1 |
/* |
2 |
Copyright (c) 1998-2001, Robert O'Callahan |
3 |
All rights reserved. |
4 |
|
5 |
Redistribution and use in source and binary forms, with or without modification, |
6 |
are permitted provided that the following conditions are met: |
7 |
|
8 |
Redistributions of source code must retain the above copyright notice, this list of |
9 |
conditions and the following disclaimer. |
10 |
|
11 |
Redistributions in binary form must reproduce the above copyright notice, this list |
12 |
of conditions and the following disclaimer in the documentation and/or other materials |
13 |
provided with the distribution. |
14 |
|
15 |
The name of Robert O'Callahan may not be used to endorse or promote products derived from |
16 |
this software without specific prior written permission. |
17 |
|
18 |
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' AND |
19 |
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
20 |
OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL |
21 |
THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, |
22 |
EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
23 |
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
24 |
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, |
25 |
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS |
26 |
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
27 |
*/ |
28 |
|
29 |
/* |
30 |
This code is copyright (C) 1998-1999 Robert O'Callahan. |
31 |
See LICENSE.TXT for the license. |
32 |
*/ |
33 |
|
34 |
#ifndef __SSH_H |
35 |
#define __SSH_H |
36 |
|
37 |
#include "zlib.h" |
38 |
#include <openssl/evp.h> |
39 |
|
40 |
#include "buffer.h" |
41 |
|
42 |
#define DEBUG_PRINT_TO_FILE(base, msg, len) { \ |
43 |
static int count = 0; \ |
44 |
debug_print(count + base, msg, len); \ |
45 |
count++; \ |
46 |
} |
47 |
|
48 |
// from OpenSSH |
49 |
extern const EVP_CIPHER *evp_aes_128_ctr(void); |
50 |
|
51 |
// yutaka |
52 |
#define SSH2_USE |
53 |
|
54 |
|
55 |
/* Some of this code has been adapted from Ian Goldberg's Pilot SSH */ |
56 |
|
57 |
typedef enum { |
58 |
SSH_MSG_NONE, SSH_MSG_DISCONNECT, SSH_SMSG_PUBLIC_KEY, //2 |
59 |
SSH_CMSG_SESSION_KEY, SSH_CMSG_USER, SSH_CMSG_AUTH_RHOSTS, // 5 |
60 |
SSH_CMSG_AUTH_RSA, SSH_SMSG_AUTH_RSA_CHALLENGE, |
61 |
SSH_CMSG_AUTH_RSA_RESPONSE, SSH_CMSG_AUTH_PASSWORD, |
62 |
SSH_CMSG_REQUEST_PTY, // 10 |
63 |
SSH_CMSG_WINDOW_SIZE, SSH_CMSG_EXEC_SHELL, |
64 |
SSH_CMSG_EXEC_CMD, SSH_SMSG_SUCCESS, SSH_SMSG_FAILURE, |
65 |
SSH_CMSG_STDIN_DATA, SSH_SMSG_STDOUT_DATA, SSH_SMSG_STDERR_DATA, |
66 |
SSH_CMSG_EOF, SSH_SMSG_EXITSTATUS, |
67 |
SSH_MSG_CHANNEL_OPEN_CONFIRMATION, SSH_MSG_CHANNEL_OPEN_FAILURE, |
