From owner-svn-src-user@FreeBSD.ORG Fri Jun 17 17:43:35 2011 Return-Path: Delivered-To: svn-src-user@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 90438106564A; Fri, 17 Jun 2011 17:43:35 +0000 (UTC) (envelope-from brooks@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 7FA248FC0A; Fri, 17 Jun 2011 17:43:35 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p5HHhZq3000550; Fri, 17 Jun 2011 17:43:35 GMT (envelope-from brooks@svn.freebsd.org) Received: (from brooks@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p5HHhZrM000528; Fri, 17 Jun 2011 17:43:35 GMT (envelope-from brooks@svn.freebsd.org) Message-Id: <201106171743.p5HHhZrM000528@svn.freebsd.org> From: Brooks Davis Date: Fri, 17 Jun 2011 17:43:35 +0000 (UTC) To: src-committers@freebsd.org, svn-src-user@freebsd.org X-SVN-Group: user MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223192 - user/brooks/openssh-hpn X-BeenThere: svn-src-user@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the experimental " user" src tree" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 17 Jun 2011 17:43:35 -0000 Author: brooks Date: Fri Jun 17 17:43:35 2011 New Revision: 223192 URL: http://svn.freebsd.org/changeset/base/223192 Log: Merge lots of style and whitespace improvements from bz@. Modified: user/brooks/openssh-hpn/auth2.c user/brooks/openssh-hpn/buffer.c user/brooks/openssh-hpn/buffer.h user/brooks/openssh-hpn/channels.c user/brooks/openssh-hpn/channels.h user/brooks/openssh-hpn/clientloop.c user/brooks/openssh-hpn/compat.c user/brooks/openssh-hpn/compat.h user/brooks/openssh-hpn/kex.c user/brooks/openssh-hpn/kex.h user/brooks/openssh-hpn/misc.c user/brooks/openssh-hpn/misc.h user/brooks/openssh-hpn/packet.c user/brooks/openssh-hpn/packet.h user/brooks/openssh-hpn/progressmeter.c user/brooks/openssh-hpn/readconf.c user/brooks/openssh-hpn/readconf.h user/brooks/openssh-hpn/scp.c user/brooks/openssh-hpn/servconf.c user/brooks/openssh-hpn/servconf.h user/brooks/openssh-hpn/serverloop.c user/brooks/openssh-hpn/session.c user/brooks/openssh-hpn/ssh.c user/brooks/openssh-hpn/sshconnect.c user/brooks/openssh-hpn/sshconnect2.c user/brooks/openssh-hpn/sshd.c user/brooks/openssh-hpn/sshd_config user/brooks/openssh-hpn/version.h Modified: user/brooks/openssh-hpn/auth2.c ============================================================================== --- user/brooks/openssh-hpn/auth2.c Fri Jun 17 16:23:50 2011 (r223191) +++ user/brooks/openssh-hpn/auth2.c Fri Jun 17 17:43:35 2011 (r223192) @@ -49,7 +49,6 @@ #include "dispatch.h" #include "pathnames.h" #include "buffer.h" -#include "canohost.h" #ifdef GSSAPI #include "ssh-gss.h" Modified: user/brooks/openssh-hpn/buffer.c ============================================================================== --- user/brooks/openssh-hpn/buffer.c Fri Jun 17 16:23:50 2011 (r223191) +++ user/brooks/openssh-hpn/buffer.c Fri Jun 17 17:43:35 2011 (r223192) @@ -24,8 +24,9 @@ #include "buffer.h" #include "log.h" -#define BUFFER_MAX_CHUNK 0x100000 #define BUFFER_ALLOCSZ 0x008000 +#define BUFFER_MAX_CHUNK 0x100000 +#define BUFFER_MAX_LEN 0x4000000 /* 64MB */ /* Initializes the buffer structure. */ @@ -164,6 +165,13 @@ buffer_len(const Buffer *buffer) return buffer->end - buffer->offset; } +/* Returns the maximum number of bytes of data that may be in the buffer. */ +u_int +buffer_get_max_len(void) +{ + return (BUFFER_MAX_LEN); +} + /* Gets data from the beginning of the buffer. */ int Modified: user/brooks/openssh-hpn/buffer.h ============================================================================== --- user/brooks/openssh-hpn/buffer.h Fri Jun 17 16:23:50 2011 (r223191) +++ user/brooks/openssh-hpn/buffer.h Fri Jun 17 17:43:35 2011 (r223192) @@ -16,8 +16,6 @@ #ifndef BUFFER_H #define BUFFER_H -#define BUFFER_MAX_LEN 0x4000000 /* 64MB */ - typedef struct { u_char *buf; /* Buffer for data. */ u_int alloc; /* Number of bytes allocated for data. */ @@ -48,6 +46,8 @@ int buffer_get_ret(Buffer *, void *, u_ int buffer_consume_ret(Buffer *, u_int); int buffer_consume_end_ret(Buffer *, u_int); +u_int buffer_get_max_len(void); + #include void buffer_put_bignum(Buffer *, const BIGNUM *); Modified: user/brooks/openssh-hpn/channels.c ============================================================================== --- user/brooks/openssh-hpn/channels.c Fri Jun 17 16:23:50 2011 (r223191) +++ user/brooks/openssh-hpn/channels.c Fri Jun 17 17:43:35 2011 (r223192) @@ -170,8 +170,10 @@ static void port_open_helper(Channel *c, static int connect_next(struct channel_connect *); static void channel_connect_ctx_free(struct channel_connect *); +/* -- HPN */ + static int hpn_disabled = 0; -static int hpn_buffer_size = 2 * 1024 * 1024; +static u_int buffer_size = CHAN_HPN_MIN_WINDOW_DEFAULT; /* -- channel core */ @@ -312,11 +314,11 @@ channel_new(char *ctype, int type, int r c->self = found; c->type = type; c->ctype = ctype; + c->dynamic_window = 0; c->local_window = window; c->local_window_max = window; c->local_consumed = 0; c->local_maxpacket = maxpack; - c->dynamic_window = 0; c->remote_id = -1; c->remote_name = xstrdup(remote_name); c->remote_window = 0; @@ -812,34 +814,45 @@ channel_pre_open_13(Channel *c, fd_set * FD_SET(c->sock, writeset); } -int channel_tcpwinsz () { - u_int32_t tcpwinsz = 0; - socklen_t optsz = sizeof(tcpwinsz); - int ret = -1; +static u_int +channel_tcpwinsz(void) +{ + u_int32_t tcpwinsz; + socklen_t optsz; + int ret, sd; + u_int maxlen; - /* if we aren't on a socket return 128KB*/ + /* If we are not on a socket return 128KB. */ if (!packet_connection_is_on_socket()) - return(128*1024); - ret = getsockopt(packet_get_connection_in(), - SOL_SOCKET, SO_RCVBUF, &tcpwinsz, &optsz); - /* return no more than 64MB */ - if ((ret == 0) && tcpwinsz > BUFFER_MAX_LEN) - tcpwinsz = BUFFER_MAX_LEN; - debug2("tcpwinsz: %d for connection: %d", tcpwinsz, - packet_get_connection_in()); - return(tcpwinsz); + return (128 * 1024); + + tcpwinsz = 0; + optsz = sizeof(tcpwinsz); + sd = packet_get_connection_in(); + ret = getsockopt(sd, SOL_SOCKET, SO_RCVBUF, &tcpwinsz, &optsz); + + /* Return no more than the maximum buffer size. */ + maxlen = buffer_get_max_len(); + if ((ret == 0) && tcpwinsz > maxlen) + tcpwinsz = maxlen; + /* In case getsockopt() failed return a minimum. */ + if (tcpwinsz == 0) + tcpwinsz = CHAN_TCP_WINDOW_DEFAULT; + debug2("tcpwinsz: %d for connection: %d", tcpwinsz, sd); + return (tcpwinsz); } static void channel_pre_open(Channel *c, fd_set *readset, fd_set *writeset) { - u_int limit = compat20 ? c->remote_window : packet_get_maxsize(); + u_int limit; - /* check buffer limits */ - if ((!c->tcpwinsz) || (c->dynamic_window > 0)) + /* Check buffer limits. */ + if (!c->tcpwinsz || c->dynamic_window > 0) c->tcpwinsz = channel_tcpwinsz(); - - limit = MIN(limit, 2 * c->tcpwinsz); + + limit = MIN(compat20 ? c->remote_window : packet_get_maxsize(), + 2 * c->tcpwinsz); if (c->istate == CHAN_INPUT_OPEN && limit > 0 && @@ -1818,13 +1831,14 @@ channel_check_window(Channel *c) c->local_window < c->local_window_max/2) && c->local_consumed > 0) { u_int addition = 0; - /* adjust max window size if we are in a dynamic environment */ - if (c->dynamic_window && (c->tcpwinsz > c->local_window_max)) { + + /* Adjust max window size if we are in a dynamic environment. */ + if (c->dynamic_window && c->tcpwinsz > c->local_window_max) { /* - * Grow the window somewhat aggressively to - * maintain pressure. + * Grow the window somewhat aggressively to maintain + * pressure. */ - addition = 1.5*(c->tcpwinsz - c->local_window_max); + addition = 1.5 * (c->tcpwinsz - c->local_window_max); c->local_window_max += addition; } packet_start(SSH2_MSG_CHANNEL_WINDOW_ADJUST); @@ -2673,12 +2687,11 @@ channel_set_af(int af) } void -channel_set_hpn(int external_hpn_disabled, int external_hpn_buffer_size) +channel_set_hpn(int disabled, u_int buf_size) { - hpn_disabled = external_hpn_disabled; - hpn_buffer_size = external_hpn_buffer_size; - debug("HPN Disabled: %d, HPN Buffer Size: %d", - hpn_disabled, hpn_buffer_size); + hpn_disabled = disabled; + buffer_size = buf_size; + debug("HPN Disabled: %d, HPN Buffer Size: %d", hpn_disabled, buffer_size); } static int @@ -2833,16 +2846,18 @@ channel_setup_fwd_listener(int type, con *allocated_listen_port); } - /* Allocate a channel number for the socket. */ - if (hpn_disabled) { + /* + * Allocate a channel number for the socket. Explicitly test + * for hpn disabled option. If true use smaller window size. + */ + if (hpn_disabled) c = channel_new("port listener", type, sock, sock, -1, CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, 0, "port listener", 1); - } else { + else c = channel_new("port listener", type, sock, sock, -1, hpn_buffer_size, CHAN_TCP_PACKET_DEFAULT, 