2018-05-24 07:59:01 +00:00
|
|
|
/*
|
|
|
|
* defs.h: initial definitions for PuTTY.
|
|
|
|
*
|
|
|
|
* The rule about this header file is that it can't depend on any
|
|
|
|
* other header file in this code base. This is where we define
|
|
|
|
* things, as much as we can, that other headers will want to refer
|
|
|
|
* to, such as opaque structure types and their associated typedefs,
|
|
|
|
* or macros that are used by other headers.
|
|
|
|
*/
|
|
|
|
|
|
|
|
#ifndef PUTTY_DEFS_H
|
|
|
|
#define PUTTY_DEFS_H
|
|
|
|
|
2018-05-27 15:56:51 +00:00
|
|
|
#include <stddef.h>
|
|
|
|
|
2018-05-26 06:19:18 +00:00
|
|
|
#ifndef FALSE
|
|
|
|
#define FALSE 0
|
|
|
|
#endif
|
|
|
|
#ifndef TRUE
|
|
|
|
#define TRUE 1
|
|
|
|
#endif
|
|
|
|
|
2018-05-24 07:59:01 +00:00
|
|
|
typedef struct conf_tag Conf;
|
|
|
|
typedef struct terminal_tag Terminal;
|
|
|
|
|
|
|
|
typedef struct Filename Filename;
|
|
|
|
typedef struct FontSpec FontSpec;
|
|
|
|
|
|
|
|
typedef struct bufchain_tag bufchain;
|
|
|
|
|
|
|
|
typedef struct strbuf strbuf;
|
|
|
|
|
|
|
|
struct RSAKey;
|
|
|
|
|
|
|
|
#include <stdint.h>
|
|
|
|
typedef uint32_t uint32;
|
|
|
|
|
2018-05-24 08:17:13 +00:00
|
|
|
typedef struct BinarySink BinarySink;
|
Introduce a centralised unmarshaller, 'BinarySource'.
This is the companion to the BinarySink system I introduced a couple
of weeks ago, and provides the same type-genericity which will let me
use the same get_* routines on an SSH packet, an SFTP packet or
anything else that chooses to include an implementing substructure.
However, unlike BinarySink which contained a (one-function) vtable,
BinarySource contains only mutable data fields - so another thing you
might very well want to do is to simply instantiate a bare one without
any containing object at all. I couldn't quite coerce C into letting
me use the same setup macro in both cases, so I've arranged a
BinarySource_INIT you can use on larger implementing objects and a
BinarySource_BARE_INIT you can use on a BinarySource not contained in
anything.
The API follows the general principle that even if decoding fails, the
decode functions will always return _some_ kind of value, with the
same dynamically-allocated-ness they would have used for a completely
successful value. But they also set an error flag in the BinarySource
which can be tested later. So instead of having to decode a 10-field
packet by means of 10 separate 'if (!get_foo(src)) throw error'
clauses, you can just write 10 'variable = get_foo(src)' statements
followed by a single check of get_err(src), and if the error check
fails, you have to do exactly the same set of frees you would have
after a successful decode.
2018-06-02 07:25:19 +00:00
|
|
|
typedef struct BinarySource BinarySource;
|
2018-05-24 08:17:13 +00:00
|
|
|
|
2018-09-23 15:35:29 +00:00
|
|
|
typedef struct IdempotentCallback IdempotentCallback;
|
|
|
|
|
Get rid of lots of implicit pointer types.
All the main backend structures - Ssh, Telnet, Pty, Serial etc - now
describe structure types themselves rather than pointers to them. The
same goes for the codebase-wide trait types Socket and Plug, and the
supporting types SockAddr and Pinger.
All those things that were typedefed as pointers are older types; the
newer ones have the explicit * at the point of use, because that's
what I now seem to be preferring. But whichever one of those is
better, inconsistently using a mixture of the two styles is worse, so
let's make everything consistent.
A few types are still implicitly pointers, such as Bignum and some of
the GSSAPI types; generally this is either because they have to be
void *, or because they're typedefed differently on different
platforms and aren't always pointers at all. Can't be helped. But I've
got rid of the main ones, at least.
2018-10-04 18:10:23 +00:00
|
|
|
typedef struct SockAddr SockAddr;
|
2018-05-27 08:29:33 +00:00
|
|
|
|
2018-10-05 06:24:16 +00:00
|
|
|
typedef struct Socket Socket;
|
|
|
|
typedef struct Plug Plug;
|
2018-05-27 08:29:33 +00:00
|
|
|
|
2018-09-11 15:23:38 +00:00
|
|
|
typedef struct Backend Backend;
|
2018-10-05 06:03:46 +00:00
|
|
|
typedef struct BackendVtable BackendVtable;
|
2018-09-11 15:23:38 +00:00
|
|
|
|
2018-09-11 14:02:59 +00:00
|
|
|
typedef struct Ldisc_tag Ldisc;
|
Refactor the LogContext type.