68 |
SSH_MSG_CHANNEL_DATA, SSH_MSG_CHANNEL_INPUT_EOF, |
69 |
SSH_MSG_CHANNEL_OUTPUT_CLOSED, SSH_MSG_OBSOLETED0, |
70 |
SSH_SMSG_X11_OPEN, SSH_CMSG_PORT_FORWARD_REQUEST, SSH_MSG_PORT_OPEN, |
71 |
SSH_CMSG_AGENT_REQUEST_FORWARDING, SSH_SMSG_AGENT_OPEN, |
72 |
SSH_MSG_IGNORE, SSH_CMSG_EXIT_CONFIRMATION, |
73 |
SSH_CMSG_X11_REQUEST_FORWARDING, SSH_CMSG_AUTH_RHOSTS_RSA, |
74 |
SSH_MSG_DEBUG, SSH_CMSG_REQUEST_COMPRESSION, |
75 |
SSH_CMSG_MAX_PACKET_SIZE, SSH_CMSG_AUTH_TIS, |
76 |
SSH_SMSG_AUTH_TIS_CHALLENGE, SSH_CMSG_AUTH_TIS_RESPONSE, |
77 |
SSH_CMSG_AUTH_KERBEROS, SSH_SMSG_AUTH_KERBEROS_RESPONSE |
78 |
} SSHMessage; |
79 |
|
80 |
typedef enum { |
81 |
SSH_CIPHER_NONE, SSH_CIPHER_IDEA, SSH_CIPHER_DES, SSH_CIPHER_3DES, |
82 |
SSH_CIPHER_TSS, SSH_CIPHER_RC4, SSH_CIPHER_BLOWFISH, |
83 |
// for SSH2 |
84 |
SSH2_CIPHER_3DES_CBC, SSH2_CIPHER_AES128_CBC, |
85 |
SSH2_CIPHER_AES192_CBC, SSH2_CIPHER_AES256_CBC, |
86 |
SSH2_CIPHER_BLOWFISH_CBC, SSH2_CIPHER_AES128_CTR, |
87 |
SSH2_CIPHER_AES192_CTR, SSH2_CIPHER_AES256_CTR, |
88 |
SSH2_CIPHER_ARCFOUR, SSH2_CIPHER_ARCFOUR128, SSH2_CIPHER_ARCFOUR256, |
89 |
SSH2_CIPHER_CAST128_CBC, |
90 |
} SSHCipher; |
91 |
|
92 |
#define SSH_CIPHER_MAX SSH2_CIPHER_CAST128_CBC |
93 |
|
94 |
typedef enum { |
95 |
SSH_AUTH_NONE, SSH_AUTH_RHOSTS, SSH_AUTH_RSA, SSH_AUTH_PASSWORD, |
96 |
SSH_AUTH_RHOSTS_RSA, SSH_AUTH_TIS, SSH_AUTH_KERBEROS, |
97 |
SSH_AUTH_PAGEANT = 16, |
98 |
} SSHAuthMethod; |
99 |
|
100 |
#define SSH_AUTH_MAX SSH_AUTH_PAGEANT |
101 |
|
102 |
typedef enum { |
103 |
SSH_GENERIC_AUTHENTICATION, SSH_TIS_AUTHENTICATION |
104 |
} SSHAuthMode; |
105 |
|
106 |
#define SSH_PROTOFLAG_SCREEN_NUMBER 1 |
107 |
#define SSH_PROTOFLAG_HOST_IN_FWD_OPEN 2 |
108 |
|
109 |
enum channel_type { |
110 |
TYPE_SHELL, TYPE_PORTFWD, TYPE_SCP, TYPE_SFTP, TYPE_AGENT, |
111 |
}; |
112 |
|
113 |
// for SSH1 |
114 |
#define SSH_MAX_SEND_PACKET_SIZE 250000 |
115 |
|
116 |
// for SSH2 |
117 |
/* default window/packet sizes for tcp/x11-fwd-channel */ |
118 |
// changed CHAN_SES_WINDOW_DEFAULT from 32KB to 128KB. (2007.10.29 maya) |
119 |
#define CHAN_SES_PACKET_DEFAULT (32*1024) |
120 |
#define CHAN_SES_WINDOW_DEFAULT (4*CHAN_SES_PACKET_DEFAULT) |
121 |
#define CHAN_TCP_PACKET_DEFAULT (32*1024) |
122 |
#define CHAN_TCP_WINDOW_DEFAULT (4*CHAN_TCP_PACKET_DEFAULT) |
123 |
#if 0 // unused |
124 |
#define CHAN_X11_PACKET_DEFAULT (16*1024) |
125 |
#define CHAN_X11_WINDOW_DEFAULT (4*CHAN_X11_PACKET_DEFAULT) |
126 |
#endif |
127 |
|
128 |
|
129 |
/* SSH2 constants */ |
130 |
|
131 |
/* SSH2 messages */ |
132 |
#define SSH2_MSG_DISCONNECT 1 |
133 |
#define SSH2_MSG_IGNORE 2 |
