- markus@cvs.openbsd.org 2008/07/10 18:08:11

[clientloop.c monitor.c monitor_wrap.c packet.c packet.h sshd.c]
     sync v1 and v2 traffic accounting; add it to sshd, too;
     ok djm@, dtucker@

ChangeLog

@@ -12,6 +12,10 @@
    - markus@cvs.openbsd.org 2008/07/10 18:05:58
      [channels.c]
      missing bzero; from mickey; ok djm@
+   - markus@cvs.openbsd.org 2008/07/10 18:08:11
+     [clientloop.c monitor.c monitor_wrap.c packet.c packet.h sshd.c]
+     sync v1 and v2 traffic accounting; add it to sshd, too;
+     ok djm@, dtucker@
 
 20080709
  - (djm) [Makefile.in] Print "all tests passed" when all regress tests pass
@@ -4618,4 +4622,4 @@
    OpenServer 6 and add osr5bigcrypt support so when someone migrates
    passwords between UnixWare and OpenServer they will still work. OK dtucker@
 
-$Id: ChangeLog,v 1.5072 2008/07/11 07:35:37 djm Exp $
+$Id: ChangeLog,v 1.5073 2008/07/11 07:36:48 djm Exp $

clientloop.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: clientloop.c,v 1.199 2008/06/12 21:06:25 djm Exp $ */
+/* $OpenBSD: clientloop.c,v 1.200 2008/07/10 18:08:11 markus Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -152,7 +152,6 @@ static int stdin_eof;		/* EOF has been encountered on stderr. */
 static Buffer stdin_buffer;	/* Buffer for stdin data. */
 static Buffer stdout_buffer;	/* Buffer for stdout data. */
 static Buffer stderr_buffer;	/* Buffer for stderr data. */
-static u_long stdin_bytes, stdout_bytes, stderr_bytes;
 static u_int buffer_high;/* Soft max buffer size. */
 static int connection_in;	/* Connection to server (input). */
 static int connection_out;	/* Connection to server (output). */
@@ -437,7 +436,6 @@ client_make_packets_from_stdin_data(void)
 		packet_put_string(buffer_ptr(&stdin_buffer), len);
 		packet_send();
 		buffer_consume(&stdin_buffer, len);
-		stdin_bytes += len;
 		/* If we have a pending EOF, send it now. */
 		if (stdin_eof && buffer_len(&stdin_buffer) == 0) {
 			packet_start(SSH_CMSG_EOF);
@@ -1205,7 +1203,6 @@ client_process_output(fd_set *writeset)
 		}
 		/* Consume printed data from the buffer. */
 		buffer_consume(&stdout_buffer, len);
-		stdout_bytes += len;
 	}
 	/* Write buffered output to stderr. */
 	if (FD_ISSET(fileno(stderr), writeset)) {
@@ -1227,7 +1224,6 @@ client_process_output(fd_set *writeset)
 		}
 		/* Consume printed characters from the buffer. */
 		buffer_consume(&stderr_buffer, len);
-		stderr_bytes += len;
 	}
 }
 
@@ -1302,6 +1298,7 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
 	fd_set *readset = NULL, *writeset = NULL;
 	double start_time, total_time;
 	int max_fd = 0, max_fd2 = 0, len, rekeying = 0;
+	u_int64_t ibytes, obytes;
 	u_int nalloc = 0;
 	char buf[100];
 
@@ -1333,9 +1330,6 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
 		max_fd = MAX(max_fd, fileno(stdout));
 		max_fd = MAX(max_fd, fileno(stderr));
 	}
-	stdin_bytes = 0;
-	stdout_bytes = 0;
-	stderr_bytes = 0;
 	quit_pending = 0;
 	escape_char1 = escape_char_arg;
 
@@ -1521,7 +1515,6 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
 			break;
 		}
 		buffer_consume(&stdout_buffer, len);
-		stdout_bytes += len;
 	}
 
 	/* Output any buffered data for stderr. */
@@ -1533,7 +1526,6 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
 			break;
 		}
 		buffer_consume(&stderr_buffer, len);
-		stderr_bytes += len;
 	}
 
 	/* Clear and free any buffers. */
@@ -1544,13 +1536,13 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
 
 	/* Report bytes transferred, and transfer rates. */
 	total_time = get_current_time() - start_time;
-	debug("Transferred: stdin %lu, stdout %lu, stderr %lu bytes in %.1f "
+	packet_get_state(MODE_IN, NULL, NULL, NULL, &ibytes);
-	    "seconds", stdin_bytes, stdout_bytes, stderr_bytes, total_time);
+	packet_get_state(MODE_OUT, NULL, NULL, NULL, &obytes);
+	verbose("Transferred: sent %llu, received %llu bytes, in %.1f seconds",
+	    obytes, ibytes, total_time);
 	if (total_time > 0)
-		debug("Bytes per second: stdin %.1f, stdout %.1f, stderr %.1f",
+		verbose("Bytes per second: sent %.1f, received %.1f",
-		    stdin_bytes / total_time, stdout_bytes / total_time,
+		    obytes / total_time, ibytes / total_time);
-		    stderr_bytes / total_time);
-
 	/* Return the exit status of the program. */
 	debug("Exit status %d", exit_status);
 	return exit_status;

