channel)) {
+ close_chan_fd(channel, channel->writefd, SHUT_WR);
+ }
- if (channel->writefd == FD_CLOSED
- && channel->readfd == FD_CLOSED
- && (channel->extrabuf != NULL || channel->errfd == FD_CLOSED)) {
- send_msg_channel_close(channel);
+ /* Special handling for flushing read data after an exit. We
+ read regardless of whether the select FD was set,
+ and if there isn't data available, the channel will get closed. */
+ if (channel->flushing) {
+ TRACE(("might send data, flushing"))
+ if (channel->readfd >= 0 && channel->transwindow > 0) {
+ TRACE(("send data readfd"))
+ send_msg_channel_data(channel, 0);
+ }
+ if (ERRFD_IS_READ(channel) && channel->readfd >= 0
+ && channel->transwindow > 0) {
+ TRACE(("send data errfd"))
+ send_msg_channel_data(channel, 1);
}
}
- /* When either party wishes to terminate the channel, it sends
- * SSH_MSG_CHANNEL_CLOSE. Upon receiving this message, a party MUST
- * send back a SSH_MSG_CHANNEL_CLOSE unless it has already sent this
- * message for the channel. The channel is considered closed for a
- * party when it has both sent and received SSH_MSG_CHANNEL_CLOSE, and
- * the party may then reuse the channel number. A party MAY send
- * SSH_MSG_CHANNEL_CLOSE without having sent or received
- * SSH_MSG_CHANNEL_EOF.
- * (from draft-ietf-secsh-connect)
- */
- if (channel->recvclosed) {
- if (! channel->sentclosed) {
- TRACE(("Sending MSG_CHANNEL_CLOSE in response to same."))
- send_msg_channel_close(channel);
- }
- removechannel(channel);
+ /* If we're not going to send any more data, send EOF */
+ if (!channel->sent_eof
+ && channel->readfd == FD_CLOSED
+ && (ERRFD_IS_WRITE(channel) || channel->errfd == FD_CLOSED)) {
+ send_msg_channel_eof(channel);
}
-}
+ /* And if we can't receive any more data from them either, close up */
+ if (!channel->sent_close
+ && channel->readfd == FD_CLOSED
+ && (ERRFD_IS_WRITE(channel) || channel->errfd == FD_CLOSED)
+ && !write_pending(channel)) {
+ TRACE(("sending close, readfd is closed"))
+ send_msg_channel_close(channel);
+ }
+}
/* Check whether a deferred (EINPROGRESS) connect() was successful, and
* if so, set up the channel properly. Otherwise, the channel is cleaned up, so
* it is important that the channel reference isn't used after a call to this
* function */
-static void checkinitdone(struct Channel *channel) {
+static void check_in_progress(struct Channel *channel) {
int val;
socklen_t vallen = sizeof(val);
- TRACE(("enter checkinitdone"))
+ TRACE(("enter check_in_progress"))
if (getsockopt(channel->writefd, SOL_SOCKET, SO_ERROR, &val, &vallen)
|| val != 0) {
send_msg_channel_open_failure(channel->remotechan,
SSH_OPEN_CONNECT_FAILED, "", "");
close(channel->writefd);
- deletechannel(channel);
- TRACE(("leave checkinitdone: fail"))
+ delete_channel(channel);
+ TRACE(("leave check_in_progress: fail"))
} else {
send_msg_channel_open_confirmation(channel, channel->recvwindow,
channel->recvmaxpacket);
channel->readfd = channel->writefd;
channel->initconn = 0;
- TRACE(("leave checkinitdone: success"))