134 |
#define SSH2_MSG_UNIMPLEMENTED 3 |
135 |
#define SSH2_MSG_DEBUG 4 |
136 |
#define SSH2_MSG_SERVICE_REQUEST 5 |
137 |
#define SSH2_MSG_SERVICE_ACCEPT 6 |
138 |
|
139 |
#define SSH2_MSG_KEXINIT 20 |
140 |
#define SSH2_MSG_NEWKEYS 21 |
141 |
|
142 |
#define SSH2_MSG_KEXDH_INIT 30 |
143 |
#define SSH2_MSG_KEXDH_REPLY 31 |
144 |
|
145 |
#define SSH2_MSG_KEX_DH_GEX_GROUP 31 |
146 |
#define SSH2_MSG_KEX_DH_GEX_INIT 32 |
147 |
#define SSH2_MSG_KEX_DH_GEX_REPLY 33 |
148 |
#define SSH2_MSG_KEX_DH_GEX_REQUEST 34 |
149 |
|
150 |
#define SSH2_MSG_USERAUTH_REQUEST 50 |
151 |
#define SSH2_MSG_USERAUTH_FAILURE 51 |
152 |
#define SSH2_MSG_USERAUTH_SUCCESS 52 |
153 |
#define SSH2_MSG_USERAUTH_BANNER 53 |
154 |
|
155 |
#define SSH2_MSG_USERAUTH_PK_OK 60 |
156 |
#define SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ 60 |
157 |
#define SSH2_MSG_USERAUTH_INFO_REQUEST 60 |
158 |
#define SSH2_MSG_USERAUTH_INFO_RESPONSE 61 |
159 |
|
160 |
#define SSH2_MSG_GLOBAL_REQUEST 80 |
161 |
#define SSH2_MSG_REQUEST_SUCCESS 81 |
162 |
#define SSH2_MSG_REQUEST_FAILURE 82 |
163 |
#define SSH2_MSG_CHANNEL_OPEN 90 |
164 |
#define SSH2_MSG_CHANNEL_OPEN_CONFIRMATION 91 |
165 |
#define SSH2_MSG_CHANNEL_OPEN_FAILURE 92 |
166 |
#define SSH2_MSG_CHANNEL_WINDOW_ADJUST 93 |
167 |
#define SSH2_MSG_CHANNEL_DATA 94 |
168 |
#define SSH2_MSG_CHANNEL_EXTENDED_DATA 95 |
169 |
#define SSH2_MSG_CHANNEL_EOF 96 |
170 |
#define SSH2_MSG_CHANNEL_CLOSE 97 |
171 |
#define SSH2_MSG_CHANNEL_REQUEST 98 |
172 |
#define SSH2_MSG_CHANNEL_SUCCESS 99 |
173 |
#define SSH2_MSG_CHANNEL_FAILURE 100 |
174 |
|
175 |
/* SSH2 miscellaneous constants */ |
176 |
#define SSH2_DISCONNECT_HOST_NOT_ALLOWED_TO_CONNECT 1 |
177 |
#define SSH2_DISCONNECT_PROTOCOL_ERROR 2 |
178 |
#define SSH2_DISCONNECT_KEY_EXCHANGE_FAILED 3 |
179 |
#define SSH2_DISCONNECT_HOST_AUTHENTICATION_FAILED 4 |
180 |
#define SSH2_DISCONNECT_MAC_ERROR 5 |
181 |
#define SSH2_DISCONNECT_COMPRESSION_ERROR 6 |
182 |
#define SSH2_DISCONNECT_SERVICE_NOT_AVAILABLE 7 |
183 |
#define SSH2_DISCONNECT_PROTOCOL_VERSION_NOT_SUPPORTED 8 |
184 |
#define SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE 9 |
185 |
#define SSH2_DISCONNECT_CONNECTION_LOST 10 |
186 |
#define SSH2_DISCONNECT_BY_APPLICATION 11 |
187 |
|
188 |
#define SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED 1 |
189 |
#define SSH2_OPEN_CONNECT_FAILED 2 |
190 |
#define SSH2_OPEN_UNKNOWN_CHANNEL_TYPE 3 |
191 |
#define SSH2_OPEN_RESOURCE_SHORTAGE 4 |
192 |
|
193 |
// �L�[�����A���S���Y�� |
194 |
#define KEX_DH1 "diffie-hellman-group1-sha1" |
195 |
#define KEX_DH14 "diffie-hellman-group14-sha1" |
196 |
