int frozen; /* this causes readability notifications to be ignored */
int frozen_readable; /* this means we missed at least one readability
* notification while we were frozen */
+ int localhost_only; /* for listening sockets */
char oobdata[1];
int sending_oob;
int oobinline;
+ int pending_error; /* in case send() returns error */
};
/*
ret->sending_oob = 0;
ret->frozen = 1;
ret->frozen_readable = 0;
+ ret->localhost_only = 0; /* unused, but best init anyway */
+ ret->pending_error = 0;
ret->s = (SOCKET)sock;
ret->sending_oob = 0;
ret->frozen = 0;
ret->frozen_readable = 0;
+ ret->localhost_only = 0; /* unused, but best init anyway */
+ ret->pending_error = 0;
/*
* Open socket.
ret->sending_oob = 0;
ret->frozen = 0;
ret->frozen_readable = 0;
+ ret->localhost_only = local_host_only;
+ ret->pending_error = 0;
/*
* Open socket.
urgentflag = 0;
bufchain_prefix(&s->output_data, &data, &len);
}
-
nsent = send(s->s, data, len, urgentflag);
noise_ultralight(nsent);
if (nsent <= 0) {
} else if (nsent == 0 ||
err == WSAECONNABORTED || err == WSAECONNRESET) {
/*
- * FIXME. This will have to be done better when we
- * start managing multiple sockets (e.g. SSH port
- * forwarding), because if we get CONNRESET while
- * trying to write a particular forwarded socket
- * then it isn't necessarily the end of the world.
- * Ideally I'd like to pass the error code back to
- * somewhere the next select_result() will see it,
- * but that might be hard. Perhaps I should pass it
- * back to be queued in the Windows front end bit.
+ * If send() returns CONNABORTED or CONNRESET, we
+ * unfortunately can't just call plug_closing(),
+ * because it's quite likely that we're currently
+ * _in_ a call from the code we'd be calling back
+ * to, so we'd have to make half the SSH code
+ * reentrant. Instead we flag a pending error on
+ * the socket, to be dealt with (by calling
+ * plug_closing()) at some suitable future moment.
*/
- fatalbox(winsock_error_string(err));
+ s->pending_error = err;
+ return;
} else {
fatalbox(winsock_error_string(err));
}
return open;
case FD_ACCEPT:
{
- struct sockaddr isa;
- int addrlen = sizeof(struct sockaddr);
+ struct sockaddr_in isa;
+ int addrlen = sizeof(struct sockaddr_in);
SOCKET t; /* socket of connection */
- memset(&isa, 0, sizeof(struct sockaddr));
+ memset(&isa, 0, sizeof(struct sockaddr_in));
err = 0;
t = accept(s->s,&isa,&addrlen);
if (t == INVALID_SOCKET)
break;
}
- if (plug_accepting(s->plug, (void*)t)) {
+ if (s->localhost_only &&
+ ntohl(isa.sin_addr.s_addr) != INADDR_LOOPBACK) {
+ closesocket(t); /* dodgy WinSock let nonlocal through */
+ } else if (plug_accepting(s->plug, (void*)t)) {
closesocket(t); /* denied or error */
}
}
}
/*
+ * Deal with socket errors detected in try_send().
+ */
+void net_pending_errors(void)
+{
+ int i;
+ Actual_Socket s;
+
+ /*
+ * This might be a fiddly business, because it's just possible
+ * that handling a pending error on one socket might cause
+ * others to be closed. (I can't think of any reason this might
+ * happen in current SSH implementation, but to maintain
+ * generality of this network layer I'll assume the worst.)
+ *
+ * So what we'll do is search the socket list for _one_ socket
+ * with a pending error, and then handle it, and then search
+ * the list again _from the beginning_. Repeat until we make a
+ * pass with no socket errors present. That way we are
+ * protected against the socket list changing under our feet.
+ */
+
+ do {
+ for (i = 0; (s = index234(sktree, i)) != NULL; i++) {
+ if (s->pending_error) {
+ /*
+ * An error has occurred on this socket. Pass it to the
+ * plug.
+ */
+ plug_closing(s->plug,
+ winsock_error_string(s->pending_error),
+ s->pending_error, 0);
+ break;
+ }
+ }
+ } while (s);
+}
+
+/*
* Each socket abstraction contains a `void *' private field in
* which the client can keep state.
*/