+ TRACE(("leave check_in_progress: success"))
}
}
-
/* Send the close message and set the channel as closed */
static void send_msg_channel_close(struct Channel *channel) {
TRACE(("enter send_msg_channel_close"))
- /* XXX server */
if (channel->type->closehandler) {
channel->type->closehandler(channel);
}
@@ -329,8 +363,11 @@ static void send_msg_channel_close(struct Channel *channel) {
encrypt_packet();
- channel->senteof = 1;
- channel->sentclosed = 1;
+ channel->sent_eof = 1;
+ channel->sent_close = 1;
+ close_chan_fd(channel, channel->readfd, SHUT_RD);
+ close_chan_fd(channel, channel->errfd, SHUT_RDWR);
+ close_chan_fd(channel, channel->writefd, SHUT_WR);
TRACE(("leave send_msg_channel_close"))
}
@@ -345,7 +382,7 @@ static void send_msg_channel_eof(struct Channel *channel) {
encrypt_packet();
- channel->senteof = 1;
+ channel->sent_eof = 1;
TRACE(("leave send_msg_channel_eof"))
}
@@ -357,32 +394,25 @@ static void writechannel(struct Channel* channel, int fd, circbuffer *cbuf) {
int len, maxlen;
- TRACE(("enter writechannel"))
+ TRACE(("enter writechannel fd %d", fd))
maxlen = cbuf_readlen(cbuf);
/* Write the data out */
len = write(fd, cbuf_readptr(cbuf, maxlen), maxlen);
if (len <= 0) {
+ TRACE(("errno %d len %d", errno, len))
if (len < 0 && errno != EINTR) {
- /* no more to write - we close it even if the fd was stderr, since
- * that's a nasty failure too */
- closewritefd(channel);
+ close_chan_fd(channel, fd, SHUT_WR);
}
TRACE(("leave writechannel: len <= 0"))
return;
}
+ TRACE(("writechannel wrote %d", len))
cbuf_incrread(cbuf, len);
channel->recvdonelen += len;
- if (fd == channel->writefd && cbuf_getused(cbuf) == 0 && channel->recveof) {
- /* Check if we're closing up */
- closewritefd(channel);
- TRACE(("leave writechannel: recveof set"))
- return;
- }
-
/* Window adjust handling */
if (channel->recvdonelen >= RECV_WINDOWEXTEND) {
/* Set it back to max window */
@@ -396,7 +426,6 @@ static void writechannel(struct Channel* channel, int fd, circbuffer *cbuf) {
dropbear_assert(channel->extrabuf == NULL ||
channel->recvwindow <= cbuf_getavail(channel->extrabuf));
-
TRACE(("leave writechannel"))
}
@@ -421,7 +450,7 @@ void setchannelfds(fd_set *readfds, fd_set *writefds) {
FD_SET(channel->readfd, readfds);
}
- if (channel->extrabuf == NULL && channel->errfd >= 0) {
+ if (ERRFD_IS_READ(channel) && channel->errfd >= 0) {
FD_SET(channel->errfd, readfds);
}
}
@@ -429,11 +458,10 @@ void setchannelfds(fd_set *readfds, fd_set *writefds) {
/* Stuff from the wire */
if ((channel->writefd >= 0 && cbuf_getused(channel->writebuf) > 0 )
|| channel->initconn) {
-
FD_SET(channel->writefd, writefds);
}
- if (channel->extrabuf != NULL && channel->errfd >= 0
+ if (ERRFD_IS_WRITE(channel) != NULL && channel->errfd >= 0
&& cbuf_getused(channel->extrabuf) > 0 ) {
FD_SET(channel->errfd, writefds);
}
@@ -455,18 +483,11 @@ void recv_msg_channel_eof() {
TRACE(("enter recv_msg_channel_eof"))
- channel = getchannel();
- if (channel == NULL) {
- dropbear_exit("EOF for unknown channel");
- }
