diff options
-rw-r--r-- | usr.bin/ssh/clientloop.c | 9 | ||||
-rw-r--r-- | usr.bin/ssh/monitor.c | 14 | ||||
-rw-r--r-- | usr.bin/ssh/monitor_wrap.c | 9 | ||||
-rw-r--r-- | usr.bin/ssh/packet.c | 19 | ||||
-rw-r--r-- | usr.bin/ssh/roaming.h | 31 | ||||
-rw-r--r-- | usr.bin/ssh/roaming_common.c | 100 | ||||
-rw-r--r-- | usr.bin/ssh/roaming_dummy.c | 55 | ||||
-rw-r--r-- | usr.bin/ssh/serverloop.c | 8 | ||||
-rw-r--r-- | usr.bin/ssh/ssh-keyscan/Makefile | 4 | ||||
-rw-r--r-- | usr.bin/ssh/ssh-keysign/Makefile | 4 | ||||
-rw-r--r-- | usr.bin/ssh/ssh/Makefile | 5 | ||||
-rw-r--r-- | usr.bin/ssh/sshconnect.c | 8 | ||||
-rw-r--r-- | usr.bin/ssh/sshd.c | 7 | ||||
-rw-r--r-- | usr.bin/ssh/sshd/Makefile | 5 |
14 files changed, 250 insertions, 28 deletions
diff --git a/usr.bin/ssh/clientloop.c b/usr.bin/ssh/clientloop.c index 9f4379d484a..2b2007443aa 100644 --- a/usr.bin/ssh/clientloop.c +++ b/usr.bin/ssh/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.211 2009/05/27 06:33:39 andreas Exp $ */ +/* $OpenBSD: clientloop.c,v 1.212 2009/05/28 16:50:16 andreas Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -101,6 +101,7 @@ #include "misc.h" #include "match.h" #include "msg.h" +#include "roaming.h" /* import options */ extern Options options; @@ -626,7 +627,7 @@ client_suspend_self(Buffer *bin, Buffer *bout, Buffer *berr) static void client_process_net_input(fd_set *readset) { - int len; + int len, cont = 0; char buf[8192]; /* @@ -635,8 +636,8 @@ client_process_net_input(fd_set *readset) */ if (FD_ISSET(connection_in, readset)) { /* Read as much as possible. */ - len = read(connection_in, buf, sizeof(buf)); - if (len == 0) { + len = roaming_read(connection_in, buf, sizeof(buf), &cont); + if (len == 0 && cont == 0) { /* * Received EOF. The remote host has closed the * connection. diff --git a/usr.bin/ssh/monitor.c b/usr.bin/ssh/monitor.c index 0fc70af558c..2d03b327922 100644 --- a/usr.bin/ssh/monitor.c +++ b/usr.bin/ssh/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.102 2009/05/25 06:48:01 andreas Exp $ */ +/* $OpenBSD: monitor.c,v 1.103 2009/05/28 16:50:16 andreas Exp $ */ /* * Copyright 2002 Niels Provos <provos@citi.umich.edu> * Copyright 2002 Markus Friedl <markus@openbsd.org> @@ -110,6 +110,8 @@ struct { u_int ilen; u_char *output; u_int olen; + u_int64_t sent_bytes; + u_int64_t recv_bytes; } child_state; /* Functions on the monitor that answer unprivileged requests */ @@ -1359,6 +1361,10 @@ monitor_apply_keystate(struct monitor *pmonitor) child_state.olen); memset(child_state.output, 0, child_state.olen); xfree(child_state.output); + + /* Roaming */ + if (compat20) + roam_set_bytes(child_state.sent_bytes, child_state.recv_bytes); } static Kex * @@ -1474,6 +1480,12 @@ mm_get_keystate(struct monitor *pmonitor) child_state.input = buffer_get_string(&m, &child_state.ilen); child_state.output = buffer_get_string(&m, &child_state.olen); + /* Roaming */ + if (compat20) { + child_state.sent_bytes = buffer_get_int64(&m); + child_state.recv_bytes = buffer_get_int64(&m); + } + buffer_free(&m); } diff --git a/usr.bin/ssh/monitor_wrap.c b/usr.bin/ssh/monitor_wrap.c index d4672f13139..1c364ee2e7f 100644 --- a/usr.bin/ssh/monitor_wrap.c +++ b/usr.bin/ssh/monitor_wrap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_wrap.c,v 1.66 2009/05/25 06:48:01 andreas Exp $ */ +/* $OpenBSD: monitor_wrap.c,v 1.67 2009/05/28 16:50:16 andreas Exp $ */ /* * Copyright 2002 Niels Provos <provos@citi.umich.edu> * Copyright 2002 Markus Friedl <markus@openbsd.org> @@ -68,6 +68,7 @@ #include "channels.h" #include "session.h" #include "servconf.h" +#include "roaming.h" /* Imports */ extern int compat20; @@ -649,6 +650,12 @@ mm_send_keystate(struct monitor *monitor) buffer_put_string(&m, buffer_ptr(input), buffer_len(input)); buffer_put_string(&m, buffer_ptr(output), buffer_len(output)); + /* Roaming */ + if (compat20) { + buffer_put_int64(&m, get_sent_bytes()); + buffer_put_int64(&m, get_recv_bytes()); + } + mm_request_send(monitor->m_recvfd, MONITOR_REQ_KEYEXPORT, &m); debug3("%s: Finished sending state", __func__); diff --git a/usr.bin/ssh/packet.c b/usr.bin/ssh/packet.c index 8a3b1e124eb..52392fbc8f4 100644 --- a/usr.bin/ssh/packet.c +++ b/usr.bin/ssh/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.162 2009/05/27 06:36:07 andreas Exp $ */ +/* $OpenBSD: packet.c,v 1.163 2009/05/28 16:50:16 andreas Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -73,6 +73,7 @@ #include "canohost.h" #include "misc.h" #include "ssh.h" +#include "roaming.h" #ifdef PACKET_DEBUG #define DBG(x) x @@ -1003,7 +1004,7 @@ packet_send(void) int packet_read_seqnr(u_int32_t *seqnr_p) { - int type, len, ret, ms_remain; + int type, len, ret, ms_remain, cont; fd_set *setp; char buf[8192]; struct timeval timeout, start, *timeoutp = NULL; @@ -1068,7 +1069,11 @@ packet_read_seqnr(u_int32_t *seqnr_p) cleanup_exit(255); } /* Read data from the socket. */ - len = read(active_state->connection_in, buf, sizeof(buf)); + do { + cont = 0; + len = roaming_read(active_state->connection_in, buf, + sizeof(buf), &cont); + } while (len == 0 && cont); if (len == 0) { logit("Connection closed by %.200s", get_remote_ipaddr()); cleanup_exit(255); @@ -1614,16 +1619,18 @@ void packet_write_poll(void) { int len = buffer_len(&active_state->output); + int cont; if (len > 0) { - len = write(active_state->connection_out, - buffer_ptr(&active_state->output), len); + cont = 0; + len = roaming_write(active_state->connection_out, + buffer_ptr(&active_state->output), len, &cont); if (len == -1) { if (errno == EINTR || errno == EAGAIN) return; fatal("Write failed: %.100s", strerror(errno)); } - if (len == 0) + if (len == 0 && !cont) fatal("Write connection closed"); buffer_consume(&active_state->output, len); } diff --git a/usr.bin/ssh/roaming.h b/usr.bin/ssh/roaming.h new file mode 100644 index 00000000000..88193453a87 --- /dev/null +++ b/usr.bin/ssh/roaming.h @@ -0,0 +1,31 @@ +/* + * Copyright (c) 2004-2009 AppGate Network Security AB + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#ifndef ROAMING_H +#define ROAMING_H + +extern int resume_in_progress; + +void add_recv_bytes(u_int64_t); +ssize_t roaming_write(int, const void *, size_t, int *); +ssize_t roaming_read(int, void *, size_t, int *); +ssize_t roaming_atomicio(ssize_t (*)(int, void *, size_t), int, void *, size_t); +u_int64_t get_recv_bytes(void); +u_int64_t get_sent_bytes(void); +void roam_set_bytes(u_int64_t, u_int64_t); +int resume_kex(void); + +#endif /* ROAMING */ diff --git a/usr.bin/ssh/roaming_common.c b/usr.bin/ssh/roaming_common.c new file mode 100644 index 00000000000..5a871b23e52 --- /dev/null +++ b/usr.bin/ssh/roaming_common.c @@ -0,0 +1,100 @@ +/* + * Copyright (c) 2004-2009 AppGate Network Security AB + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include <sys/types.h> +#include <sys/socket.h> +#include <sys/uio.h> + +#include <errno.h> +#include <inttypes.h> +#include <stdarg.h> +#include <unistd.h> + +#include "atomicio.h" +#include "log.h" +#include "packet.h" +#include "xmalloc.h" +#include "cipher.h" +#include "buffer.h" +#include "roaming.h" + +static u_int64_t write_bytes = 0; +static u_int64_t read_bytes = 0; + +int resume_in_progress = 0; + +u_int64_t +get_recv_bytes(void) +{ + return read_bytes; +} + +void +add_recv_bytes(u_int64_t num) +{ + read_bytes += num; +} + +u_int64_t +get_sent_bytes(void) +{ + return write_bytes; +} + +void +roam_set_bytes(u_int64_t sent, u_int64_t recv) +{ + read_bytes = recv; + write_bytes = sent; +} + +ssize_t +roaming_write(int fd, const void *buf, size_t count, int *cont) +{ + ssize_t ret; + + ret = write(fd, buf, count); + if (ret > 0 && !resume_in_progress) { + write_bytes += ret; + } + debug("Wrote %d bytes for a total of %lld", ret, write_bytes); + return ret; +} + +ssize_t +roaming_read(int fd, void *buf, size_t count, int *cont) +{ + ssize_t ret = read(fd, buf, count); + if (ret > 0) { + if (!resume_in_progress) { + read_bytes += ret; + } + } + return ret; +} + +ssize_t +roaming_atomicio(ssize_t(*f)(), int fd, void *buf, size_t count) +{ + ssize_t ret = atomicio(f, fd, buf, count); + + if ((f == write || f == vwrite) && ret > 0 && !resume_in_progress) { + write_bytes += ret; + } else if (f == read && ret > 0 && !resume_in_progress) { + read_bytes += ret; + } + return ret; +} diff --git a/usr.bin/ssh/roaming_dummy.c b/usr.bin/ssh/roaming_dummy.c new file mode 100644 index 00000000000..cd1d202574e --- /dev/null +++ b/usr.bin/ssh/roaming_dummy.c @@ -0,0 +1,55 @@ +/* + * Copyright (c) 2004-2009 AppGate Network Security AB + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +/* + * This file is included in the client programs which should not + * support roaming. + */ + +#include <sys/types.h> +#include <unistd.h> + +int resume_in_progress = 0; + +u_int64_t get_recv_bytes() +{ + return 0; +} + +ssize_t +roaming_write(int fd, const void *buf, size_t count, int *cont) +{ + return write(fd, buf, count); +} + +ssize_t +roaming_read(int fd, void *buf, size_t count, int *cont) +{ + if (cont) + *cont = 0; + return read(fd, buf, count); +} + +void +add_recv_bytes(u_int64_t num) +{ +} + +int +resume_kex() +{ + return 1; +} diff --git a/usr.bin/ssh/serverloop.c b/usr.bin/ssh/serverloop.c index 12b312ce3b7..c118b60c2c6 100644 --- a/usr.bin/ssh/serverloop.c +++ b/usr.bin/ssh/serverloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: serverloop.c,v 1.158 2009/05/25 06:48:01 andreas Exp $ */ +/* $OpenBSD: serverloop.c,v 1.159 2009/05/28 16:50:16 andreas Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -74,6 +74,7 @@ #include "auth-options.h" #include "serverloop.h" #include "misc.h" +#include "roaming.h" extern ServerOptions options; @@ -375,8 +376,11 @@ process_input(fd_set *readset) /* Read and buffer any input data from the client. */ if (FD_ISSET(connection_in, readset)) { - len = read(connection_in, buf, sizeof(buf)); + int cont = 0; + len = roaming_read(connection_in, buf, sizeof(buf), &cont); if (len == 0) { + if (cont) + return; verbose("Connection closed by %.100s", get_remote_ipaddr()); connection_closed = 1; diff --git a/usr.bin/ssh/ssh-keyscan/Makefile b/usr.bin/ssh/ssh-keyscan/Makefile index 2ea5c23934c..be9ddbb73e8 100644 --- a/usr.bin/ssh/ssh-keyscan/Makefile +++ b/usr.bin/ssh/ssh-keyscan/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.4 2001/08/05 23:18:20 markus Exp $ +# $OpenBSD: Makefile,v 1.5 2009/05/28 16:50:16 andreas Exp $ .PATH: ${.CURDIR}/.. @@ -10,7 +10,7 @@ BINMODE?=555 BINDIR= /usr/bin MAN= ssh-keyscan.1 -SRCS= ssh-keyscan.c +SRCS= ssh-keyscan.c roaming_dummy.c .include <bsd.prog.mk> diff --git a/usr.bin/ssh/ssh-keysign/Makefile b/usr.bin/ssh/ssh-keysign/Makefile index 19bd9b50192..5ef23ca1e5b 100644 --- a/usr.bin/ssh/ssh-keysign/Makefile +++ b/usr.bin/ssh/ssh-keysign/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.5 2002/07/03 14:21:05 markus Exp $ +# $OpenBSD: Makefile,v 1.6 2009/05/28 16:50:16 andreas Exp $ .PATH: ${.CURDIR}/.. @@ -10,7 +10,7 @@ BINMODE?