0, "port listener", 1); - } c->path = xstrdup(host); c->host_port = port_to_connect; c->listening_port = listen_port; @@ -3387,17 +3402,16 @@ x11_create_display_inet(int x11_display_ *chanids = xcalloc(num_socks + 1, sizeof(**chanids)); for (n = 0; n < num_socks; n++) { sock = socks[n]; - if (hpn_disabled) { + if (hpn_disabled) nc = channel_new("x11 listener", SSH_CHANNEL_X11_LISTENER, sock, sock, -1, CHAN_X11_WINDOW_DEFAULT, CHAN_X11_PACKET_DEFAULT, 0, "X11 inet listener", 1); - } else { + else nc = channel_new("x11 listener", SSH_CHANNEL_X11_LISTENER, sock, sock, -1, hpn_buffer_size, CHAN_X11_PACKET_DEFAULT, 0, "X11 inet listener", 1); - } nc->single_connection = single_connection; (*chanids)[n] = nc->self; } Modified: user/brooks/openssh-hpn/channels.h ============================================================================== --- user/brooks/openssh-hpn/channels.h Fri Jun 17 16:23:50 2011 (r223191) +++ user/brooks/openssh-hpn/channels.h Fri Jun 17 17:43:35 2011 (r223192) @@ -125,10 +125,10 @@ struct Channel { u_int local_window_max; u_int local_consumed; u_int local_maxpacket; + u_int tcpwinsz; int dynamic_window; int extended_usage; int single_connection; - u_int tcpwinsz; char *ctype; /* type */ @@ -164,11 +164,15 @@ struct Channel { /* default window/packet sizes for tcp/x11-fwd-channel */ #define CHAN_SES_PACKET_DEFAULT (32*1024) #define CHAN_SES_WINDOW_DEFAULT (4*CHAN_SES_PACKET_DEFAULT) + #define CHAN_TCP_PACKET_DEFAULT (32*1024) #define CHAN_TCP_WINDOW_DEFAULT (4*CHAN_TCP_PACKET_DEFAULT) + #define CHAN_X11_PACKET_DEFAULT (16*1024) #define CHAN_X11_WINDOW_DEFAULT (4*CHAN_X11_PACKET_DEFAULT) +#define CHAN_HPN_MIN_WINDOW_DEFAULT (2*1024*1024) + /* possible input states */ #define CHAN_INPUT_OPEN 0 #define CHAN_INPUT_WAIT_DRAIN 1 @@ -239,7 +243,7 @@ void channel_input_status_confirm(int, void channel_prepare_select(fd_set **, fd_set **, int *, u_int*, int); void channel_after_select(fd_set *, fd_set *); -void channel_output_poll(void); +void channel_output_poll(void); int channel_not_very_much_buffered_data(void); void channel_close_all(void); @@ -297,6 +301,6 @@ void chan_write_failed(Channel *); void chan_obuf_empty(Channel *); /* hpn handler */ -void channel_set_hpn(int, int); +void channel_set_hpn(int, u_int); #endif Modified: user/brooks/openssh-hpn/clientloop.c ============================================================================== --- user/brooks/openssh-hpn/clientloop.c Fri Jun 17 16:23:50 2011 (r223191) +++ user/brooks/openssh-hpn/clientloop.c Fri Jun 17 17:43:35 2011 (r223192) @@ -1768,18 +1768,14 @@ client_request_x11(const char *request_t sock = x11_connect_display(); if (sock < 0) return NULL; - /* again is this really necessary for X11? */ - if (options.hpn_disabled) { - c = channel_new("x11", - SSH_CHANNEL_X11_OPEN, sock, sock, -1, + if (options.hpn_disabled) + c = channel_new("x11", SSH_CHANNEL_X11_OPEN, sock, sock, -1, CHAN_TCP_WINDOW_DEFAULT, CHAN_X11_PACKET_DEFAULT, 0, "x11", 1); - } else { - c = channel_new("x11", - SSH_CHANNEL_X11_OPEN, sock, sock, -1, + else + c = channel_new("x11", SSH_CHANNEL_X11_OPEN, sock, sock, -1, options.hpn_buffer_size, CHAN_X11_PACKET_DEFAULT, 0, "x11", 1); - } c->force_drain = 1; return c; } @@ -1799,17 +1795,16 @@ client_request_agent(const char *request sock = ssh_get_authentication_socket(); if (sock < 0) return NULL; - if (options.hpn_disabled) { + if (options.hpn_disabled) c = channel_new("authentication agent connection", SSH_CHANNEL_OPEN, sock, sock, -1, CHAN_X11_WINDOW_DEFAULT, CHAN_TCP_WINDOW_DEFAULT, 0, "authentication agent connection", 1); - } else { + else c = channel_new("authentication agent connection", SSH_CHANNEL_OPEN, sock, sock, -1, options.hpn_buffer_size, options.hpn_buffer_size, 0, "authentication agent connection", 1); - } c->force_drain = 1; return c; } @@ -1836,15 +1831,14 @@ client_request_tun_fwd(int tun_mode, int return -1; } - if(options.hpn_disabled) { + if (options.hpn_disabled) c = channel_new("tun", SSH_CHANNEL_OPENING, fd, fd, -1, CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, 0, "tun", 1); - } else { + else c = channel_new("tun", SSH_CHANNEL_OPENING, fd, fd, -1, options.hpn_buffer_size, CHAN_TCP_PACKET_DEFAULT, 0, "tun", 1); - } c->datagram = 1; #if defined(SSH_TUN_FILTER) Modified: user/brooks/openssh-hpn/compat.c ============================================================================== --- user/brooks/openssh-hpn/compat.c Fri Jun 17 16:23:50 2011 (r223191) +++ user/brooks/openssh-hpn/compat.c Fri Jun 17 17:43:35 2011 (r223192) @@ -171,15 +171,14 @@ compat_datafellows(const char *version) debug("match: %s pat %s", version, check[i].pat); datafellows = check[i].bugs; /* - * Check to see if the remote side is OpenSSH and - * not HPN. - * XXX: Using the version to do this is bizzare. + * Check to see if the remote side is OpenSSH and not + * HPN. It is utterly strange to check it from the + * version string and expose the option that way. */ - if(strstr(version,"OpenSSH") != NULL) { - if (strstr(version,"hpn") == NULL) { - datafellows |= SSH_BUG_LARGEWINDOW; - debug("Remote is NON-HPN aware"); - } + if (strstr(version,"OpenSSH") != NULL && + strstr(version,"hpn") == NULL) { + datafellows |= SSH_BUG_LARGEWINDOW; + debug("Remote is not HPN-aware"); } return; } Modified: user/brooks/openssh-hpn/compat.h ============================================================================== --- user/brooks/openssh-hpn/compat.h Fri Jun 17 16:23:50 2011 (r223191) +++ user/brooks/openssh-hpn/compat.h Fri Jun 17 17:43:35 2011 (r223192) @@ -58,7 +58,7 @@ #define SSH_OLD_FORWARD_ADDR 0x01000000 #define SSH_BUG_RFWD_ADDR 0x02000000 #define SSH_NEW_OPENSSH 0x04000000 -#define SSH_BUG_LARGEWINDOW 0x08000000 +#define SSH_BUG_LARGEWINDOW 0x08000000 void enable_compat13(void); void enable_compat20(void); Modified: user/brooks/openssh-hpn/kex.c ============================================================================== --- user/brooks/openssh-hpn/kex.c Fri Jun 17 16:23:50 2011 (r223191) +++ user/brooks/openssh-hpn/kex.c Fri Jun 17 17:43:35 2011 (r223192) @@ -90,8 +90,7 @@ kex_names_valid(const char *names) return 1; } -/* put algorithm proposal into buffer */ -/* used in sshconnect.c as well as kex.c */ +/* Put algorithm proposal into buffer. Also used in sshconnect2.c. */ void kex_prop2buf(Buffer *b, char *proposal[PROPOSAL_MAX]) { @@ -408,13 +407,8 @@ kex_choose_conf(Kex *kex) int nenc, nmac, ncomp; u_int mode, ctos, need; int first_kex_follows, type; - int auth_flag; - auth_flag = packet_authentication_state(); - - debug ("AUTH STATE IS %d", auth_flag); - my = kex_buf2prop(&kex->my, NULL); peer = kex_buf2prop(&kex->peer, &first_kex_follows); @@ -437,6 +431,8 @@ kex_choose_conf(Kex *kex) } /* Algorithm Negotiation */ + auth_flag = packet_get_authentication_state(); + debug ("AUTH STATE is %d", auth_flag); for (mode = 0; mode < MODE_MAX; mode++) { newkeys = xcalloc(1, sizeof(*newkeys)); kex->newkeys[mode] = newkeys; @@ -448,13 +444,14 @@ kex_choose_conf(Kex *kex) choose_enc (&newkeys->enc, cprop[nenc], sprop[nenc]); choose_mac (&newkeys->mac, cprop[nmac], sprop[nmac]); choose_comp(&newkeys->comp, cprop[ncomp], sprop[ncomp]); + debug("REQUESTED ENC.NAME is '%s'", newkeys->enc.name); if (strcmp(newkeys->enc.name, "none") == 0) { debug("Requesting NONE. Authflag is %d", auth_flag); if (auth_flag == 1) debug("None requested post authentication."); else - fatal("Pre-authentication none cipher " - "requests are not allowed."); + fatal("Pre-authentication none cipher requests " + "are not allowed."); } debug("kex: %s %s %s %s", ctos ? "client->server" : "server->client", Modified: user/brooks/openssh-hpn/kex.h ============================================================================== --- user/brooks/openssh-hpn/kex.h Fri Jun 17 16:23:50 2011 (r223191) +++ user/brooks/openssh-hpn/kex.h Fri Jun 17 17:43:35 2011 (r223192) @@ -140,7 +140,7 @@ struct Kex { int kex_names_valid(const char *); -void kex_prop2buf(Buffer *, char *proposal[PROPOSAL_MAX]); +void kex_prop2buf(Buffer *, char *[PROPOSAL_MAX]); Kex *kex_setup(char *[PROPOSAL_MAX]); void kex_finish(Kex *); Modified: user/brooks/openssh-hpn/misc.c ============================================================================== --- user/brooks/openssh-hpn/misc.c Fri Jun 17 16:23:50 2011 (r223191) +++ user/brooks/openssh-hpn/misc.c Fri Jun 17 17:43:35 2011 (r223192) @@ -996,3 +996,34 @@ sock_set_v6only(int s) error("setsockopt IPV6_V6ONLY: %s", strerror(errno)); #endif } + +void +sock_get_rcvbuf(int *size, int rcvbuf) +{ + int sock, socksize; + socklen_t socksizelen = sizeof(socksize); + + /* + * Create a socket but do not connect it. We use it + * only to get the rcv