monitor.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.98 2008/07/04 03:47:02 dtucker Exp $ */
+/* $OpenBSD: monitor.c,v 1.99 2008/07/10 18:08:11 markus Exp $ */
 /*
  * Copyright 2002 Niels Provos <provos@citi.umich.edu>
  * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -1705,7 +1705,7 @@ mm_get_keystate(struct monitor *pmonitor)
 	u_char *blob, *p;
 	u_int bloblen, plen;
 	u_int32_t seqnr, packets;
-	u_int64_t blocks;
+	u_int64_t blocks, bytes;
 
 	debug3("%s: Waiting for new keys", __func__);
 
@@ -1738,11 +1738,13 @@ mm_get_keystate(struct monitor *pmonitor)
 	seqnr = buffer_get_int(&m);
 	blocks = buffer_get_int64(&m);
 	packets = buffer_get_int(&m);
-	packet_set_state(MODE_OUT, seqnr, blocks, packets);
+	bytes = buffer_get_int64(&m);
+	packet_set_state(MODE_OUT, seqnr, blocks, packets, bytes);
 	seqnr = buffer_get_int(&m);
 	blocks = buffer_get_int64(&m);
 	packets = buffer_get_int(&m);
-	packet_set_state(MODE_IN, seqnr, blocks, packets);
+	bytes = buffer_get_int64(&m);
+	packet_set_state(MODE_IN, seqnr, blocks, packets, bytes);
 
  skip:
 	/* Get the key context */

monitor_wrap.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor_wrap.c,v 1.62 2008/05/08 12:21:16 djm Exp $ */
+/* $OpenBSD: monitor_wrap.c,v 1.63 2008/07/10 18:08:11 markus Exp $ */
 /*
  * Copyright 2002 Niels Provos <provos@citi.umich.edu>
  * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -573,7 +573,7 @@ mm_send_keystate(struct monitor *monitor)
 	u_char *blob, *p;
 	u_int bloblen, plen;
 	u_int32_t seqnr, packets;
-	u_int64_t blocks;
+	u_int64_t blocks, bytes;
 
 	buffer_init(&m);
 
@@ -622,14 +622,16 @@ mm_send_keystate(struct monitor *monitor)
 	buffer_put_string(&m, blob, bloblen);
 	xfree(blob);
 
-	packet_get_state(MODE_OUT, &seqnr, &blocks, &packets);
+	packet_get_state(MODE_OUT, &seqnr, &blocks, &packets, &bytes);
 	buffer_put_int(&m, seqnr);
 	buffer_put_int64(&m, blocks);
 	buffer_put_int(&m, packets);
-	packet_get_state(MODE_IN, &seqnr, &blocks, &packets);
+	buffer_put_int64(&m, bytes);
+	packet_get_state(MODE_IN, &seqnr, &blocks, &packets, &bytes);
 	buffer_put_int(&m, seqnr);
 	buffer_put_int64(&m, blocks);
 	buffer_put_int(&m, packets);
+	buffer_put_int64(&m, bytes);
 
 	debug3("%s: New keys have been sent", __func__);
  skip:

packet.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.c,v 1.156 2008/07/04 23:08:25 djm Exp $ */
+/* $OpenBSD: packet.c,v 1.157 2008/07/10 18:08:11 markus Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -147,6 +147,7 @@ static struct packet_state {
 	u_int32_t seqnr;
 	u_int32_t packets;
 	u_int64_t blocks;
+	u_int64_t bytes;
 } p_read, p_send;
 
 static u_int64_t max_blocks_in, max_blocks_out;
@@ -191,6 +192,7 @@ packet_set_connection(int fd_in, int fd_out)
 		buffer_init(&outgoing_packet);
 		buffer_init(&incoming_packet);
 		TAILQ_INIT(&outgoing);
+		p_send.packets = p_read.packets = 0;
 	}
 }
 
@@ -311,18 +313,25 @@ packet_get_ssh1_cipher(void)
 }
 
 void
-packet_get_state(int mode, u_int32_t *seqnr, u_int64_t *blocks, u_int32_t *packets)
+packet_get_state(int mode, u_int32_t *seqnr, u_int64_t *blocks, u_int32_t *packets,
+    u_int64_t *bytes)
 {
 	struct packet_state *state;
 
 	state = (mode == MODE_IN) ? &p_read : &p_send;
-	*seqnr = state->seqnr;
+	if (seqnr)
-	*blocks = state->blocks;
+		*seqnr = state->seqnr;
-	*packets = state->packets;
+	if (blocks)
+		*blocks = state->blocks;
+	if (packets)
+		*packets = state->packets;
+	if (bytes)
+		*bytes = state->bytes;
 }
 
 void
-packet_set_state(int mode, u_int32_t seqnr, u_int64_t blocks, u_int32_t packets)
+packet_set_state(int mode, u_int32_t seqnr, u_int64_t blocks, u_int32_t packets,
+    u_int64_t bytes)
 {
 	struct packet_state *state;
 
