diff options
-rw-r--r-- | ChangeLog | 8 | ||||
-rw-r--r-- | Makefile.in | 2 | ||||
-rw-r--r-- | channels.c | 460 | ||||
-rw-r--r-- | channels.h | 15 | ||||
-rw-r--r-- | compat.c | 33 | ||||
-rw-r--r-- | compat.h | 6 | ||||
-rw-r--r-- | dsa.c | 309 | ||||
-rw-r--r-- | dsa.h | 20 | ||||
-rw-r--r-- | hmac.c | 64 | ||||
-rw-r--r-- | hmac.h | 11 | ||||
-rw-r--r-- | kex.c | 407 | ||||
-rw-r--r-- | kex.h | 111 | ||||
-rw-r--r-- | nchan.c | 379 | ||||
-rw-r--r-- | nchan.h | 30 | ||||
-rw-r--r-- | nchan2.ms | 64 | ||||
-rw-r--r-- | packet.c | 514 | ||||
-rw-r--r-- | packet.h | 10 |
17 files changed, 2277 insertions, 166 deletions
@@ -1,5 +1,13 @@ 20000404 - Add tests for RAND_add function when searching for OpenSSL + - OpenBSD CVS update: + - [packet.h packet.c] + ssh2 packet format + - [packet.h packet.c nchan2.ms nchan.h compat.h compat.c] + [channels.h channels.c] + channel layer support for ssh2 + - [kex.h kex.c hmac.h hmac.c dsa.c dsa.h] + DSA, keyexchange, algorithm agreement for ssh2 20000403 - Wrote entropy collection routines for systems that lack /dev/random diff --git a/Makefile.in b/Makefile.in index 89b408487..bb08b53b9 100644 --- a/Makefile.in +++ b/Makefile.in @@ -31,7 +31,7 @@ LDFLAGS=-L. @LDFLAGS@ TARGETS=ssh sshd ssh-add ssh-keygen ssh-agent scp $(EXTRA_TARGETS) -LIBOBJS= atomicio.o authfd.o authfile.o bsd-bindresvport.o bsd-daemon.o bsd-misc.o bsd-mktemp.o bsd-rresvport.o bsd-setenv.o bsd-snprintf.o bsd-strlcat.o bsd-strlcpy.o bufaux.o buffer.o canohost.o channels.o cipher.o compat.o compress.o crc32.o deattack.o dispatch.o fake-getaddrinfo.o fake-getnameinfo.o fingerprint.o hostfile.o key.o log.o match.o mpaux.o nchan.o packet.o radix.o entropy.o readpass.o rsa.o tildexpand.o ttymodes.o uidswap.o xmalloc.o +LIBOBJS= atomicio.o authfd.o authfile.o bsd-bindresvport.o bsd-daemon.o bsd-misc.o bsd-mktemp.o bsd-rresvport.o bsd-setenv.o bsd-snprintf.o bsd-strlcat.o bsd-strlcpy.o bufaux.o buffer.o canohost.o channels.o cipher.o compat.o compress.o crc32.o deattack.o dispatch.o dsa.o fake-getaddrinfo.o fake-getnameinfo.o fingerprint.o hmac.o hostfile.o key.o kex.o log.o match.o mpaux.o nchan.o packet.o radix.o entropy.o readpass.o rsa.o tildexpand.o ttymodes.o uidswap.o xmalloc.o SSHOBJS= ssh.o sshconnect.o log-client.o readconf.o clientloop.o diff --git a/channels.c b/channels.c index b87ff9f4f..18f667f6b 100644 --- a/channels.c +++ b/channels.c @@ -13,10 +13,11 @@ * There is also code for initiating connection forwarding for X11 connections, * arbitrary tcp/ip connections, and the authentication agent connection. * + * SSH2 support added by Markus Friedl. */ #include "includes.h" -RCSID("$Id: channels.c,v 1.20 2000/04/01 01:09:23 damien Exp $"); +RCSID("$Id: channels.c,v 1.21 2000/04/04 04:39:00 damien Exp $"); #include "ssh.h" #include "packet.h" @@ -31,6 +32,8 @@ RCSID("$Id: channels.c,v 1.20 2000/04/01 01:09:23 damien Exp $"); #include "nchan.h" #include "compat.h" +#include "ssh2.h" + /* Maximum number of fake X11 displays to try. */ #define MAX_DISPLAYS 1000 @@ -165,6 +168,7 @@ channel_new(char *ctype, int type, int rfd, int wfd, int efd, /* Do initial allocation if this is the first call. */ if (channels_alloc == 0) { + chan_init(); channels_alloc = 10; channels = xmalloc(channels_alloc * sizeof(Channel)); for (i = 0; i < channels_alloc; i++) @@ -237,9 +241,28 @@ channel_free(int id) if (c == NULL) packet_disconnect("channel free: bad local channel %d", id); debug("channel_free: channel %d: status: %s", id, channel_open_message()); + if (c->dettach_user != NULL) { + debug("channel_free: channel %d: dettaching channel user", id); + c->dettach_user(c->self, NULL); + } if (c->sock != -1) { shutdown(c->sock, SHUT_RDWR); close(c->sock); + c->sock = -1; + } + if (compat20) { + if (c->rfd != -1) { + close(c->rfd); + c->rfd = -1; + } + if (c->wfd != -1) { + close(c->wfd); + c->wfd = -1; + } + if (c->efd != -1) { + close(c->efd); + c->efd = -1; + } } buffer_free(&c->input); buffer_free(&c->output); @@ -296,6 +319,32 @@ channel_pre_open_15(Channel *c, fd_set * readset, fd_set * writeset) } void +channel_pre_open_20(Channel *c, fd_set * readset, fd_set * writeset) +{ + if (c->istate == CHAN_INPUT_OPEN && + c->remote_window > 0 && + buffer_len(&c->input) < c->remote_window) + FD_SET(c->rfd, readset); + if (c->ostate == CHAN_OUTPUT_OPEN || + c->ostate == CHAN_OUTPUT_WAIT_DRAIN) { + if (buffer_len(&c->output) > 0) { + FD_SET(c->wfd, writeset); + } else if (c->ostate == CHAN_OUTPUT_WAIT_DRAIN) { + chan_obuf_empty(c); + } + } + /** XXX check close conditions, too */ + if (c->efd != -1) { + if (c->extended_usage == CHAN_EXTENDED_WRITE && + buffer_len(&c->extended) > 0) + FD_SET(c->efd, writeset); + else if (c->extended_usage == CHAN_EXTENDED_READ && + buffer_len(&c->extended) < c->remote_window) + FD_SET(c->efd, readset); + } +} + +void channel_pre_input_draining(Channel *c, fd_set * readset, fd_set * writeset) { if (buffer_len(&c->input) == 0) { @@ -483,15 +532,27 @@ channel_post_port_listener(Channel *c, fd_set * readset, fd_set * writeset) SSH_CHANNEL_OPENING, newsock, newsock, -1, c->local_window_max, c->local_maxpacket, 0, xstrdup(buf)); - - packet_start(SSH_MSG_PORT_OPEN); - packet_put_int(newch); - packet_put_string(c->path, strlen(c->path)); - packet_put_int(c->host_port); - if (have_hostname_in_open) { - packet_put_string(buf, strlen(buf)); + if (compat20) { + packet_start(SSH2_MSG_CHANNEL_OPEN); + packet_put_cstring("direct-tcpip"); + packet_put_int(newch); + packet_put_int(c->local_window_max); + packet_put_int(c->local_maxpacket); + packet_put_string(c->path, strlen(c->path)); + packet_put_int(c->host_port); + packet_put_cstring(remote_hostname); + packet_put_int(remote_port); + packet_send(); + } else { + packet_start(SSH_MSG_PORT_OPEN); + packet_put_int(newch); + packet_put_string(c->path, strlen(c->path)); + packet_put_int(c->host_port); + if (have_hostname_in_open) { + packet_put_string(buf, strlen(buf)); + } + packet_send(); } - packet_send(); xfree(remote_hostname); } } @@ -569,6 +630,56 @@ channel_handle_wfd(Channel *c, fd_set * readset, fd_set * writeset) return -1; } buffer_consume(&c->output, len); + if (compat20 && len > 0) { + c->local_consumed += len; + } + } + return 1; +} +int +channel_handle_efd(Channel *c, fd_set * readset, fd_set * writeset) +{ + char buf[16*1024]; + int len; + + if (c->efd != -1) { + if (c->extended_usage == CHAN_EXTENDED_WRITE && + FD_ISSET(c->efd, writeset) && + buffer_len(&c->extended) > 0) { + len = write(c->efd, buffer_ptr(&c->extended), + buffer_len(&c->extended)); + debug("channel %d: written %d to efd %d", + c->self, len, c->efd); + if (len > 0) { + buffer_consume(&c->extended, len); + c->local_consumed += len; + } + } else if (c->extended_usage == CHAN_EXTENDED_READ && + FD_ISSET(c->efd, readset)) { + len = read(c->efd, buf, sizeof(buf)); + debug("channel %d: read %d from efd %d", + c->self, len, c->efd); + if (len > 0) + buffer_append(&c->extended, buf, len); + } + } + return 1; +} +int +channel_check_window(Channel *c, fd_set * readset, fd_set * writeset) +{ + if (!(c->flags & CHAN_CLOSE_SENT) && + c->local_window < c->local_window_max/2 && + c->local_consumed > 0) { + packet_start(SSH2_MSG_CHANNEL_WINDOW_ADJUST); + packet_put_int(c->remote_id); + packet_put_int(c->local_consumed); + packet_send(); + debug("channel %d: window %d sent adjust %d", + c->self, c->local_window, + c->local_consumed); + c->local_window += c->local_consumed; + c->local_consumed = 0; } return 1; } @@ -581,6 +692,15 @@ channel_post_open_1(Channel *c, fd_set * readset, fd_set * writeset) } void +channel_post_open_2(Channel *c, fd_set * readset, fd_set * writeset) +{ + channel_handle_rfd(c, readset, writeset); + channel_handle_wfd(c, readset, writeset); + channel_handle_efd(c, readset, writeset); + channel_check_window(c, readset, writeset); +} + +void channel_post_output_drain_13(Channel *c, fd_set * readset, fd_set * writeset) { int len; @@ -596,6 +716,16 @@ channel_post_output_drain_13(Channel *c, fd_set * readset, fd_set * writeset) } void +channel_handler_init_20(void) +{ + channel_pre[SSH_CHANNEL_OPEN] = &channel_pre_open_20; + channel_pre[SSH_CHANNEL_PORT_LISTENER] = &channel_pre_listener; + + channel_post[SSH_CHANNEL_OPEN] = &channel_post_open_2; + channel_post[SSH_CHANNEL_PORT_LISTENER] = &channel_post_port_listener; +} + +void channel_handler_init_13(void) { channel_pre[SSH_CHANNEL_OPEN] = &channel_pre_open_13; @@ -636,7 +766,9 @@ channel_handler_init(void) channel_pre[i] = NULL; channel_post[i] = NULL; } - if (compat13) + if (compat20) + channel_handler_init_20(); + else if (compat13) channel_handler_init_13(); else channel_handler_init_15(); @@ -660,8 +792,7 @@ channel_handler(chan_fn *ftab[], fd_set * readset, fd_set * writeset) if (ftab[c->type] == NULL) continue; (*ftab[c->type])(c, readset, writeset); - if (!compat13) - chan_delete_if_full_closed(c); + chan_delete_if_full_closed(c); } } @@ -700,27 +831,39 @@ channel_output_poll() c->istate != CHAN_INPUT_WAIT_DRAIN) continue; } + if (compat20 && (c->flags & CHAN_CLOSE_SENT)) { + debug("channel: %d: no data after CLOSE", c->self); + continue; + } /* Get the amount of buffered data for this channel. */ len = buffer_len(&c->input); if (len > 0) { /* Send some data for the other side over the secure connection. */ - if (packet_is_interactive()) { - if (len > 1024) - len = 512; + if (compat20) { + if (len > c->remote_window) + len = c->remote_window; + if (len > c->remote_maxpacket) + len = c->remote_maxpacket; } else { - /* Keep the packets at reasonable size. */ - if (len > packet_get_maxsize()) - len = packet_get_maxsize()/2; + if (packet_is_interactive()) { + if (len > 1024) + len = 512; + } else { + /* Keep the packets at reasonable size. */ + if (len > packet_get_maxsize()/2) + len = packet_get_maxsize()/2; + } } if (len > 0) { - packet_start(SSH_MSG_CHANNEL_DATA); + packet_start(compat20 ? + SSH2_MSG_CHANNEL_DATA : SSH_MSG_CHANNEL_DATA); packet_put_int(c->remote_id); packet_put_string(buffer_ptr(&c->input), len); packet_send(); buffer_consume(&c->input, len); c->remote_window -= len; -debug("channel %d: send data len %d", c->self, len); + debug("channel %d: send data len %d", c->self, len); } } else if (c->istate == CHAN_INPUT_WAIT_DRAIN) { if (compat13) @@ -731,6 +874,23 @@ debug("channel %d: send data len %d", c->self, len); */ chan_ibuf_empty(c); } + /* Send extended data, i.e. stderr */ + if (compat20 && + c->remote_window > 0 && + (len = buffer_len(&c->extended)) > 0 && + c->extended_usage == CHAN_EXTENDED_READ) { + if (len > c->remote_window) + len = c->remote_window; + if (len > c->remote_maxpacket) + len = c->remote_maxpacket; + packet_start(SSH2_MSG_CHANNEL_EXTENDED_DATA); + packet_put_int(c->remote_id); + packet_put_int(SSH2_EXTENDED_DATA_STDERR); + packet_put_string(buffer_ptr(&c->extended), len); + packet_send(); + buffer_consume(&c->extended, len); + c->remote_window -= len; + } } } @@ -766,10 +926,63 @@ channel_input_data(int type, int plen) /* Get the data. */ data = packet_get_string(&data_len); - packet_integrity_check(plen, 4 + 4 + data_len, SSH_MSG_CHANNEL_DATA); + if (compat20){ + if (data_len > c->local_maxpacket) { + log("channel %d: rcvd big packet %d, maxpack %d", + c->self, data_len, c->local_maxpacket); + } + if (data_len > c->local_window) { + log("channel %d: rcvd too much data %d, win %d", + c->self, data_len, c->local_window); + xfree(data); + return; + } + c->local_window -= data_len; + }else{ + packet_integrity_check(plen, 4 + 4 + data_len, type); + } buffer_append(&c->output, data, data_len); xfree(data); } +void +channel_input_extended_data(int type, int plen) +{ + int id; + int tcode; + char *data; + unsigned int data_len; + Channel *c; + + /* Get the channel number and verify it. */ + id = packet_get_int(); + c = channel_lookup(id); + + if (c == NULL) + packet_disconnect("Received extended_data for bad channel %d.", id); + if (c->type != SSH_CHANNEL_OPEN) { + log("channel %d: ext data for non open", id); + return; + } + tcode = packet_get_int(); + if (c->efd == -1 || + c->extended_usage != CHAN_EXTENDED_WRITE || + tcode != SSH2_EXTENDED_DATA_STDERR) { + log("channel %d: bad ext data", c->self); + return; + } + data = packet_get_string(&data_len); + if (data_len > c->local_window) { + log("channel %d: rcvd too much extended_data %d, win %d", + c->self, data_len, c->local_window); + xfree(data); + return; + } + debug("channel %d: rcvd ext data %d", c->self, data_len); + c->local_window -= data_len; + buffer_append(&c->extended, data, data_len); + xfree(data); +} + /* * Returns true if no channel has too much buffered data, and false if one or @@ -785,7 +998,7 @@ channel_not_very_much_buffered_data() for (i = 0; i < channels_alloc; i++) { c = &channels[i]; if (c->type == SSH_CHANNEL_OPEN) { - if (buffer_len(&c->input) > packet_get_maxsize()) { + if (!compat20 && buffer_len(&c->input) > packet_get_maxsize()) { debug("channel %d: big input buffer %d", c->self, buffer_len(&c->input)); return 0; @@ -886,7 +1099,8 @@ channel_input_open_confirmation(int type, int plen) int id, remote_id; Channel *c; - packet_integrity_check(plen, 4 + 4, type); + if (!compat20) + packet_integrity_check(plen, 4 + 4, type); id = packet_get_int(); c = channel_lookup(id); @@ -898,6 +1112,18 @@ channel_input_open_confirmation(int type, int plen) /* Record the remote channel number and mark that the channel is now open. */ c->remote_id = remote_id; c->type = SSH_CHANNEL_OPEN; + + if (compat20) { + c->remote_window = packet_get_int(); + c->remote_maxpacket = packet_get_int(); + if (c->cb_fn != NULL && c->cb_event == type) { + debug("callback start"); + c->cb_fn(c->self, c->cb_arg); + debug("callback done"); + } + debug("channel %d: open confirm rwindow %d rmax %d", c->self, + c->remote_window, c->remote_maxpacket); + } } void @@ -906,7 +1132,8 @@ channel_input_open_failure(int type, int plen) int id; Channel *c; - packet_integrity_check(plen, 4, type); + if (!compat20) + packet_integrity_check(plen, 4, type); id = packet_get_int(); c = channel_lookup(id); @@ -914,11 +1141,64 @@ channel_input_open_failure(int type, int plen) if (c==NULL || c->type != SSH_CHANNEL_OPENING) packet_disconnect("Received open failure for " "non-opening channel %d.", id); - + if (compat20) { + int reason = packet_get_int(); + char *msg = packet_get_string(NULL); + log("channel_open_failure: %d: reason %d: %s", id, reason, msg); + xfree(msg); + } /* Free the channel. This will also close the socket. */ channel_free(id); } +void +channel_input_channel_request(int type, int plen) +{ + int id; + Channel *c; + + id = packet_get_int(); + c = channel_lookup(id); + + if (c == NULL || + (c->type != SSH_CHANNEL_OPEN && c->type != SSH_CHANNEL_LARVAL)) + packet_disconnect("Received request for " + "non-open channel %d.", id); + if (c->cb_fn != NULL && c->cb_event == type) { + debug("callback start"); + c->cb_fn(c->self, c->cb_arg); + debug("callback done"); + } else { + char *service = packet_get_string(NULL); + debug("channel: %d rcvd request for %s", c->self, service); +debug("cb_fn %p cb_event %d", c->cb_fn , c->cb_event); + xfree(service); + } +} + +void +channel_input_window_adjust(int type, int plen) +{ + Channel *c; + int id, adjust; + + if (!compat20) + return; + + /* Get the channel number and verify it. */ + id = packet_get_int(); + c = channel_lookup(id); + + if (c == NULL || c->type != SSH_CHANNEL_OPEN) { + log("Received window adjust for " + "non-open channel %d.", id); + return; + } + adjust = packet_get_int(); + debug("channel %d: rcvd adjust %d", id, adjust); + c->remote_window += adjust; +} + /* * Stops listening for channels, and removes any unix domain sockets that we * might have. @@ -983,6 +1263,10 @@ channel_still_open() case SSH_CHANNEL_CLOSED: case SSH_CHANNEL_AUTH_SOCKET: continue; + case SSH_CHANNEL_LARVAL: + if (!compat20) + fatal("cannot happen: SSH_CHANNEL_LARVAL"); + continue; case SSH_CHANNEL_OPENING: case SSH_CHANNEL_OPEN: case SSH_CHANNEL_X11_OPEN: @@ -1024,6 +1308,7 @@ channel_open_message() case SSH_CHANNEL_CLOSED: case SSH_CHANNEL_AUTH_SOCKET: continue; + case SSH_CHANNEL_LARVAL: case SSH_CHANNEL_OPENING: case SSH_CHANNEL_OPEN: case SSH_CHANNEL_X11_OPEN: @@ -1156,17 +1441,26 @@ channel_request_remote_forwarding(u_short listen_port, const char *host_to_conne num_permitted_opens++; /* Send the forward request to the remote side. */ - packet_start(SSH_CMSG_PORT_FORWARD_REQUEST); - packet_put_int(port_to_connect); - packet_put_string(host_to_connect, strlen(host_to_connect)); - packet_put_int(listen_port); - packet_send(); - packet_write_wait(); - /* - * Wait for response from the remote side. It will send a disconnect - * message on failure, and we will never see it here. - */ - packet_read_expect(&payload_len, SSH_SMSG_SUCCESS); + if (compat20) { + const char *address_to_bind = "0.0.0.0"; + packet_start(SSH2_MSG_GLOBAL_REQUEST); + packet_put_cstring("tcpip-forward"); + packet_put_char(0); /* boolean: want reply */ + packet_put_cstring(address_to_bind); + packet_put_int(listen_port); + } else { + packet_start(SSH_CMSG_PORT_FORWARD_REQUEST); + packet_put_int(port_to_connect); + packet_put_cstring(host_to_connect); + packet_put_int(listen_port); + packet_send(); + packet_write_wait(); + /* + * Wait for response from the remote side. It will send a disconnect + * message on failure, and we will never see it here. + */ + packet_read_expect(&payload_len, SSH_SMSG_SUCCESS); + } } /* @@ -1839,3 +2133,97 @@ auth_input_open_request(int type, int plen) packet_put_int(newch); packet_send(); } + +void +channel_open(int id) +{ + Channel *c = channel_lookup(id); + if (c == NULL) { + log("channel_open: %d: bad id", id); + return; + } + packet_start(SSH2_MSG_CHANNEL_OPEN); + packet_put_cstring(c->ctype); + packet_put_int(c->self); + packet_put_int(c->local_window); + packet_put_int(c->local_maxpacket); + packet_send(); + debug("channel open %d", id); +} +void +channel_request(int id, char *service, int wantconfirm) +{ + channel_request_start(id, service, wantconfirm); + packet_send(); + debug("channel request %d: %s", id, service) ; +} +void +channel_request_start(int id, char *service, int wantconfirm) +{ + Channel *c = channel_lookup(id); + if (c == NULL) { + log("channel_request: %d: bad id", id); + return; + } + packet_start(SSH2_MSG_CHANNEL_REQUEST); + packet_put_int(c->remote_id); + packet_put_cstring(service); + packet_put_char(wantconfirm); +} +void +channel_register_callback(int id, int mtype, channel_callback_fn *fn, void *arg) +{ + Channel *c = channel_lookup(id); + if (c == NULL) { + log("channel_register_callback: %d: bad id", id); + return; + } + c->cb_event = mtype; + c->cb_fn = fn; + c->cb_arg = arg; +} +void +channel_register_cleanup(int id, channel_callback_fn *fn) +{ + Channel *c = channel_lookup(id); + if (c == NULL) { + log("channel_register_cleanup: %d: bad id", id); + return; + } + c->dettach_user = fn; +} +void +channel_cancel_cleanup(int id) +{ + Channel *c = channel_lookup(id); + if (c == NULL) { + log("channel_cancel_cleanup: %d: bad id", id); + return; + } + c->dettach_user = NULL; +} + +void +channel_set_fds(int id, int rfd, int wfd, int efd, int extusage) +{ + Channel *c = channel_lookup(id); + if (c == NULL || c->type != SSH_CHANNEL_LARVAL) + fatal("channel_activate for non-larval channel %d.", id); + if (rfd > channel_max_fd_value) + channel_max_fd_value = rfd; + if (wfd > channel_max_fd_value) + channel_max_fd_value = wfd; + if (efd > channel_max_fd_value) + channel_max_fd_value = efd; + c->type = SSH_CHANNEL_OPEN; + c->rfd = rfd; + c->wfd = wfd; + c->efd = efd; + c->extended_usage = extusage; + /* XXX window size? */ + c->local_window = c->local_window_max = c->local_maxpacket/2; + packet_start(SSH2_MSG_CHANNEL_WINDOW_ADJUST); + packet_put_int(c->remote_id); + packet_put_int(c->local_window); + packet_send(); +} diff --git a/channels.h b/channels.h index 73ff5a595..33af09d9d 100644 --- a/channels.h +++ b/channels.h @@ -1,4 +1,4 @@ -/* RCSID("$Id: channels.h,v 1.5 2000/04/01 01:09:23 damien Exp $"); */ +/* RCSID("$Id: channels.h,v 1.6 2000/04/04 04:39:01 damien Exp $"); */ #ifndef CHANNELS_H #define CHANNELS_H @@ -30,6 +30,7 @@ typedef struct Channel { /* peer can be reached over encrypted connection, via packet-sent */ int istate; /* input from channel (state of receive half) */ int ostate; /* output to channel (state of transmit half) */ + int flags; /* close sent/rcvd */ int rfd; /* read fd */ int wfd; /* write fd */ int efd; /* extended fd */ @@ -66,21 +67,30 @@ typedef struct Channel { #define CHAN_EXTENDED_READ 1 #define CHAN_EXTENDED_WRITE 2 +void channel_set_fds(int id, int rfd, int wfd, int efd, int extusage); void channel_open(int id); +void channel_request(int id, char *service, int wantconfirm); +void channel_request_start(int id, char *service, int wantconfirm); +void channel_register_callback(int id, int mtype, channel_callback_fn *fn, void *arg); +void channel_register_cleanup(int id, channel_callback_fn *fn); +void channel_cancel_cleanup(int id); Channel *channel_lookup(int id); int channel_new(char *ctype, int type, int rfd, int wfd, int efd, int window, int maxpack, int extended_usage, char *remote_name); +void channel_input_channel_request(int