+ channel = getchannel_msg("EOF");
- channel->recveof = 1;
- if (cbuf_getused(channel->writebuf) == 0
- && (channel->extrabuf == NULL
- || cbuf_getused(channel->extrabuf) == 0)) {
- closewritefd(channel);
- }
+ channel->recv_eof = 1;
+ check_close(channel);
TRACE(("leave recv_msg_channel_eof"))
}
@@ -478,27 +499,20 @@ void recv_msg_channel_close() {
TRACE(("enter recv_msg_channel_close"))
- channel = getchannel();
- if (channel == NULL) {
- /* disconnect ? */
- dropbear_exit("Close for unknown channel");
- }
+ channel = getchannel_msg("Close");
- channel->recveof = 1;
- channel->recvclosed = 1;
-
- if (channel->sentclosed) {
- removechannel(channel);
- }
+ channel->recv_eof = 1;
+ channel->recv_close = 1;
+ check_close(channel);
TRACE(("leave recv_msg_channel_close"))
}
/* Remove a channel entry, this is only executed after both sides have sent
* channel close */
-static void removechannel(struct Channel * channel) {
+static void remove_channel(struct Channel * channel) {
- TRACE(("enter removechannel"))
+ TRACE(("enter remove_channel"))
TRACE(("channel index is %d", channel->index))
cbuf_free(channel->writebuf);
@@ -511,20 +525,23 @@ static void removechannel(struct Channel * channel) {
/* close the FDs in case they haven't been done
- * yet (ie they were shutdown etc */
+ * yet (they might have been shutdown etc) */
+ TRACE(("CLOSE writefd %d", channel->writefd))
close(channel->writefd);
+ TRACE(("CLOSE readfd %d", channel->readfd))
close(channel->readfd);
+ TRACE(("CLOSE errfd %d", channel->errfd))
close(channel->errfd);
channel->typedata = NULL;
- deletechannel(channel);
+ delete_channel(channel);
- TRACE(("leave removechannel"))
+ TRACE(("leave remove_channel"))
}
/* Remove a channel entry */
-static void deletechannel(struct Channel *channel) {
+static void delete_channel(struct Channel *channel) {
ses.channels[channel->index] = NULL;
m_free(channel);
@@ -542,10 +559,6 @@ void recv_msg_channel_request() {
TRACE(("enter recv_msg_channel_request"))
channel = getchannel();
- if (channel == NULL) {
- /* disconnect ? */
- dropbear_exit("Unknown channel");
- }
if (channel->type->reqhandler) {
channel->type->reqhandler(channel);
@@ -562,26 +575,23 @@ void recv_msg_channel_request() {
* chan is the remote channel, isextended is 0 if it is normal data, 1
* if it is extended data. if it is extended, then the type is in
* exttype */
-static void send_msg_channel_data(struct Channel *channel, int isextended,
- unsigned int exttype) {
+static void send_msg_channel_data(struct Channel *channel, int isextended) {
- buffer *buf;
int len;
- unsigned int maxlen;
+ size_t maxlen, size_pos;
int fd;
-/* TRACE(("enter send_msg_channel_data"))
- TRACE(("extended = %d type = %d", isextended, exttype))*/
-
CHECKCLEARTOWRITE();
- dropbear_assert(!channel->sentclosed);
+ TRACE(("enter send_msg_channel_data"))
+ dropbear_assert(!channel->sent_close);
if (isextended) {
fd = channel->errfd;
} else {
fd = channel->readfd;
}
+ TRACE(("enter send_msg_channel_data isextended %d fd %d", isextended, fd))
dropbear_assert(fd >= 0);