LogContext is now the owner of the logevent() function that back ends
and so forth are constantly calling. Previously, logevent was owned by
the Frontend, which would store the message into its list for the GUI
Event Log dialog (or print it to standard error, or whatever) and then
pass it _back_ to LogContext to write to the currently open log file.
Now it's the other way round: LogContext gets the message from the
back end first, writes it to its log file if it feels so inclined, and
communicates it back to the front end.
This means that lots of parts of the back end system no longer need to
have a pointer to a full-on Frontend; the only thing they needed it
for was logging, so now they just have a LogContext (which many of
them had to have anyway, e.g. for logging SSH packets or session
traffic).
LogContext itself also doesn't get a full Frontend pointer any more:
it now talks back to the front end via a little vtable of its own
called LogPolicy, which contains the method that passes Event Log
entries through, the old askappend() function that decides whether to
truncate a pre-existing log file, and an emergency function for
printing an especially prominent message if the log file can't be
created. One minor nice effect of this is that console and GUI apps
can implement that last function subtly differently, so that Unix
console apps can write it with a plain \n instead of the \r\n
(harmless but inelegant) that the old centralised implementation
generated.
One other consequence of this is that the LogContext has to be
provided to backend_init() so that it's available to backends from the
instant of creation, rather than being provided via a separate API
call a couple of function calls later, because backends have typically
started doing things that need logging (like making network
connections) before the call to backend_provide_logctx. Fortunately,
there's no case in the whole code base where we don't already have
logctx by the time we make a backend (so I don't actually remember why
I ever delayed providing one). So that shortens the backend API by one
function, which is always nice.
While I'm tidying up, I've also moved the printf-style logeventf() and
the handy logevent_and_free() into logging.c, instead of having copies
of them scattered around other places. This has also let me remove
some stub functions from a couple of outlying applications like
Pageant. Finally, I've removed the pointless "_tag" at the end of
LogContext's official struct name.
2018-10-10 18:26:18 +00:00
|
|
|
typedef struct LogContext LogContext;
|
|
|
|
typedef struct LogPolicy LogPolicy;
|
|
|
|
typedef struct LogPolicyVtable LogPolicyVtable;
|
2018-09-11 14:02:59 +00:00
|
|
|
|
2018-09-12 08:10:51 +00:00
|
|
|
typedef struct Frontend Frontend;
|
|
|
|
|
Get rid of lots of implicit pointer types.
All the main backend structures - Ssh, Telnet, Pty, Serial etc - now
describe structure types themselves rather than pointers to them. The
same goes for the codebase-wide trait types Socket and Plug, and the
supporting types SockAddr and Pinger.
All those things that were typedefed as pointers are older types; the
newer ones have the explicit * at the point of use, because that's
what I now seem to be preferring. But whichever one of those is
better, inconsistently using a mixture of the two styles is worse, so
let's make everything consistent.
A few types are still implicitly pointers, such as Bignum and some of
the GSSAPI types; generally this is either because they have to be
void *, or because they're typedefed differently on different
platforms and aren't always pointers at all. Can't be helped. But I've
got rid of the main ones, at least.
2018-10-04 18:10:23 +00:00
|
|
|
typedef struct Ssh Ssh;
|
2018-09-11 15:23:38 +00:00
|
|
|
|
Replace enum+union of local channel types with a vtable.
There's now an interface called 'Channel', which handles the local
side of an SSH connection-layer channel, in terms of knowing where to
send incoming channel data to, whether to close the channel, etc.
Channel and the previous 'struct ssh_channel' mutually refer. The
latter contains all the SSH-specific parts, and as much of the common
logic as possible: in particular, Channel doesn't have to know
anything about SSH packet formats, or which SSH protocol version is in
use, or deal with all the fiddly stuff about window sizes - with the
exception that x11fwd.c's implementation of it does have to be able to
ask for a small fixed initial window size for the bodgy system that
distinguishes upstream from downstream X forwardings.
I've taken the opportunity to move the code implementing the detailed
behaviour of agent forwarding out of ssh.c, now that all of it is on
the far side of a uniform interface. (This also means that if I later
implement agent forwarding directly to a Unix socket as an
alternative, it'll be a matter of changing just the one call to
agentf_new() that makes the Channel to plug into a forwarding.)
2018-09-12 14:03:47 +00:00
|
|
|
typedef struct Channel Channel;
|
2018-09-14 12:47:13 +00:00
|
|
|
typedef struct SshChannel SshChannel;
|
Replace enum+union of local channel types with a vtable.