=4555 BINDIR= /usr/libexec MAN= ssh-keysign.8 -SRCS= ssh-keysign.c readconf.c +SRCS= ssh-keysign.c readconf.c roaming_dummy.c .include <bsd.prog.mk> diff --git a/usr.bin/ssh/ssh/Makefile b/usr.bin/ssh/ssh/Makefile index dbbd0d0e9e3..db2c08cc1ed 100644 --- a/usr.bin/ssh/ssh/Makefile +++ b/usr.bin/ssh/ssh/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.52 2008/05/09 14:18:45 djm Exp $ +# $OpenBSD: Makefile,v 1.53 2009/05/28 16:50:16 andreas Exp $ .PATH: ${.CURDIR}/.. @@ -13,7 +13,8 @@ LINKS= ${BINDIR}/ssh ${BINDIR}/slogin MLINKS= ssh.1 slogin.1 SRCS= ssh.c readconf.c clientloop.c sshtty.c \ - sshconnect.c sshconnect1.c sshconnect2.c mux.c + sshconnect.c sshconnect1.c sshconnect2.c mux.c \ + roaming_common.c .include <bsd.own.mk> # for AFS diff --git a/usr.bin/ssh/sshconnect.c b/usr.bin/ssh/sshconnect.c index 355734827be..0ea916c0f01 100644 --- a/usr.bin/ssh/sshconnect.c +++ b/usr.bin/ssh/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.213 2009/05/27 06:38:16 andreas Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.214 2009/05/28 16:50:16 andreas Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -47,6 +47,7 @@ #include "atomicio.h" #include "misc.h" #include "dns.h" +#include "roaming.h" #include "version.h" char *client_version_string = NULL; @@ -443,7 +444,7 @@ ssh_exchange_identification(int timeout_ms) } } - len = atomicio(read, connection_in, &buf[i], 1); + len = roaming_atomicio(read, connection_in, &buf[i], 1); if (len != 1 && errno == EPIPE) fatal("ssh_exchange_identification: " @@ -528,7 +529,8 @@ ssh_exchange_identification(int timeout_ms) compat20 ? PROTOCOL_MAJOR_2 : PROTOCOL_MAJOR_1, compat20 ? PROTOCOL_MINOR_2 : minor1, SSH_VERSION, compat20 ? "\r\n" : "\n"); - if (atomicio(vwrite, connection_out, buf, strlen(buf)) != strlen(buf)) + if (roaming_atomicio(vwrite, connection_out, buf, strlen(buf)) + != strlen(buf)) fatal("write: %.100s", strerror(errno)); client_version_string = xstrdup(buf); chop(client_version_string); diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c index d28b0ac9535..0850dfb4a9e 100644 --- a/usr.bin/ssh/sshd.c +++ b/usr.bin/ssh/sshd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.366 2009/01/22 10:02:34 djm Exp $ */ +/* $OpenBSD: sshd.c,v 1.367 2009/05/28 16:50:16 andreas Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -101,6 +101,7 @@ #include "ssh-gss.h" #endif #include "monitor_wrap.h" +#include "roaming.h" #include "version.h" #ifdef LIBWRAP @@ -399,7 +400,7 @@ sshd_exchange_identification(int sock_in, int sock_out) server_version_string = xstrdup(buf); /* Send our protocol version identification. */ - if (atomicio(vwrite, sock_out, server_version_string, + if (roaming_atomicio(vwrite, sock_out, server_version_string, strlen(server_version_string)) != strlen(server_version_string)) { logit("Could not write ident string to %s", get_remote_ipaddr()); @@ -409,7 +410,7 @@ sshd_exchange_identification(int sock_in, int sock_out) /* Read other sides version identification. */ memset(buf, 0, sizeof(buf)); for (i = 0; i < sizeof(buf) - 1; i++) { - if (atomicio(read, sock_in, &buf[i], 1) != 1) { + if (roaming_atomicio(read, sock_in, &buf[i], 1) != 1) { logit("Did not receive identification string from %s", get_remote_ipaddr()); cleanup_exit(255); diff --git a/usr.bin/ssh/sshd/Makefile b/usr.bin/ssh/sshd/Makefile index da984e7a5e2..fb06e7646ad 100644 --- a/usr.bin/ssh/sshd/Makefile +++ b/usr.bin/ssh/sshd/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.68 2008/11/04 08:22:13 djm Exp $ +# $OpenBSD: Makefile,v 1.69 2009/05/28 16:50:16 andreas Exp $ .PATH: ${.CURDIR}/.. @@ -15,7 +15,8 @@ SRCS= sshd.c auth-rhosts.c auth-passwd.c auth-rsa.c auth-rh-rsa.c \ auth-bsdauth.c auth2-hostbased.c auth2-kbdint.c \ auth2-none.c auth2-passwd.c auth2-pubkey.c \ monitor_mm.c monitor.c monitor_wrap.c \ - kexdhs.c kexgexs.c sftp-server.c sftp-common.c auth2-jpake.c + kexdhs.c kexgexs.c sftp-server.c sftp-common.c auth2-jpake.c \ + roaming_common.c .include <bsd.own.mk> # for KERBEROS and AFS |