maxlen = MIN(channel->transwindow, channel->transmaxpacket);
@@ -589,44 +599,52 @@ static void send_msg_channel_data(struct Channel *channel, int isextended,
* exttype if is extended */
maxlen = MIN(maxlen,
ses.writepayload->size - 1 - 4 - 4 - (isextended ? 4 : 0));
+ TRACE(("maxlen %d", maxlen))
if (maxlen == 0) {
TRACE(("leave send_msg_channel_data: no window"))
- return; /* the data will get written later */
- }
-
- /* read the data */
- TRACE(("maxlen %d", maxlen))
- buf = buf_new(maxlen);
- TRACE(("buf pos %d data %x", buf->pos, buf->data))
- len = read(fd, buf_getwriteptr(buf, maxlen), maxlen);
- if (len <= 0) {
- /* on error/eof, send eof */
- if (len == 0 || errno != EINTR) {
- closereadfd(channel, fd);
- }
- buf_free(buf);
- buf = NULL;
- TRACE(("leave send_msg_channel_data: read err or EOF for fd %d",
- channel->index));
return;
}
- buf_incrlen(buf, len);
buf_putbyte(ses.writepayload,
isextended ? SSH_MSG_CHANNEL_EXTENDED_DATA : SSH_MSG_CHANNEL_DATA);
buf_putint(ses.writepayload, channel->remotechan);
-
if (isextended) {
- buf_putint(ses.writepayload, exttype);
+ buf_putint(ses.writepayload, SSH_EXTENDED_DATA_STDERR);
}
+ /* a dummy size first ...*/
+ size_pos = ses.writepayload->pos;
+ buf_putint(ses.writepayload, 0);
- buf_putstring(ses.writepayload, buf_getptr(buf, len), len);
- buf_free(buf);
- buf = NULL;
+ /* read the data */
+ len = read(fd, buf_getwriteptr(ses.writepayload, maxlen), maxlen);
+ if (len <= 0) {
+ if (len == 0 || errno != EINTR) {
+ /* This will also get hit in the case of EAGAIN. The only
+ time we expect to receive EAGAIN is when we're flushing a FD,
+ in which case it can be treated the same as EOF */
+ close_chan_fd(channel, fd, SHUT_RD);
+ }
+ ses.writepayload->len = ses.writepayload->pos = 0;
+ TRACE(("leave send_msg_channel_data: len %d read err %d or EOF for fd %d",
+ len, errno, fd))
+ return;
+ }
+ buf_incrwritepos(ses.writepayload, len);
+ /* ... real size here */
+ buf_setpos(ses.writepayload, size_pos);
+ buf_putint(ses.writepayload, len);
channel->transwindow -= len;
encrypt_packet();
+
+ /* If we receive less data than we requested when flushing, we've
+ reached the equivalent of EOF */
+ if (channel->flushing && len < maxlen)
+ {
+ TRACE(("closing from channel, flushing out."))
+ close_chan_fd(channel, fd, SHUT_RD);
+ }
TRACE(("leave send_msg_channel_data"))
}
@@ -636,9 +654,6 @@ void recv_msg_channel_data() {
struct Channel *channel;
channel = getchannel();
- if (channel == NULL) {
- dropbear_exit("Unknown channel");
- }
common_recv_msg_channel_data(channel, channel->writefd, channel->writebuf);
}
@@ -655,16 +670,19 @@ void common_recv_msg_channel_data(struct Channel *channel, int fd,
TRACE(("enter recv_msg_channel_data"))
- if (channel->recveof) {
+ if (channel->recv_eof) {
dropbear_exit("received data after eof");
}
if (fd < 0) {
- dropbear_exit("received data with bad writefd");
+ /* If we have encountered failed write, the far side might still
+ * be sending data without having yet received our close notification.