#define KEX_DHGEX "diffie-hellman-group-exchange-sha1" |
197 |
|
198 |
// support of "Compression delayed" (2006.6.23 maya) |
199 |
enum compression_algorithm { |
200 |
COMP_NONE, |
201 |
COMP_ZLIB, |
202 |
COMP_DELAYED, |
203 |
COMP_UNKNOWN |
204 |
}; |
205 |
|
206 |
enum kex_exchange { |
207 |
KEX_DH_GRP1_SHA1, |
208 |
KEX_DH_GRP14_SHA1, |
209 |
KEX_DH_GEX_SHA1, |
210 |
KEX_MAX |
211 |
}; |
212 |
|
213 |
enum hostkey_type { |
214 |
KEY_RSA1, |
215 |
KEY_RSA, |
216 |
KEY_DSA, |
217 |
KEY_UNSPEC, |
218 |
}; |
219 |
|
220 |
// ���L���C���f�b�N�X�� ssh2_macs[] ���������������B |
221 |
enum hmac_type { |
222 |
HMAC_SHA1, |
223 |
HMAC_MD5, |
224 |
HMAC_UNKNOWN |
225 |
}; |
226 |
|
227 |
#define KEX_DEFAULT_KEX "diffie-hellman-group-exchange-sha1," \ |
228 |
"diffie-hellman-group14-sha1," \ |
229 |
"diffie-hellman-group1-sha1" |
230 |
#define KEX_DEFAULT_PK_ALG "ssh-rsa,ssh-dss" |
231 |
// use the setting of pvar.CipherOrder. |
232 |
#define KEX_DEFAULT_ENCRYPT "" |
233 |
#define KEX_DEFAULT_MAC "hmac-sha1,hmac-md5" |
234 |
// support of "Compression delayed" (2006.6.23 maya) |
235 |
#define KEX_DEFAULT_COMP "none,zlib@openssh.com,zlib" |
236 |
#define KEX_DEFAULT_LANG "" |
237 |
|
238 |
/* Minimum modulus size (n) for RSA keys. */ |
239 |
#define SSH_RSA_MINIMUM_MODULUS_SIZE 768 |
240 |
|
241 |
#define SSH_KEYGEN_DEFAULT_BITS 2048 |
242 |
#define SSH_RSA_MINIMUM_KEY_SIZE 768 |
243 |
#define SSH_DSA_MINIMUM_KEY_SIZE 1024 |
244 |
|
245 |
enum kex_init_proposals { |
246 |
PROPOSAL_KEX_ALGS, |
247 |
PROPOSAL_SERVER_HOST_KEY_ALGS, |
248 |
PROPOSAL_ENC_ALGS_CTOS, |
249 |
PROPOSAL_ENC_ALGS_STOC, |
250 |
PROPOSAL_MAC_ALGS_CTOS, |
251 |
PROPOSAL_MAC_ALGS_STOC, |
252 |
PROPOSAL_COMP_ALGS_CTOS, |
253 |
PROPOSAL_COMP_ALGS_STOC, |
254 |
PROPOSAL_LANG_CTOS, |
255 |
PROPOSAL_LANG_STOC, |
256 |
PROPOSAL_MAX |
257 |
}; |
258 |
|
259 |
|
260 |
// �N���C�A���g�����T�[�o������������ |
261 |
#ifdef SSH2_DEBUG |
262 |
static char *myproposal[PROPOSAL_MAX] = { |
263 |
// KEX_DEFAULT_KEX, |
264 |
"diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1", |
265 |
KEX_DEFAULT_PK_ALG, |
266 |
// "ssh-dss,ssh-rsa", |
267 |
KEX_DEFAULT_ENCRYPT, |
268 |
KEX_DEFAULT_ENCRYPT, |
269 |
"hmac-md5,hmac-sha1", |
270 |
"hmac-md5,hmac-sha1", |
271 |
// "hmac-sha1", |
272 |
// "hmac-sha1", |
273 |
// KEX_DEFAULT_MAC, |
274 |
// KEX_DEFAULT_MAC, |
275 |
KEX_DEFAULT_COMP, |
276 |
KEX_DEFAULT_COMP, |
277 |
KEX_DEFAULT_LANG, |
278 |
KEX_DEFAULT_LANG, |
279 |
}; |
280 |
#else |
281 |
static char *myproposal[PROPOSAL_MAX] = { |
282 |
KEX_DEFAULT_KEX, |
283 |
KEX_DEFAULT_PK_ALG, |
284 |
KEX_DEFAULT_ENCRYPT, |
285 |
KEX_DEFAULT_ENCRYPT, |