There's now an interface called 'Channel', which handles the local
side of an SSH connection-layer channel, in terms of knowing where to
send incoming channel data to, whether to close the channel, etc.
Channel and the previous 'struct ssh_channel' mutually refer. The
latter contains all the SSH-specific parts, and as much of the common
logic as possible: in particular, Channel doesn't have to know
anything about SSH packet formats, or which SSH protocol version is in
use, or deal with all the fiddly stuff about window sizes - with the
exception that x11fwd.c's implementation of it does have to be able to
ask for a small fixed initial window size for the bodgy system that
distinguishes upstream from downstream X forwardings.
I've taken the opportunity to move the code implementing the detailed
behaviour of agent forwarding out of ssh.c, now that all of it is on
the far side of a uniform interface. (This also means that if I later
implement agent forwarding directly to a Unix socket as an
alternative, it'll be a matter of changing just the one call to
agentf_new() that makes the Channel to plug into a forwarding.)
2018-09-12 14:03:47 +00:00
|
|
|
|
2018-09-13 08:09:10 +00:00
|
|
|
typedef struct ssh_sharing_state ssh_sharing_state;
|
|
|
|
typedef struct ssh_sharing_connstate ssh_sharing_connstate;
|
|
|
|
typedef struct share_channel share_channel;
|
|
|
|
|
2018-09-14 16:04:39 +00:00
|
|
|
typedef struct PortFwdManager PortFwdManager;
|
|
|
|
typedef struct PortFwdRecord PortFwdRecord;
|
2018-09-17 11:14:00 +00:00
|
|
|
typedef struct ConnectionLayer ConnectionLayer;
|
2018-09-14 16:04:39 +00:00
|
|
|
|
2018-09-13 11:58:44 +00:00
|
|
|
typedef struct dlgparam dlgparam;
|
|
|
|
|
2018-09-14 07:45:42 +00:00
|
|
|
typedef struct settings_w settings_w;
|
|
|
|
typedef struct settings_r settings_r;
|
|
|
|
typedef struct settings_e settings_e;
|
|
|
|
|
Rework special-commands system to add an integer argument.
In order to list cross-certifiable host keys in the GUI specials menu,
the SSH backend has been inventing new values on the end of the
Telnet_Special enumeration, starting from the value TS_LOCALSTART.
This is inelegant, and also makes it awkward to break up special
handlers (e.g. to dispatch different specials to different SSH
layers), since if all you know about a special is that it's somewhere
in the TS_LOCALSTART+n space, you can't tell what _general kind_ of
thing it is. Also, if I ever need another open-ended set of specials
in future, I'll have to remember which TS_LOCALSTART+n codes are in
which set.
So here's a revamp that causes every special to take an extra integer
argument. For all previously numbered specials, this argument is
passed as zero and ignored, but there's a new main special code for
SSH host key cross-certification, in which the integer argument is an
index into the backend's list of available keys. TS_LOCALSTART is now
a thing of the past: if I need any other open-ended sets of specials
in future, I can add a new top-level code with a nicely separated
space of arguments.
While I'm at it, I've removed the legacy misnomer 'Telnet_Special'
from the code completely; the enum is now SessionSpecialCode, the
struct containing full details of a menu entry is SessionSpecial, and
the enum values now start SS_ rather than TS_.
2018-09-24 08:35:52 +00:00
|
|
|
typedef struct SessionSpecial SessionSpecial;
|
|
|
|
|
2018-05-27 15:56:51 +00:00
|
|
|
/*
|
|
|
|
* A small structure wrapping up a (pointer, length) pair so that it
|
|
|
|
* can be conveniently passed to or from a function.
|
|
|
|
*/
|
|
|
|
typedef struct ptrlen {
|
|
|
|
const void *ptr;
|
|
|
|
size_t len;
|
|
|
|
} ptrlen;
|
|
|
|
|
2018-06-09 08:00:11 +00:00
|
|
|
typedef struct logblank_t logblank_t;
|
|
|
|
|
2018-09-21 15:53:45 +00:00
|
|
|
typedef struct BinaryPacketProtocol BinaryPacketProtocol;
|
Move most of ssh.c out into separate source files.
I've tried to separate out as many individually coherent changes from
this work as I could into their own commits, but here's where I run
out and have to commit the rest of this major refactoring as a
big-bang change.
Most of ssh.c is now no longer in ssh.c: all five of the main
coroutines that handle layers of the SSH-1 and SSH-2 protocols now
each have their own source file to live in, and a lot of the
supporting functions have moved into the appropriate one of those too.