+ * We just drop the data. */
+ return;
}
datalen = buf_getint(ses.payload);
-
+ TRACE(("length %d", datalen))
maxdata = cbuf_getavail(cbuf);
@@ -706,9 +724,6 @@ void recv_msg_channel_window_adjust() {
unsigned int incr;
channel = getchannel();
- if (channel == NULL) {
- dropbear_exit("Unknown channel");
- }
incr = buf_getint(ses.payload);
TRACE(("received window increment %d", incr))
@@ -735,7 +750,6 @@ static void send_msg_channel_window_adjust(struct Channel* channel,
}
/* Handle a new channel request, performing any channel-type-specific setup */
-/* XXX server */
void recv_msg_channel_open() {
unsigned char *type;
@@ -792,13 +806,13 @@ void recv_msg_channel_open() {
if (channel->type->inithandler) {
ret = channel->type->inithandler(channel);
+ if (ret == SSH_OPEN_IN_PROGRESS) {
+ /* We'll send the confirmation later */
+ goto cleanup;
+ }
if (ret > 0) {
- if (ret == SSH_OPEN_IN_PROGRESS) {
- /* We'll send the confirmation later */
- goto cleanup;
- }
errtype = ret;
- deletechannel(channel);
+ delete_channel(channel);
TRACE(("inithandler returned failure %d", ret))
goto failure;
}
@@ -882,6 +896,49 @@ static void send_msg_channel_open_confirmation(struct Channel* channel,
TRACE(("leave send_msg_channel_open_confirmation"))
}
+/* close a fd, how is SHUT_RD or SHUT_WR */
+static void close_chan_fd(struct Channel *channel, int fd, int how) {
+
+ int closein = 0, closeout = 0;
+
+ if (channel->type->sepfds) {
+ TRACE(("SHUTDOWN(%d, %d)", fd, how))
+ shutdown(fd, how);
+ if (how == 0) {
+ closeout = 1;
+ } else {
+ closein = 1;
+ }
+ } else {
+ TRACE(("CLOSE some fd %d", fd))
+ close(fd);
+ closein = closeout = 1;
+ }
+
+ if (closeout && (fd == channel->readfd)) {
+ channel->readfd = FD_CLOSED;
+ }
+ if (closeout && ERRFD_IS_READ(channel) && (fd == channel->errfd)) {
+ channel->errfd = FD_CLOSED;
+ }
+
+ if (closein && fd == channel->writefd) {
+ channel->writefd = FD_CLOSED;
+ }
+ if (closein && ERRFD_IS_WRITE(channel) && (fd == channel->errfd)) {
+ channel->errfd = FD_CLOSED;
+ }
+
+ /* if we called shutdown on it and all references are gone, then we
+ * need to close() it to stop it lingering */
+ if (channel->type->sepfds && channel->readfd == FD_CLOSED
+ && channel->writefd == FD_CLOSED && channel->errfd == FD_CLOSED) {
+ TRACE(("CLOSE (finally) of %d", fd))
+ close(fd);
+ }
+}
+
+
#if defined(USING_LISTENERS) || defined(DROPBEAR_CLIENT)
/* Create a new channel, and start the open request. This is intended
* for X11, agent, tcp forwarding, and should be filled with channel-specific
@@ -930,9 +987,6 @@ void recv_msg_channel_open_confirmation() {
TRACE(("enter recv_msg_channel_open_confirmation"))
channel = getchannel();
- if (channel == NULL) {
- dropbear_exit("Unknown channel");
- }
if (!channel->await_open) {
dropbear_exit("unexpected channel reply");
@@ -950,7 +1004,7 @@ void recv_msg_channel_open_confirmation() {
if (channel->type->inithandler) {
ret = channel->type->inithandler(channel);
if (ret > 0) {
- removechannel(channel);
+ remove_channel(channel);
TRACE(("inithandler returned failure %d", ret))
}
}
@@ -965,74 +1019,12 @@ void recv_msg_channel_open_failure() {
struct Channel * channel;
channel = getchannel();
- if (channel == NULL) {
- dropbear_exit("Unknown channel");
- }
if (!channel->await_open) {