286 |
KEX_DEFAULT_MAC, |
287 |
KEX_DEFAULT_MAC, |
288 |
KEX_DEFAULT_COMP, |
289 |
KEX_DEFAULT_COMP, |
290 |
KEX_DEFAULT_LANG, |
291 |
KEX_DEFAULT_LANG, |
292 |
}; |
293 |
#endif |
294 |
|
295 |
|
296 |
typedef struct ssh2_cipher { |
297 |
SSHCipher cipher; |
298 |
char *name; |
299 |
int block_size; |
300 |
int key_len; |
301 |
int discard_len; |
302 |
const EVP_CIPHER *(*func)(void); |
303 |
} ssh2_cipher_t; |
304 |
|
305 |
static ssh2_cipher_t ssh2_ciphers[] = { |
306 |
{SSH2_CIPHER_3DES_CBC, "3des-cbc", 8, 24, 0, EVP_des_ede3_cbc}, |
307 |
{SSH2_CIPHER_AES128_CBC, "aes128-cbc", 16, 16, 0, EVP_aes_128_cbc}, |
308 |
{SSH2_CIPHER_AES192_CBC, "aes192-cbc", 16, 24, 0, EVP_aes_192_cbc}, |
309 |
{SSH2_CIPHER_AES256_CBC, "aes256-cbc", 16, 32, 0, EVP_aes_256_cbc}, |
310 |
{SSH2_CIPHER_BLOWFISH_CBC, "blowfish-cbc", 8, 16, 0, EVP_bf_cbc}, |
311 |
{SSH2_CIPHER_AES128_CTR, "aes128-ctr", 16, 16, 0, evp_aes_128_ctr}, |
312 |
{SSH2_CIPHER_AES192_CTR, "aes192-ctr", 16, 24, 0, evp_aes_128_ctr}, |
313 |
{SSH2_CIPHER_AES256_CTR, "aes256-ctr", 16, 32, 0, evp_aes_128_ctr}, |
314 |
{SSH2_CIPHER_ARCFOUR, "arcfour", 8, 16, 0, EVP_rc4}, |
315 |
{SSH2_CIPHER_ARCFOUR128, "arcfour128", 8, 16, 1536, EVP_rc4}, |
316 |
{SSH2_CIPHER_ARCFOUR256, "arcfour256", 8, 32, 1536, EVP_rc4}, |
317 |
{SSH2_CIPHER_CAST128_CBC, "cast128-cbc", 8, 16, 0, EVP_cast5_cbc}, |
318 |
{SSH_CIPHER_NONE, NULL, 0, 0, 0, NULL}, |
319 |
}; |
320 |
|
321 |
|
322 |
typedef struct ssh2_mac { |
323 |
char *name; |
324 |
const EVP_MD *(*func)(void); |
325 |
int truncatebits; |
326 |
} ssh2_mac_t; |
327 |
|
328 |
static ssh2_mac_t ssh2_macs[] = { |
329 |
{"hmac-sha1", EVP_sha1, 0}, |
330 |
{"hmac-md5", EVP_md5, 0}, |
331 |
{NULL, NULL, 0}, |
332 |
}; |
333 |
|
334 |
static char *ssh_comp[] = { |
335 |
"none", |
336 |
"zlib", |
337 |
"zlib@openssh.com", |
338 |
}; |
339 |
|
340 |
|
341 |
struct Enc { |
342 |
u_char *key; |
343 |
u_char *iv; |
344 |
unsigned int key_len; |
345 |
unsigned int block_size; |
346 |
}; |
347 |
|
348 |
struct Mac { |
349 |
char *name; |
350 |
int enabled; |
351 |
const EVP_MD *md; |
352 |
int mac_len; |
353 |
u_char *key; |
354 |
int key_len; |
355 |
}; |
356 |
|
357 |
struct Comp { |
358 |
int type; |
359 |
int enabled; |
360 |
char *name; |
361 |
}; |
362 |
|
363 |
typedef struct { |
364 |
struct Enc enc; |
365 |
struct Mac mac; |
366 |
struct Comp comp; |
367 |
} Newkeys; |
368 |
|
369 |
#define roundup(x, y) ((((x)+((y)-1))/(y))*(y)) |
370 |
|
371 |
enum kex_modes { |
372 |
MODE_IN, |
373 |
MODE_OUT, |
374 |
MODE_MAX |
375 |
}; |
376 |
|
377 |
|
378 |
// �z�X�g�L�[(SSH1, SSH2����)���f�[�^�\�� (2006.3.21 yutaka) |