The new abstraction is a vtable called 'PacketProtocolLayer', which
has an input and output packet queue. Each layer's main coroutine is
invoked from the method ssh_ppl_process_queue(), which is usually
(though not exclusively) triggered automatically when things are
pushed on the input queue. In SSH-2, the base layer is the transport
protocol, and it contains a pair of subsidiary queues by which it
passes some of its packets to the higher SSH-2 layers - first userauth
and then connection, which are peers at the same level, with the
former abdicating in favour of the latter at the appropriate moment.
SSH-1 is simpler: the whole login phase of the protocol (crypto setup
and authentication) is all in one module, and since SSH-1 has no
repeat key exchange, that setup layer abdicates in favour of the
connection phase when it's done.
ssh.c itself is now about a tenth of its old size (which all by itself
is cause for celebration!). Its main job is to set up all the layers,
hook them up to each other and to the BPP, and to funnel data back and
forth between that collection of modules and external things such as
the network and the terminal. Once it's set up a collection of packet
protocol layers, it communicates with them partly by calling methods
of the base layer (and if that's ssh2transport then it will delegate
some functionality to the corresponding methods of its higher layer),
and partly by talking directly to the connection layer no matter where
it is in the stack by means of the separate ConnectionLayer vtable
which I introduced in commit 8001dd4cb, and to which I've now added
quite a few extra methods replacing services that used to be internal
function calls within ssh.c.
(One effect of this is that the SSH-1 and SSH-2 channel storage is now
no longer shared - there are distinct struct types ssh1_channel and
ssh2_channel. That means a bit more code duplication, but on the plus
side, a lot fewer confusing conditionals in the middle of half-shared
functions, and less risk of a piece of SSH-1 escaping into SSH-2 or
vice versa, which I remember has happened at least once in the past.)
The bulk of this commit introduces the five new source files, their
common header sshppl.h and some shared supporting routines in
sshcommon.c, and rewrites nearly all of ssh.c itself. But it also
includes a couple of other changes that I couldn't separate easily
enough:
Firstly, there's a new handling for socket EOF, in which ssh.c sets an
'input_eof' flag in the BPP, and that responds by checking a flag that
tells it whether to report the EOF as an error or not. (This is the
main reason for those new BPP_READ / BPP_WAITFOR macros - they can
check the EOF flag every time the coroutine is resumed.)
Secondly, the error reporting itself is changed around again. I'd
expected to put some data fields in the public PacketProtocolLayer
structure that it could set to report errors in the same way as the
BPPs have been doing, but in the end, I decided propagating all those
data fields around was a pain and that even the BPPs shouldn't have
been doing it that way. So I've reverted to a system where everything
calls back to functions in ssh.c itself to report any connection-
ending condition. But there's a new family of those functions,
categorising the possible such conditions by semantics, and each one
has a different set of detailed effects (e.g. how rudely to close the
network connection, what exit status should be passed back to the
whole application, whether to send a disconnect message and/or display
a GUI error box).
I don't expect this to be immediately perfect: of course, the code has
been through a big upheaval, new bugs are expected, and I haven't been
able to do a full job of testing (e.g. I haven't tested every auth or
kex method). But I've checked that it _basically_ works - both SSH
protocols, all the different kinds of forwarding channel, more than
one auth method, Windows and Linux, connection sharing - and I think
it's now at the point where the easiest way to find further bugs is to
let it out into the wild and see what users can spot.
2018-09-24 17:28:16 +00:00
|
|
|
typedef struct PacketProtocolLayer PacketProtocolLayer;
|
2018-09-21 15:53:45 +00:00
|
|
|
|
2018-05-24 07:59:01 +00:00
|
|
|
/* Do a compile-time type-check of 'to_check' (without evaluating it),
|
|
|
|
* as a side effect of returning the value 'to_return'. Note that
|
|
|
|
* although this macro double-*expands* to_return, it always
|
|
|
|
* *evaluates* exactly one copy of it, so it's side-effect safe. */
|
|
|
|
#define TYPECHECK(to_check, to_return) \
|
|
|
|
(sizeof(to_check) ? (to_return) : (to_return))
|
|
|
|
|
2018-05-24 13:55:10 +00:00
|
|
|
/* Return a pointer to the object of structure type 'type' whose field
|
|
|
|
* with name 'field' is pointed at by 'object'. */
|
2018-10-05 22:49:08 +00:00
|
|
|
#define container_of(object, type, field) \
|
2018-05-24 13:55:10 +00:00
|
|
|
TYPECHECK(object == &((type *)0)->field, \
|
|
|
|
((type *)(((char *)(object)) - offsetof(type, field))))
|
|
|
|
|
2018-05-24 07:59:01 +00:00
|
|
|
#endif /* PUTTY_DEFS_H */
|