dropbear_exit("unexpected channel reply");
}
channel->await_open = 0;
- removechannel(channel);
+ remove_channel(channel);
}
#endif /* USING_LISTENERS */
-
-/* close a stdout/stderr fd */
-static void closereadfd(struct Channel * channel, int fd) {
-
- /* don't close it if it is the same as writefd,
- * unless writefd is already set -1 */
- TRACE(("enter closereadfd"))
- closechanfd(channel, fd, 0);
- TRACE(("leave closereadfd"))
-}
-
-/* close a stdin fd */
-static void closewritefd(struct Channel * channel) {
-
- TRACE(("enter closewritefd"))
- closechanfd(channel, channel->writefd, 1);
- TRACE(("leave closewritefd"))
-}
-
-/* close a fd, how is 0 for stdout/stderr, 1 for stdin */
-static void closechanfd(struct Channel *channel, int fd, int how) {
-
- int closein = 0, closeout = 0;
-
- /* XXX server */
- if (channel->type->sepfds) {
- TRACE(("shutdown((%d), %d)", fd, how))
- shutdown(fd, how);
- if (how == 0) {
- closeout = 1;
- } else {
- closein = 1;
- }
- } else {
- close(fd);
- closein = closeout = 1;
- }
-
- if (closeout && fd == channel->readfd) {
- channel->readfd = FD_CLOSED;
- }
- if (closeout && (channel->extrabuf == NULL) && (fd == channel->errfd)) {
- channel->errfd = FD_CLOSED;
- }
-
- if (closein && fd == channel->writefd) {
- channel->writefd = FD_CLOSED;
- }
- if (closein && (channel->extrabuf != NULL) && (fd == channel->errfd)) {
- channel->errfd = FD_CLOSED;
- }
-
- /* if we called shutdown on it and all references are gone, then we
- * need to close() it to stop it lingering */
- if (channel->type->sepfds && channel->readfd == FD_CLOSED
- && channel->writefd == FD_CLOSED && channel->errfd == FD_CLOSED) {
- close(fd);
- }
-}
diff --git a/common-session.c b/common-session.c
index b8ea6f7..6e1abf3 100644
--- a/common-session.c
+++ b/common-session.c
@@ -61,6 +61,12 @@ void common_session_init(int sock, char* remotehost) {
ses.connecttimeout = 0;
+ if (pipe(ses.signal_pipe) < 0) {
+ dropbear_exit("signal pipe failed");
+ }
+ setnonblocking(ses.signal_pipe[0]);
+ setnonblocking(ses.signal_pipe[1]);
+
kexfirstinitialise(); /* initialise the kex state */
ses.writepayload = buf_new(MAX_TRANS_PAYLOAD_LEN);
@@ -108,7 +114,6 @@ void common_session_init(int sock, char* remotehost) {
ses.allowprivport = 0;
-
TRACE(("leave session_init"))
}
@@ -132,6 +137,10 @@ void session_loop(void(*loophandler)()) {
FD_SET(ses.sock, &writefd);
}
}
+
+ /* We get woken up when signal handlers write to this pipe.
+ SIGCHLD in svr-chansession is the only one currently. */
+ FD_SET(ses.signal_pipe[0], &readfd);
/* set up for channels which require reading/writing */
if (ses.dataallowed) {
@@ -143,28 +152,30 @@ void session_loop(void(*loophandler)()) {
dropbear_exit("Terminated by signal");
}
- if (val < 0) {
- if (errno == EINTR) {
- /* This must happen even if we've been interrupted, so that
- * changed signal-handler vars can take effect etc */
- if (loophandler) {
- loophandler();
- }
- continue;
- } else {
- dropbear_exit("Error in select");
- }
+ if (val < 0 && errno != EINTR) {
+ dropbear_exit("Error in select");
}
- /* check for auth timeout, rekeying required etc */
- checktimeouts();
+ if (val <= 0) {
+ /* If we were interrupted or the select timed out, we still
+ * want to iterate over channels etc for reading, to handle
+ * server processes exiting etc.