379 |
typedef struct Key { |
380 |
// host key type |
381 |
enum hostkey_type type; |
382 |
// SSH2 RSA |
383 |
RSA *rsa; |
384 |
// SSH2 DSA |
385 |
DSA *dsa; |
386 |
// SSH1 RSA |
387 |
int bits; |
388 |
unsigned char *exp; |
389 |
unsigned char *mod; |
390 |
} Key; |
391 |
|
392 |
// fingerprint������ |
393 |
enum fp_rep { |
394 |
SSH_FP_HEX, |
395 |
SSH_FP_BUBBLEBABBLE, |
396 |
SSH_FP_RANDOMART |
397 |
}; |
398 |
|
399 |
enum scp_dir { |
400 |
TOLOCAL, FROMREMOTE, |
401 |
}; |
402 |
|
403 |
/* The packet handler returns TRUE to keep the handler in place, |
404 |
FALSE to remove the handler. */ |
405 |
typedef BOOL (* SSHPacketHandler)(PTInstVar pvar); |
406 |
|
407 |
typedef struct _SSHPacketHandlerItem SSHPacketHandlerItem; |
408 |
struct _SSHPacketHandlerItem { |
409 |
SSHPacketHandler handler; |
410 |
/* Circular list of handlers for given message */ |
411 |
SSHPacketHandlerItem FAR * next_for_message; |
412 |
SSHPacketHandlerItem FAR * last_for_message; |
413 |
/* Circular list of handlers in set */ |
414 |
SSHPacketHandlerItem FAR * next_in_set; |
415 |
int active_for_message; |
416 |
}; |
417 |
|
418 |
typedef struct { |
419 |
char FAR * hostname; |
420 |
|
421 |
int server_protocol_flags; |
422 |
char FAR * server_ID; |
423 |
|
424 |
/* This buffer is used to hold the outgoing data, and encrypted in-place |
425 |
here if necessary. */ |
426 |
unsigned char FAR * outbuf; |
427 |
long outbuflen; |
428 |
/* This buffer is used by the SSH protocol processing to store uncompressed |
429 |
packet data for compression. User data is never streamed through here; |
430 |
it is compressed directly from the user's buffer. */ |
431 |
unsigned char FAR * precompress_outbuf; |
432 |
long precompress_outbuflen; |
433 |
/* this is the length of the packet data, including the type header */ |
434 |
long outgoing_packet_len; |
435 |
|
436 |
/* This buffer is used by the SSH protocol processing to store decompressed |
437 |
packet data. User data is never streamed through here; it is decompressed |
438 |
directly to the user's buffer. */ |
439 |
unsigned char FAR * postdecompress_inbuf; |
440 |
long postdecompress_inbuflen; |
441 |
|
442 |
unsigned char FAR * payload; |
443 |
long payload_grabbed; |
444 |
long payloadlen; |
445 |
long payload_datastart; |
446 |
long payload_datalen; |
447 |
|
448 |
uint32 receiver_sequence_number; |
449 |
uint32 sender_sequence_number; |
450 |
|
451 |
z_stream compress_stream; |
452 |
z_stream decompress_stream; |
453 |
BOOL compressing; |
454 |
BOOL decompressing; |
455 |
int compression_level; |
456 |
|
457 |
SSHPacketHandlerItem FAR * packet_handlers[256]; |