socket size. + */ + sock = socket(AF_INET6, SOCK_STREAM, 0); + if (sock < 0) + sock = socket(AF_INET, SOCK_STREAM, 0); + if (sock < 0) + return; + + /* + * If the tcp_rcv_buf option is set and passed in, attempt to set the + * buffer size to its value. + */ + if (rcvbuf) + setsockopt(sock, SOL_SOCKET, SO_RCVBUF, (void *)&rcvbuf, + sizeof(rcvbuf)); + + if (getsockopt(sock, SOL_SOCKET, SO_RCVBUF, + &socksize, &socksizelen) == 0) + if (size != NULL) + *size = socksize; + close(sock); +} Modified: user/brooks/openssh-hpn/misc.h ============================================================================== --- user/brooks/openssh-hpn/misc.h Fri Jun 17 16:23:50 2011 (r223191) +++ user/brooks/openssh-hpn/misc.h Fri Jun 17 17:43:35 2011 (r223192) @@ -36,6 +36,7 @@ void sanitise_stdfd(void); void ms_subtract_diff(struct timeval *, int *); void ms_to_timeval(struct timeval *, int); void sock_set_v6only(int); +void sock_get_rcvbuf(int *, int); struct passwd *pwcopy(struct passwd *); const char *ssh_gai_strerror(int); Modified: user/brooks/openssh-hpn/packet.c ============================================================================== --- user/brooks/openssh-hpn/packet.c Fri Jun 17 16:23:50 2011 (r223191) +++ user/brooks/openssh-hpn/packet.c Fri Jun 17 17:43:35 2011 (r223192) @@ -195,6 +195,7 @@ struct session_state { }; static struct session_state *active_state, *backup_state; +static int rekey_requested = 0; static struct session_state * alloc_session_state(void) @@ -1012,6 +1013,7 @@ packet_send2(void) void packet_send(void) { + if (compat20) packet_send2(); else @@ -1861,7 +1863,6 @@ packet_send_ignore(int nbytes) } } -int rekey_requested = 0; void packet_request_rekeying(void) { @@ -1971,7 +1972,7 @@ packet_restore_state(void) } int -packet_authentication_state(void) +packet_get_authentication_state(void) { - return(active_state->after_authentication); + return (active_state->after_authentication); } Modified: user/brooks/openssh-hpn/packet.h ============================================================================== --- user/brooks/openssh-hpn/packet.h Fri Jun 17 16:23:50 2011 (r223191) +++ user/brooks/openssh-hpn/packet.h Fri Jun 17 17:43:35 2011 (r223192) @@ -23,9 +23,6 @@ #include #endif -void -packet_request_rekeying(void); - void packet_set_connection(int, int); void packet_set_timeout(int, int); void packet_set_nonblocking(void); @@ -41,7 +38,7 @@ void packet_set_interactive(int, int int packet_is_interactive(void); void packet_set_server(void); void packet_set_authenticated(void); -int packet_authentication_state(void); +int packet_get_authentication_state(void); void packet_start(u_char); void packet_put_char(int ch); @@ -55,7 +52,7 @@ void packet_put_ecpoint(const EC_GRO void packet_put_string(const void *buf, u_int len); void packet_put_cstring(const char *str); void packet_put_raw(const void *buf, u_int len); -void packet_send(void); +void packet_send(void); int packet_read(void); void packet_read_expect(int type); @@ -121,6 +118,7 @@ do { \ } while (0) int packet_need_rekeying(void); +void packet_request_rekeying(void); void packet_set_rekey_limit(u_int32_t); void packet_backup_state(void); Modified: user/brooks/openssh-hpn/progressmeter.c ============================================================================== --- user/brooks/openssh-hpn/progressmeter.c Fri Jun 17 16:23:50 2011 (r223191) +++ user/brooks/openssh-hpn/progressmeter.c Fri Jun 17 17:43:35 2011 (r223192) @@ -175,7 +175,7 @@ refresh_progress_meter(void) percent = ((float)cur_pos / end_pos) * 100; else percent = 100; - snprintf(buf + strlen(buf), win_size - strlen(buf-8), + snprintf(buf + strlen(buf), win_size - strlen(buf), " %3d%% ", percent); /* amount transferred */ Modified: user/brooks/openssh-hpn/readconf.c ============================================================================== --- user/brooks/openssh-hpn/readconf.c Fri Jun 17 16:23:50 2011 (r223191) +++ user/brooks/openssh-hpn/readconf.c Fri Jun 17 17:43:35 2011 (r223192) @@ -135,8 +135,8 @@ typedef enum { oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand, oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication, oKexAlgorithms, oIPQoS, + oHPNDisabled, oHPNBufferSize, oTcpRcvBufPoll, oTcpRcvBuf, oNoneEnabled, oNoneSwitch, - oTcpRcvBufPoll, oTcpRcvBuf, oHPNDisabled, oHPNBufferSize, oDeprecated, oUnsupported } OpCodes; @@ -247,12 +247,12 @@ static struct { #endif { "kexalgorithms", oKexAlgorithms }, { "ipqos", oIPQoS }, - { "noneenabled", oNoneEnabled }, - { "noneswitch", oNoneSwitch }, - { "tcprcvbufpoll", oTcpRcvBufPoll }, - { "tcprcvbuf", oTcpRcvBuf }, { "hpndisabled", oHPNDisabled }, { "hpnbuffersize", oHPNBufferSize }, + { "tcprcvbufpoll", oTcpRcvBufPoll }, + { "tcprcvbuf", oTcpRcvBuf }, + { "noneenabled", oNoneEnabled }, + { "noneswitch", oNoneSwitch }, { NULL, oBadOption } }; @@ -499,46 +499,6 @@ parse_flag: intptr = &options->check_host_ip; goto parse_flag; - case oNoneEnabled: - intptr = &options->none_enabled; - goto parse_flag; - - /* - * We check to see if the command comes from the command line or - * not. If it does then enable it otherwise fail. NONE should - * never be a default configuration. - */ - case oNoneSwitch: - if(strcmp(filename,"command-line")==0) - { - intptr = &options->none_switch; - goto parse_flag; - } else { - error("NoneSwitch is found in %.200s.\n" - "You may only use this configuration option " - "from the command line", filename); - error("Continuing..."); - debug("NoneSwitch directive found in %.200s.", - filename); - return 0; - } - - case oHPNDisabled: - intptr = &options->hpn_disabled; - goto parse_flag; - - case oHPNBufferSize: - intptr = &options->hpn_buffer_size; - goto parse_int; - - case oTcpRcvBufPoll: - intptr = &options->tcp_rcv_buf_poll; - goto parse_flag; - - case oTcpRcvBuf: - intptr = &options->tcp_rcv_buf; - goto parse_int; - case oVerifyHostKeyDNS: intptr = &options->verify_host_key_dns; goto parse_yesnoask; @@ -1045,6 +1005,45 @@ parse_int: intptr = &options->use_roaming; goto parse_flag; + case oHPNDisabled: + intptr = &options->hpn_disabled; + goto parse_flag; + + case oHPNBufferSize: + intptr = &options->hpn_buffer_size; + goto parse_int; + + case oTcpRcvBufPoll: + intptr = &options->tcp_rcv_buf_poll; + goto parse_flag; + + case oTcpRcvBuf: + intptr = &options->tcp_rcv_buf; + goto parse_int; + + case oNoneEnabled: + intptr = &options->none_enabled; + goto parse_flag; + + /* + * We check to see if the command comes from the command line or not. + * If it does then enable it otherwise fail. NONE must never be a + * default configuration. + */ + case oNoneSwitch: + if (strcmp(filename,"command-line") == 0) { + intptr = &options->none_switch; + goto parse_flag; + } else { + debug("NoneSwitch directive found in %.200s.", + filename); + error("NoneSwitch is found in %.200s.\n" + "You may only use this configuration option " + "from the command line", filename); + error("Continuing..."); + return 0; + } + case oDeprecated: debug("%s line %d: Deprecated option \"%s\"", filename, linenum, keyword); @@ -1205,12 +1204,12 @@ initialize_options(Options * options) options->zero_knowledge_password_authentication = -1; options->ip_qos_interactive = -1; options->ip_qos_bulk = -1; - options->none_switch = -1; - options->none_enabled = -1; options->hpn_disabled = -1; options->hpn_buffer_size = -1; options->tcp_rcv_buf_poll = -1; options->tcp_rcv_buf = -1; + options->none_enabled = -1; + options->none_switch = -1; } /* @@ -1343,24 +1342,6 @@ fill_default_options(Options * options) options->server_alive_interval = 0; if (options->server_alive_count_max == -1) options->server_alive_count_max = 3; - if (options->none_switch == -1) - options->none_switch = 0; - if (options->hpn_disabled == -1) - options->hpn_disabled = 0; - if (options->hpn_buffer_size > -1) { - /* if a user tries to set the size to 0 set it to 1KB */ - if (options->hpn_buffer_size == 0) - options->hpn_buffer_size = 1024; - if (options->hpn_buffer_size > BUFFER_MAX_LEN/1024) - options->hpn_buffer_size = BUFFER_MAX_LEN; - debug("hpn_buffer_size set to %d", options->hpn_buffer_size); - } - if (options->tcp_rcv_buf == 0) - options->tcp_rcv_buf = 1; - if (options->tcp_rcv_buf > -1) - options->tcp_rcv_buf *=1024; - if (options->tcp_rcv_buf_poll == -1) - options->tcp_rcv_buf_poll = 1; if (options->control_master == -1) options->control_master = 0; if (options->control_persist == -1) { @@ -1393,6 +1374,34 @@ fill_default_options(Options * options) /* options->hostname will be set in the main program if appropriate */ /* options->host_key_alias should not be set by default */ /* options->preferred_authentications will be set in ssh */ + if (options->hpn_disabled == -1) + options->hpn_disabled = 0; + if (options->hpn_buffer_size > -1) + { + u_int maxlen; + + /* If a user tries to set the size to 0 set it to 1KB. */ + if (options->hpn_buffer_size == 0) + options->hpn_buffer_size = 1024; + /* Limit the buffer to BUFFER_MAX_LEN. */ + maxlen = buffer_get_max_len(); + if (options->hpn_buffer_size > (maxlen / 1024)) { + debug("User requested buffer larger than %ub: %ub. " + "Request reverted to %ub", maxlen, + options->hpn_buffer_size * 1024, maxlen); + options->hpn_buffer_size = maxlen; + } + debug("hpn_buffer_size set to %d", options->hpn_buffer_size); + } + if (options->tcp_rcv_buf == 0) + options->tcp_rcv_buf = 1; + if (options->tcp_rcv_buf > -1) + options->tcp_rcv_buf *= 1024; + if (options->tcp_rcv_buf_poll == -1) + options->tcp_rcv_buf_poll = 1; + /* options->none_enabled must not be set by default */ + if (options->none_switch == -1) + options->none_switch = 0; } /* Modified: user/brooks/openssh-hpn/readconf.h ============================================================================== --- user/brooks/openssh-hpn/readconf.h Fri Jun 17 16:23:50 2011 (r223191) +++ user/brooks/openssh-hpn/readconf.h Fri Jun 17 17:43:35 2011 (r223192) @@ -59,11 +59,6 @@ typedef struct { int compression_level; /* Compression level 1 (fast) to 9 * (best). */ int tcp_keep_alive; /* Set SO_KEEPALIVE. */ - int tcp_rcv_buf; /* user switch to set tcp recv buffer */ - int tcp_rcv_buf_poll; /* Option to poll recv buf every - * window transfer. */ - int hpn_disabled; /* Switch to disable HPN buffer management */ - int hpn_buffer_size; /* User definable size for HPN buffer window */ int ip_qos_interactive; /* IP ToS/DSCP/class for interactive */ int ip_qos_bulk; /* IP ToS/DSCP/class for bulk traffic */ LogLevel log_level; /* Level for logging. */ @@ -112,8 +107,6 @@ typedef struct { int enable_ssh_keysign; int64_t rekey_limit; - int none_switch; /* Use none cipher */ - int none_enabled; /* Allow none to be used */ int no_host_authentication_for_localhost; int identities_only; int server_alive_interval; @@ -139,6 +132,16 @@ typedef struct { int use_roaming; + int hpn_disabled; /* Switch to disable HPN buffer management. */ + int hpn_buffer_size; /* User definable size for HPN buffer + * window. */ + int tcp_rcv_buf_poll; /* Option to poll recv buf every window + * transfer. */ + int tcp_rcv_buf; /* User switch to set tcp recv buffer. */ + + int none_enabled; /* Allow none to be used */ + int none_switch; /* Use none cipher */ + } Options; #define SSHCTL_MASTER_NO 0 Modified: user/brooks/openssh-hpn/scp.c ============================================================================== --- user/brooks/openssh-hpn/scp.c Fri Jun 17 16:23:50 2011 (r223191) +++ user/brooks/openssh-hpn/scp.c Fri Jun 17 17:43:35 2011 (r223192) @@ -727,7 +727,7 @@ source(int argc, char **argv) off_t i, statbytes; size_t amt; int fd = -1, haderr, indx; - char *last, *name, buf[16384], encname[MAXPATHLEN]; + char *last, *name, buf[2048], encname[MAXPATHLEN]; int len; for (indx = 0; indx < argc; ++indx) { @@ -909,7 +909,7 @@ sink(int argc, char **argv) mode_t mode, omode, mask; off_t size, statbytes; int setimes, targisdir, wrerrno = 0; - char ch, *cp, *np, *targ, *why, *vect[1], buf[16384]; + char ch, *cp, *np, *targ, *why, *vect[1], buf[2048]; struct timeval tv[2]; #define atime tv[0] Modified: user/brooks/openssh-hpn/servconf.c ============================================================================== --- user/brooks/openssh-hpn/servconf.c Fri Jun 17 16:23:50 2011 (r223191) +++ user/brooks/openssh-hpn/servconf.c Fri Jun 17 17:43:35 2011 (r223192) @@ -137,21 +137,17 @@ initialize_server_options(ServerOptions options->revoked_keys_file = NULL; options->trusted_user_ca_keys = NULL; options->authorized_principals_file = NULL; - options->none_enabled = -1; - options->tcp_rcv_buf_poll = -1; - options->hpn_disabled = -1; - options->hpn_buffer_size = -1; options->ip_qos_interactive = -1; options->ip_qos_bulk = -1; + options->hpn_disabled = -1; + options->hpn_buffer_size = -1; + options->tcp_rcv_buf_poll = -1; + options->none_enabled = -1; } void fill_default_server_options(ServerOptions *options) { - int sock; - int socksize; - int socksizelen = sizeof(int); - /* Portable-specific options */ if (options->use_pam == -1) options->use_pam = 0; @@ -289,38 +285,32 @@ fill_default_server_options(ServerOption