+ * We don't want to read/write FDs. */
+ FD_ZERO(&writefd);
+ FD_ZERO(&readfd);
+ }
- if (val == 0) {
- /* timeout */
- TRACE(("select timeout"))
- continue;
+ /* We'll just empty out the pipe if required. We don't do
+ any thing with the data, since the pipe's purpose is purely to
+ wake up the select() above. */
+ if (FD_ISSET(ses.signal_pipe[0], &readfd)) {
+ char x;
+ while (read(ses.signal_pipe[0], &x, 1) > 0) {}
}
+ /* check for auth timeout, rekeying required etc */
+ checktimeouts();
+
/* process session socket's incoming/outgoing data */
if (ses.sock != -1) {
if (FD_ISSET(ses.sock, &writefd) && !isempty(&ses.writequeue)) {
diff --git a/debug.h b/debug.h
index 0cb4691..175f3fc 100644
--- a/debug.h
+++ b/debug.h
@@ -39,7 +39,7 @@
* Caution: Don't use this in an unfriendly environment (ie unfirewalled),
* since the printing may not sanitise strings etc. This will add a reasonable
* amount to your executable size. */
-/*#define DEBUG_TRACE */
+/*#define DEBUG_TRACE*/
/* All functions writing to the cleartext payload buffer call
* CHECKCLEARTOWRITE() before writing. This is only really useful if you're
diff --git a/session.h b/session.h
index a4ad45f..78e3e57 100644
--- a/session.h
+++ b/session.h
@@ -123,7 +123,8 @@ struct sshsession {
unsigned char lastpacket; /* What the last received packet type was */
-
+ int signal_pipe[2]; /* stores endpoints of a self-pipe used for
+ race-free signal handling */
/* KEX/encryption related */
struct KEXState kexstate;
diff --git a/svr-chansession.c b/svr-chansession.c
index b6544e6..619a451 100644
--- a/svr-chansession.c
+++ b/svr-chansession.c
@@ -59,7 +59,6 @@ static void send_msg_chansess_exitstatus(struct Channel * channel,
struct ChanSess * chansess);
static void send_msg_chansess_exitsignal(struct Channel * channel,
struct ChanSess * chansess);
-static int sesscheckclose(struct Channel *channel);
static void get_termmodes(struct ChanSess *chansess);
@@ -68,7 +67,8 @@ extern char** environ;
static int sesscheckclose(struct Channel *channel) {
struct ChanSess *chansess = (struct ChanSess*)channel->typedata;
- return chansess->exit.exitpid >= 0;
+ TRACE(("sesscheckclose, pid is %d", chansess->exit.exitpid))
+ return chansess->exit.exitpid != -1;
}
/* Handler for childs exiting, store the state for return to the client */
@@ -89,12 +89,13 @@ static void sesssigchild_handler(int UNUSED(dummy)) {
TRACE(("enter sigchld handler"))
while ((pid = waitpid(-1, &status, WNOHANG)) > 0) {
+ TRACE(("sigchld handler: pid %d", pid))
exit = NULL;
/* find the corresponding chansess */
for (i = 0; i < svr_ses.childpidsize; i++) {
if (svr_ses.childpids[i].pid == pid) {
-
+ TRACE(("found match session"));
exit = &svr_ses.childpids[i].chansess->exit;
break;
}
@@ -103,6 +104,7 @@ static void sesssigchild_handler(int UNUSED(dummy)) {
/* If the pid wasn't matched, then we might have hit the race mentioned
* above. So we just store the info for the parent to deal with */
if (exit == NULL) {
+ TRACE(("using lastexit"));
exit = &svr_ses.lastexit;
}
@@ -121,9 +123,18 @@ static void sesssigchild_handler(int UNUSED(dummy)) {
/* we use this to determine how pid exited */
exit->exitsignal = -1;
}
+
+ /* Make sure that the main select() loop wakes up */
+ while (1) {
+ /* isserver is just a random byte to write. We can't do anything
+ about an error so should just ignore it */