458 |
int status_flags; |
459 |
|
460 |
int win_cols; |
461 |
int win_rows; |
462 |
|
463 |
unsigned short tcpport; |
464 |
} SSHState; |
465 |
|
466 |
#define STATUS_DONT_SEND_USER_NAME 0x01 |
467 |
#define STATUS_EXPECTING_COMPRESSION_RESPONSE 0x02 |
468 |
#define STATUS_DONT_SEND_CREDENTIALS 0x04 |
469 |
#define STATUS_HOST_OK 0x08 |
470 |
#define STATUS_INTERACTIVE 0x10 |
471 |
#define STATUS_IN_PARTIAL_ID_STRING 0x20 |
472 |
|
473 |
void SSH_init(PTInstVar pvar); |
474 |
void SSH_open(PTInstVar pvar); |
475 |
void SSH_notify_disconnecting(PTInstVar pvar, char FAR * reason); |
476 |
/* SSH_handle_server_ID returns TRUE iff a valid ID string has been |
477 |
received. If it returns FALSE, we need to keep looking for another |
478 |
ID string. */ |
479 |
BOOL SSH_handle_server_ID(PTInstVar pvar, char FAR * ID, int ID_len); |
480 |
/* SSH_handle_packet requires NO PAYLOAD on entry. |
481 |
'len' is the size of the packet: payload + padding (+ CRC for SSHv1) |
482 |
'padding' is the size of the padding. |
483 |
'data' points to the start of the packet data (the length field) |
484 |
*/ |
485 |
void SSH_handle_packet(PTInstVar pvar, char FAR * data, int len, int padding); |
486 |
void SSH_notify_win_size(PTInstVar pvar, int cols, int rows); |
487 |
void SSH_notify_user_name(PTInstVar pvar); |
488 |
void SSH_notify_cred(PTInstVar pvar); |
489 |
void SSH_notify_host_OK(PTInstVar pvar); |
490 |
void SSH_send(PTInstVar pvar, unsigned char const FAR * buf, unsigned int buflen); |
491 |
/* SSH_extract_payload returns number of bytes extracted */ |
492 |
int SSH_extract_payload(PTInstVar pvar, unsigned char FAR * dest, int len); |
493 |
void SSH_end(PTInstVar pvar); |
494 |
|
495 |
void SSH_get_server_ID_info(PTInstVar pvar, char FAR * dest, int len); |
496 |
void SSH_get_protocol_version_info(PTInstVar pvar, char FAR * dest, int len); |
497 |
void SSH_get_compression_info(PTInstVar pvar, char FAR * dest, int len); |
498 |
|
499 |
/* len must be <= SSH_MAX_SEND_PACKET_SIZE */ |
500 |
void SSH_channel_send(PTInstVar pvar, int channel_num, |
501 |
uint32 remote_channel_num, |
502 |
unsigned char FAR * buf, int len); |
503 |
void SSH_fail_channel_open(PTInstVar pvar, uint32 remote_channel_num); |
504 |
void SSH_confirm_channel_open(PTInstVar pvar, uint32 remote_channel_num, uint32 local_channel_num); |
505 |
void SSH_channel_output_eof(PTInstVar pvar, uint32 remote_channel_num); |
506 |
void SSH_channel_input_eof(PTInstVar pvar, uint32 remote_channel_num, uint32 local_channel_num); |
507 |
void SSH_request_forwarding(PTInstVar pvar, int from_server_port, |
508 |