options->ip_qos_interactive = IPTOS_LOWDELAY; if (options->ip_qos_bulk == -1) options->ip_qos_bulk = IPTOS_THROUGHPUT; - if (options->hpn_disabled == -1) options->hpn_disabled = 0; - if (options->hpn_buffer_size == -1) { - /* - * Option not explicitly set. Now we have to figure out - * what value to use. + /* + * HPN buffer size option not explicitly set. Try to figure + * out what value to use or resort to default. */ - if (options->hpn_disabled == 1) { - options->hpn_buffer_size = CHAN_SES_WINDOW_DEFAULT; - } else { - /* Get the current RCV size and set it to that. */ - sock = socket(AF_INET, SOCK_STREAM, 0); - getsockopt(sock, SOL_SOCKET, SO_RCVBUF, - &socksize, &socksizelen); - close(sock); - options->hpn_buffer_size = socksize; + options->hpn_buffer_size = CHAN_SES_WINDOW_DEFAULT; + if (!options->hpn_disabled) { + sock_get_rcvbuf(&options->hpn_buffer_size, 0); debug ("HPN Buffer Size: %d", options->hpn_buffer_size); - } + } } else { /* - * In the case that the user sets both values in - * a contradictory manner hpn_disabled overrrides - * hpn_buffer_size. + * In the case that the user sets both values in a + * contradictory manner hpn_disabled overrrides hpn_buffer_size. */ if (options->hpn_disabled <= 0) { + u_int maxlen; + + maxlen = buffer_get_max_len(); if (options->hpn_buffer_size == 0) options->hpn_buffer_size = 1; - /* limit the maximum buffer to 64MB */ - if (options->hpn_buffer_size > BUFFER_MAX_LEN/1024) - options->hpn_buffer_size = BUFFER_MAX_LEN; + /* Limit the maximum buffer to BUFFER_MAX_LEN. */ + if (options->hpn_buffer_size > maxlen / 1024) + options->hpn_buffer_size = maxlen; else options->hpn_buffer_size *= 1024; } else @@ -372,9 +362,9 @@ typedef enum { sUsePrivilegeSeparation, sAllowAgentForwarding, sZeroKnowledgePasswordAuthentication, sHostCertificate, sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile, - sNoneEnabled, - sTcpRcvBufPoll, sHPNDisabled, sHPNBufferSize, sKexAlgorithms, sIPQoS, + sHPNDisabled, sHPNBufferSize, sTcpRcvBufPoll, + sNoneEnabled, sDeprecated, sUnsupported } ServerOpCodes; @@ -497,12 +487,12 @@ static struct { { "revokedkeys", sRevokedKeys, SSHCFG_ALL }, { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL }, - { "noneenabled", sNoneEnabled, SSHCFG_ALL }, + { "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL }, + { "ipqos", sIPQoS, SSHCFG_ALL }, { "hpndisabled", sHPNDisabled, SSHCFG_ALL }, { "hpnbuffersize", sHPNBufferSize, SSHCFG_ALL }, { "tcprcvbufpoll", sTcpRcvBufPoll, SSHCFG_ALL }, - { "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL }, - { "ipqos", sIPQoS, SSHCFG_ALL }, + { "noneenabled", sNoneEnabled, SSHCFG_ALL }, { NULL, sBadOption, 0 } }; @@ -951,22 +941,6 @@ process_server_config_line(ServerOptions *intptr = value; break; - case sNoneEnabled: - intptr = &options->none_enabled; - goto parse_flag; - - case sTcpRcvBufPoll: - intptr = &options->tcp_rcv_buf_poll; - goto parse_flag; - - case sHPNDisabled: - intptr = &options->hpn_disabled; - goto parse_flag; - - case sHPNBufferSize: - intptr = &options->hpn_buffer_size; - goto parse_int; - case sIgnoreUserKnownHosts: intptr = &options->ignore_user_known_hosts; goto parse_flag; @@ -1465,6 +1439,22 @@ process_server_config_line(ServerOptions } break; + case sHPNDisabled: + intptr = &options->hpn_disabled; + goto parse_flag; + + case sHPNBufferSize: + intptr = &options->hpn_buffer_size; + goto parse_int; + + case sTcpRcvBufPoll: + intptr = &options->tcp_rcv_buf_poll; + goto parse_flag; + + case sNoneEnabled: + intptr = &options->none_enabled; + goto parse_flag; + case sDeprecated: logit("%s line %d: Deprecated option %s", filename, linenum, arg); Modified: user/brooks/openssh-hpn/servconf.h ============================================================================== --- user/brooks/openssh-hpn/servconf.h Fri Jun 17 16:23:50 2011 (r223191) +++ user/brooks/openssh-hpn/servconf.h Fri Jun 17 17:43:35 2011 (r223192) @@ -151,13 +151,6 @@ typedef struct { char *adm_forced_command; int use_pam; /* Enable auth via PAM */ - int none_enabled; /* enable NONE cipher switch */ - int tcp_rcv_buf_poll; /* - * Poll tcp rcv window in - * autotuning kernels - */ - int hpn_disabled; /* Disable hpn functionality */ - int hpn_buffer_size; /* Set the hpn buffer size */ int permit_tun; @@ -167,6 +160,13 @@ typedef struct { *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***