+ if (write(ses.signal_pipe[1], &ses.isserver, 1) == 1
+ || errno != EINTR) {
+ break;
+ }
+ }
}
-
sa_chld.sa_handler = sesssigchild_handler;
sa_chld.sa_flags = SA_NOCLDSTOP;
sigaction(SIGCHLD, &sa_chld, NULL);
@@ -131,7 +142,6 @@ static void sesssigchild_handler(int UNUSED(dummy)) {
}
/* send the exit status or the signal causing termination for a session */
-/* XXX server */
static void send_exitsignalstatus(struct Channel *channel) {
struct ChanSess *chansess = (struct ChanSess*)channel->typedata;
@@ -170,10 +180,11 @@ static void send_msg_chansess_exitsignal(struct Channel * channel,
int i;
char* signame = NULL;
-
dropbear_assert(chansess->exit.exitpid != -1);
dropbear_assert(chansess->exit.exitsignal > 0);
+ TRACE(("send_msg_chansess_exitsignal %d", chansess->exit.exitsignal))
+
CHECKCLEARTOWRITE();
/* we check that we can match a signal name, otherwise
@@ -245,16 +256,17 @@ static void closechansess(struct Channel *channel) {
unsigned int i;
struct logininfo *li;
- chansess = (struct ChanSess*)channel->typedata;
+ TRACE(("enter closechansess"))
- send_exitsignalstatus(channel);
+ chansess = (struct ChanSess*)channel->typedata;
- TRACE(("enter closechansess"))
if (chansess == NULL) {
TRACE(("leave closechansess: chansess == NULL"))
return;
}
+ send_exitsignalstatus(channel);
+
m_free(chansess->cmd);
m_free(chansess->term);
@@ -282,7 +294,7 @@ static void closechansess(struct Channel *channel) {
if (svr_ses.childpids[i].chansess == chansess) {
dropbear_assert(svr_ses.childpids[i].pid > 0);
TRACE(("closing pid %d", svr_ses.childpids[i].pid))
- TRACE(("exitpid = %d", chansess->exit.exitpid))
+ TRACE(("exitpid is %d", chansess->exit.exitpid))
svr_ses.childpids[i].pid = -1;
svr_ses.childpids[i].chansess = NULL;
}
@@ -646,6 +658,12 @@ static int noptycommand(struct Channel *channel, struct ChanSess *chansess) {
if (!pid) {
/* child */
+ TRACE(("back to normal sigchld"))
+ /* Revert to normal sigchld handling */
+ if (signal(SIGCHLD, SIG_DFL) == SIG_ERR) {
+ dropbear_exit("signal() error");
+ }
+
/* redirect stdin/stdout */
#define FDIN 0
#define FDOUT 1
@@ -670,22 +688,24 @@ static int noptycommand(struct Channel *channel, struct ChanSess *chansess) {
/* parent */
TRACE(("continue noptycommand: parent"))
chansess->pid = pid;
+ TRACE(("child pid is %d", pid))
addchildpid(chansess, pid);
if (svr_ses.lastexit.exitpid != -1) {
+ TRACE(("parent side: lastexitpid is %d", svr_ses.lastexit.exitpid))
/* The child probably exited and the signal handler triggered
* possibly before we got around to adding the childpid. So we fill
- * out it's data manually */
+ * out its data manually */
for (i = 0; i < svr_ses.childpidsize; i++) {
- if (svr_ses.childpids[i].pid == pid) {
+ if (svr_ses.childpids[i].pid == svr_ses.lastexit.exitpid) {
+ TRACE(("found match for lastexitpid"))
svr_ses.childpids[i].chansess->exit = svr_ses.lastexit;
svr_ses.lastexit.exitpid = -1;
}
}
}
-
close(infds[FDIN]);
close(outfds[FDOUT]);
close(errfds[FDOUT]);
@@ -741,6 +761,12 @@ static int ptycommand(struct Channel *channel, struct ChanSess *chansess) {
if (pid == 0) {
/* child */
+ TRACE(("back to normal sigchld"))
+ /* Revert to normal sigchld handling */
+ if (signal(SIGCHLD, SIG_DFL) == SIG_ERR) {
+ dropbear_exit("signal() error");
+ }
+
/* redirect stdin/stdout/stderr */
close(chansess->master);