@@ -330,6 +339,7 @@ packet_set_state(int mode, u_int32_t seqnr, u_int64_t blocks, u_int32_t packets)
 	state->seqnr = seqnr;
 	state->blocks = blocks;
 	state->packets = packets;
+	state->bytes = bytes;
 }
 
 /* returns 1 if connection is via ipv4 */
@@ -608,7 +618,8 @@ packet_send1(void)
 	fprintf(stderr, "encrypted: ");
 	buffer_dump(&output);
 #endif
-
+	p_send.packets++;
+	p_send.bytes += len + buffer_len(&outgoing_packet);
 	buffer_clear(&outgoing_packet);
 
 	/*
@@ -834,6 +845,7 @@ packet_send2_wrapped(void)
 		if (!(datafellows & SSH_BUG_NOREKEY))
 			fatal("XXX too many packets with same key");
 	p_send.blocks += (packet_length + 4) / block_size;
+	p_send.bytes += packet_length + 4;
 	buffer_clear(&outgoing_packet);
 
 	if (type == SSH2_MSG_NEWKEYS)
@@ -1096,6 +1108,8 @@ packet_read_poll1(void)
 		buffer_append(&incoming_packet, buffer_ptr(&compression_buffer),
 		    buffer_len(&compression_buffer));
 	}
+	p_read.packets++;
+	p_read.bytes += padded_len + 4;
 	type = buffer_get_char(&incoming_packet);
 	if (type < SSH_MSG_MIN || type > SSH_MSG_MAX)
 		packet_disconnect("Invalid ssh1 packet type: %d", type);
@@ -1184,6 +1198,7 @@ packet_read_poll2(u_int32_t *seqnr_p)
 		if (!(datafellows & SSH_BUG_NOREKEY))
 			fatal("XXX too many packets with same key");
 	p_read.blocks += (packet_length + 4) / block_size;
+	p_read.bytes += packet_length + 4;
 
 	/* get padlen */
 	cp = buffer_ptr(&incoming_packet);

packet.h

@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.h,v 1.48 2008/06/12 20:38:28 dtucker Exp $ */
+/* $OpenBSD: packet.h,v 1.49 2008/07/10 18:08:11 markus Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -68,8 +68,8 @@ int	 packet_get_keyiv_len(int);
 void	 packet_get_keyiv(int, u_char *, u_int);
 int	 packet_get_keycontext(int, u_char *);
 void	 packet_set_keycontext(int, u_char *);
-void	 packet_get_state(int, u_int32_t *, u_int64_t *, u_int32_t *);
+void	 packet_get_state(int, u_int32_t *, u_int64_t *, u_int32_t *, u_int64_t *);
-void	 packet_set_state(int, u_int32_t, u_int64_t, u_int32_t);
+void	 packet_set_state(int, u_int32_t, u_int64_t, u_int32_t, u_int64_t);
 int	 packet_get_ssh1_cipher(void);
 void	 packet_set_iv(int, u_char *);
 

sshd.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: sshd.c,v 1.363 2008/07/01 07:24:22 dtucker Exp $ */
+/* $OpenBSD: sshd.c,v 1.364 2008/07/10 18:08:11 markus Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -677,7 +677,7 @@ privsep_postauth(Authctxt *authctxt)
 	if (pmonitor->m_pid == -1)
 		fatal("fork of unprivileged child failed");
 	else if (pmonitor->m_pid != 0) {
-		debug2("User child is on pid %ld", (long)pmonitor->m_pid);
+		verbose("User child is on pid %ld", (long)pmonitor->m_pid);
 		close(pmonitor->m_recvfd);
 		buffer_clear(&loginmsg);
 		monitor_child_postauth(pmonitor);
@@ -1248,6 +1248,7 @@ main(int ac, char **av)
 	int remote_port;
 	char *line, *p, *cp;
 	int config_s[2] = { -1 , -1 };
+	u_int64_t ibytes, obytes;
 	mode_t new_umask;
 	Key *key;
 	Authctxt *authctxt;
@@ -1919,7 +1920,11 @@ main(int ac, char **av)
 	do_authenticated(authctxt);
 
 	/* The connection has been terminated. */
-	verbose("Closing connection to %.100s", remote_ip);
+	packet_get_state(MODE_IN, NULL, NULL, NULL, &ibytes);
+	packet_get_state(MODE_OUT, NULL, NULL, NULL, &obytes);
+	verbose("Transferred: sent %llu, received %llu bytes", obytes, ibytes);
+
+	verbose("Closing connection to %.500s port %d", remote_ip, remote_port);
 
 #ifdef USE_PAM
 	if (options.use_pam)