char FAR * to_local_host, int to_local_port); |
509 |
void SSH_request_X11_forwarding(PTInstVar pvar, |
510 |
char FAR * auth_protocol, unsigned char FAR * auth_data, int auth_data_len, int screen_num); |
511 |
void SSH_open_channel(PTInstVar pvar, uint32 local_channel_num, |
512 |
char FAR * to_remote_host, int to_remote_port, |
513 |
char FAR * originator, unsigned short originator_port); |
514 |
|
515 |
int SSH_start_scp(PTInstVar pvar, char *sendfile, char *dstfile); |
516 |
int SSH_start_scp_receive(PTInstVar pvar, char *filename); |
517 |
int SSH_scp_transaction(PTInstVar pvar, char *sendfile, char *dstfile, enum scp_dir direction); |
518 |
int SSH_sftp_transaction(PTInstVar pvar); |
519 |
|
520 |
/* auxiliary SSH2 interfaces for pkt.c */ |
521 |
int SSH_get_min_packet_size(PTInstVar pvar); |
522 |
/* data is guaranteed to be at least SSH_get_min_packet_size bytes long |
523 |
at least 5 bytes must be decrypted */ |
524 |
void SSH_predecrpyt_packet(PTInstVar pvar, char FAR * data); |
525 |
int SSH_get_clear_MAC_size(PTInstVar pvar); |
526 |
|
527 |
#define SSH_is_any_payload(pvar) ((pvar)->ssh_state.payload_datalen > 0) |
528 |
#define SSH_get_host_name(pvar) ((pvar)->ssh_state.hostname) |
529 |
#define SSH_get_compression_level(pvar) ((pvar)->ssh_state.compressing ? (pvar)->ts_SSH_CompressionLevel : 0) |
530 |
|
531 |
void SSH2_send_kexinit(PTInstVar pvar); |
532 |
BOOL do_SSH2_userauth(PTInstVar pvar); |
533 |
BOOL do_SSH2_authrequest(PTInstVar pvar); |
534 |
void debug_print(int no, char *msg, int len); |
535 |
int get_cipher_block_size(SSHCipher cipher); |
536 |
int get_cipher_key_len(SSHCipher cipher); |
537 |
const EVP_CIPHER* get_cipher_EVP_CIPHER(SSHCipher cipher); |
538 |
int get_cipher_discard_len(SSHCipher cipher); |
539 |
void ssh_heartbeat_lock_initialize(void); |
540 |
void ssh_heartbeat_lock_finalize(void); |
541 |
void ssh_heartbeat_lock(void); |
542 |
void ssh_heartbeat_unlock(void); |
543 |
void halt_ssh_heartbeat_thread(PTInstVar pvar); |
544 |
void ssh2_channel_free(void); |
545 |
BOOL handle_SSH2_userauth_inforeq(PTInstVar pvar); |
546 |
void SSH2_update_compression_myproposal(PTInstVar pvar); |
547 |
void SSH2_update_cipher_myproposal(PTInstVar pvar); |
548 |
|
549 |
enum hostkey_type get_keytype_from_name(char *name); |
550 |
char *get_sshname_from_key(Key *key); |
551 |
int key_to_blob(Key *key, char **blobp, int *lenp); |
552 |
Key *key_from_blob(char *data, int blen); |
553 |
void key_free(Key *key); |
554 |
RSA *duplicate_RSA(RSA *src); |
555 |
DSA *duplicate_DSA(DSA *src); |
556 |
char *key_fingerprint(Key *key, enum fp_rep dgst_rep); |
557 |
|
558 |
#endif |