type, int plen); void channel_input_close(int type, int plen); void channel_input_close_confirmation(int type, int plen); void channel_input_data(int type, int plen); +void channel_input_extended_data(int type, int plen); void channel_input_ieof(int type, int plen); void channel_input_oclose(int type, int plen); void channel_input_open_confirmation(int type, int plen); void channel_input_open_failure(int type, int plen); void channel_input_port_open(int type, int plen); +void channel_input_window_adjust(int type, int plen); void channel_input_open(int type, int plen); /* Sets specific protocol options. */ @@ -218,4 +228,7 @@ void auth_input_request_forwarding(struct passwd * pw); /* This is called to process an SSH_SMSG_AGENT_OPEN message. */ void auth_input_open_request(int type, int plen); +/* XXX */ +int channel_connect_to(const char *host, u_short host_port); + #endif @@ -28,15 +28,46 @@ */ #include "includes.h" -RCSID("$Id: compat.c,v 1.3 1999/11/25 00:54:59 damien Exp $"); +RCSID("$Id: compat.c,v 1.4 2000/04/04 04:39:01 damien Exp $"); #include "ssh.h" +#include "packet.h" int compat13 = 0; +int compat20 = 0; +int datafellows = 0; void +enable_compat20(void) +{ + fatal("protocol 2.0 not implemented"); +} +void enable_compat13(void) { verbose("Enabling compatibility mode for protocol 1.3"); compat13 = 1; } +/* datafellows bug compatibility */ +void +compat_datafellows(const char *version) +{ + int i; + size_t len; + static const char *check[] = { + "2.0.1", + "2.1.0.beta.9", + "2.1.0.pre.3", + "2.1.0.public.beta.1", + NULL + }; + for (i = 0; check[i]; i++) { + len = strlen(check[i]); + if (strlen(version) >= len && + (strncmp(version, check[i], len) == 0)) { + log("datafellows: %.200s", version); + datafellows = 1; + return; + } + } +} @@ -26,10 +26,14 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -/* RCSID("$Id: compat.h,v 1.3 1999/11/25 00:54:59 damien Exp $"); */ +/* RCSID("$Id: compat.h,v 1.4 2000/04/04 04:39:01 damien Exp $"); */ #ifndef COMPAT_H #define COMPAT_H void enable_compat13(void); +void enable_compat20(void); +void compat_datafellows(const char *s); extern int compat13; +extern int compat20; +extern int datafellows; #endif @@ -0,0 +1,309 @@ +/* + * Copyright (c) 2000 Markus Friedl. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Markus Friedl. + * 4. The name of the author may not be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "includes.h" +RCSID("$Id: dsa.c,v 1.1 2000/04/03 20:06:14 markus Exp $"); + +#include "ssh.h" +#include "xmalloc.h" +#include "buffer.h" +#include "bufaux.h" +#include "compat.h" + +#if HAVE_OPENSSL +# include <openssl/bn.h> +# include <openssl/dh.h> +# include <openssl/rsa.h> +# include <openssl/dsa.h> +# include <openssl/evp.h> +# include <openssl/bio.h> +# include <openssl/pem.h> +#endif /* HAVE_OPENSSL */ +#if HAVE_SSL +# include <ssl/bn.h> +# include <ssl/dh.h> +# include <ssl/rsa.h> +# include <ssl/dsa.h> +# include <ssl/evp.h> +# include <ssl/bio.h> +# include <ssl/pem.h> +#endif /* HAVE_SSL */ + +#include <ssl/hmac.h> +#include "kex.h" +#include "key.h" + +#define INTBLOB_LEN 20 +#define SIGBLOB_LEN (2*INTBLOB_LEN) + +Key * +dsa_serverkey_from_blob( + char *serverhostkey, int serverhostkeylen) +{ + Buffer b; + char *ktype; + int rlen; + DSA *dsa; + Key *key; + + /* fetch & parse DSA/DSS pubkey */ + key = key_new(KEY_DSA); + dsa = key->dsa; + buffer_init(&b); + buffer_append(&b, serverhostkey, serverhostkeylen); + ktype = buffer_get_string(&b, NULL); + if (strcmp(KEX_DSS, ktype) != 0) { + log("dsa_serverkey_from_blob: cannot handle type %s", ktype); + key_free(key); + return NULL; + } + buffer_get_bignum2(&b, dsa->p); + buffer_get_bignum2(&b, dsa->q); + buffer_get_bignum2(&b, dsa->g); + buffer_get_bignum2(&b, dsa->pub_key); + rlen = buffer_len(&b); + if(rlen != 0) + log("dsa_serverkey_from_blob: remaining bytes in serverhostkey %d", rlen); + buffer_free(&b); + + log("keytype %s", ktype); +#ifdef DEBUG_DSS + DSA_print_fp(stderr, dsa, 8); +#endif + return key; +} +DSA * +dsa_load_private(char *filename) +{ + DSA *dsa; + BIO *in; + + in = BIO_new(BIO_s_file()); + if (in == NULL) + fatal("BIO_new failed"); + if (BIO_read_filename(in, filename) <= 0) + fatal("BIO_read failed %s: %s", filename, strerror(errno)); + fprintf(stderr, "read DSA private key\n"); + dsa = PEM_read_bio_DSAPrivateKey(in,NULL,NULL,NULL); + if (dsa == NULL) + fatal("PEM_read_bio_DSAPrivateKey failed %s", filename); + BIO_free(in); + return dsa; +} +Key * +dsa_get_serverkey(char *filename) +{ + Key *k = key_new(KEY_EMPTY); + k->type = KEY_DSA; + k->dsa = dsa_load_private(filename); +#ifdef DEBUG_DSS + DSA_print_fp(stderr, dsa, 8); +#endif + return k; +} +int +dsa_make_serverkey_blob(Key *key, unsigned char **blobp, unsigned int *lenp) +{ + Buffer b; + int len; + unsigned char *buf; + + if (key == NULL || key->type != KEY_DSA) + return 0; + buffer_init(&b); + buffer_put_cstring(&b, KEX_DSS); + buffer_put_bignum2(&b, key->dsa->p); + buffer_put_bignum2(&b, key->dsa->q); + buffer_put_bignum2(&b, key->dsa->g); + buffer_put_bignum2(&b, key->dsa->pub_key); + len = buffer_len(&b); + buf = xmalloc(len); + memcpy(buf, buffer_ptr(&b), len); + memset(buffer_ptr(&b), 0, len); + buffer_free(&b); + if (lenp != NULL) + *lenp = len; + if (blobp != NULL) + *blobp = buf; + return len; +} +int +dsa_sign( + Key *key, + unsigned char **sigp, int *lenp, + unsigned char *hash, int hlen) +{ + unsigned char *digest; + unsigned char *ret; + DSA_SIG *sig; + EVP_MD *evp_md = EVP_sha1(); + EVP_MD_CTX md; + unsigned int rlen; + unsigned int slen; + unsigned int len; + unsigned char sigblob[SIGBLOB_LEN]; + Buffer b; + + if (key == NULL || key->type != KEY_DSA || key->dsa == NULL) { + log("dsa_sign: no DSA key"); + return -1; + } + digest = xmalloc(evp_md->md_size); + EVP_DigestInit(&md, evp_md); + EVP_DigestUpdate(&md, hash, hlen); + EVP_DigestFinal(&md, digest, NULL); + + sig = DSA_do_sign(digest, evp_md->md_size, key->dsa); + + rlen = BN_num_bytes(sig->r); + slen = BN_num_bytes(sig->s); + if (rlen > INTBLOB_LEN || slen > INTBLOB_LEN) { + log("bad sig size %d %d", rlen, slen); + DSA_SIG_free(sig); + return -1; + } + log("sig size %d %d", rlen, slen); + + memset(sigblob, 0, SIGBLOB_LEN); + BN_bn2bin(sig->r, sigblob+ SIGBLOB_LEN - INTBLOB_LEN - rlen); + BN_bn2bin(sig->s, sigblob+ SIGBLOB_LEN - slen); + DSA_SIG_free(sig); + + if (datafellows) { + log("datafellows"); + ret = xmalloc(SIGBLOB_LEN); + memcpy(ret, sigblob, SIGBLOB_LEN); + if (lenp != NULL) + *lenp = SIGBLOB_LEN; + if (sigp != NULL) + *sigp = ret; + } else { + /* ietf-drafts */ + buffer_init(&b); + buffer_put_cstring(&b, KEX_DSS); + buffer_put_string(&b, sigblob, SIGBLOB_LEN); + len = buffer_len(&b); + ret = xmalloc(len); + memcpy(ret, buffer_ptr(&b), len); + buffer_free(&b); + if (lenp != NULL) + *lenp = len; + if (sigp != NULL) + *sigp = ret; + } + return 0; +} +int +dsa_verify( + Key *key, + unsigned char *signature, int signaturelen, + unsigned char *hash, int hlen) +{ + Buffer b; + unsigned char *digest; + DSA_SIG *sig; + EVP_MD *evp_md = EVP_sha1(); + EVP_MD_CTX md; + char *ktype; + unsigned char *sigblob; + char *txt; + unsigned int len; + int rlen; + int ret; + + if (key == NULL || key->type != KEY_DSA || key->dsa == NULL) { + log("dsa_verify: no DSA key"); + return -1; + } + + if (datafellows && signaturelen != SIGBLOB_LEN) { + log("heh? datafellows ssh2 complies with ietf-drafts????"); + datafellows = 0; + } + + log("len %d datafellows %d", signaturelen, datafellows); + + /* fetch signature */ + if (datafellows) { + sigblob = signature; + len = signaturelen; + } else { + /* ietf-drafts */ + buffer_init(&b); + buffer_append(&b, (char *) signature, signaturelen); + ktype = buffer_get_string(&b, NULL); + sigblob = (unsigned char *)buffer_get_string(&b, &len); + rlen = buffer_len(&b); + if(rlen != 0) + log("remaining bytes in signature %d", rlen); + buffer_free(&b); + } + + if (len != SIGBLOB_LEN) { + fatal("bad sigbloblen %d != SIGBLOB_LEN", len); + } + + /* parse signature */ + sig = DSA_SIG_new(); + sig->r = BN_new(); + sig->s = BN_new(); + BN_bin2bn(sigblob, INTBLOB_LEN, sig->r); + BN_bin2bn(sigblob+ INTBLOB_LEN, INTBLOB_LEN, sig->s); + if (!datafellows) { + memset(sigblob, 0, len); + xfree(sigblob); + } + + /* sha1 the signed data (== session_id == hash) */ + digest = xmalloc(evp_md->md_size); + EVP_DigestInit(&md, evp_md); + EVP_DigestUpdate(&md, hash, hlen); + EVP_DigestFinal(&md, digest, NULL); + + ret = DSA_do_verify(digest, evp_md->md_size, sig, key->dsa); + + memset(digest, 0, evp_md->md_size); + xfree(digest); + DSA_SIG_free(sig); + + switch (ret) { + case 1: + txt = "correct"; + break; + case 0: + txt = "incorrect"; + break; + case -1: + default: + txt = "error"; + break; + } + log("dsa_verify: signature %s", txt); + return ret; +} @@ -0,0 +1,20 @@ +#ifndef DSA_H +#define DSA_H + +Key *dsa_serverkey_from_blob(char *serverhostkey, int serverhostkeylen); +Key *dsa_get_serverkey(char *filename); +int dsa_make_serverkey_blob(Key *key, unsigned char **blobp, unsigned int *lenp); + +int +dsa_sign( + Key *key, + unsigned char **sigp, int *lenp, + unsigned char *hash, int hlen); + +int +dsa_verify( + Key *key, + unsigned char *signature, int signaturelen, + unsigned char *hash, int hlen); + +#endif @@ -0,0 +1,64 @@ +/* + * Copyright (c) 2000 Markus Friedl. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Markus Friedl. + * 4. The name of the author may not be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "includes.h" +RCSID("$Id: hmac.c,v 1.1 2000/04/03 20:06:15 markus Exp $"); + +#include "xmalloc.h" +#include "ssh.h" +#include "getput.h" + +#if HAVE_OPENSSL +# include <openssl/hmac.h> +#endif /* HAVE_OPENSSL */ +#if HAVE_SSL +# include <ssl/hmac.h> +#endif /* HAVE_SSL */ + +unsigned char * +hmac( + EVP_MD *evp_md, + unsigned int seqno, + unsigned char *data, int datalen, + unsigned char *key, int keylen) +{ + HMAC_CTX c; + static unsigned char m[EVP_MAX_MD_SIZE]; + unsigned char b[4]; + + if (key == NULL) + fatal("hmac: no key"); + HMAC_Init(&c, key, keylen, evp_md); + PUT_32BIT(b, seqno); + HMAC_Update(&c, b, sizeof b); + HMAC_Update(&c, data, datalen); + HMAC_Final(&c, m, NULL); + HMAC_cleanup(&c); + return(m); +} @@ -0,0 +1,11 @@ +#ifndef HMAC_H +#define HMAC_H + +unsigned char * +hmac( + EVP_MD *evp_md, + unsigned int seqno, + unsigned char *data, int datalen, + unsigned char *key, int len); + +#endif @@ -0,0 +1,407 @@ +/* + * Copyright (c) 2000 Markus Friedl. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Markus Friedl. + * 4. The name of the author may not be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "includes.h" +RCSID("$Id: kex.c,v 1.1 2000/04/04 04:39:02 damien Exp $"); + +#include "ssh.h" +#include "ssh2.h" +#include "xmalloc.h" +#include "buffer.h" +#include "bufaux.h" +#include "cipher.h" +#include "compat.h" + +#if HAVE_OPENSSL +# include <openssl/bn.h> +# include <openssl/dh.h> +# include <openssl/crypto.h> +# include <openssl/bio.h> +# include <openssl/bn.h> +# include <openssl/dh.h> +# include <openssl/pem.h> +#endif /* HAVE_OPENSSL */ +#if HAVE_SSL +# include <ssl/bn.h> +# include <ssl/dh.h> +# include <ssl/crypto.h> +# include <ssl/bio.h> +# include <ssl/bn.h> +# include <ssl/dh.h> +# include <ssl/pem.h> +#endif /* HAVE_SSL */ + +#include "entropy.h" +#include "kex.h" + +Buffer * +kex_init(char *myproposal[PROPOSAL_MAX]) +{ + char c = 0; + unsigned char cookie[16]; + u_int32_t rand = 0; + int i; + Buffer *ki = xmalloc(sizeof(*ki)); + for (i = 0; i < 16; i++) { + if (i % 4 == 0) + rand = arc4random(); + cookie[i] = rand & 0xff; + rand >>= 8; + } + buffer_init(ki); + buffer_append(ki, (char *)cookie, sizeof cookie); + for (i = 0; i < PROPOSAL_MAX; i++) + buffer_put_cstring(ki, myproposal[i]); + buffer_append(ki, &c, 1); /* boolean first_kex_packet_follows */ + buffer_put_int(ki, 0); /* uint32 0 (reserved for future extension) */ + return ki; +} + +/* diffie-hellman-group1-sha1 */ + +DH * +new_dh_group1() +{ + static char *group1 = + "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1" + "29024E08" "8A67CC74" "020BBEA6" "3B139B22" "514A0879" "8E3404DD" + "EF9519B3" "CD3A431B" "302B0A6D" "F25F1437" "4FE1356D" "6D51C245" + "E485B576" "625E7EC6" "F44C42E9" "A637ED6B" "0BFF5CB6" "F406B7ED" + "EE386BFB" "5A899FA5" "AE9F2411" "7C4B1FE6" "49286651" "ECE65381" + "FFFFFFFF" "FFFFFFFF"; + DH *dh; + int ret; + dh = DH_new(); + if(dh == NULL) + fatal("DH_new"); + ret = BN_hex2bn(&dh->p,group1); + if(ret<0) + fatal("BN_hex2bn"); + dh->g = BN_new(); + if(dh->g == NULL) + fatal("DH_new g"); + BN_set_word(dh->g,2); + + seed_rng(); + if (DH_generate_key(dh) == 0) + fatal("DH_generate_key"); + seed_rng(); + + return dh; +} + +void +bignum_print(BIGNUM *b) +{ + BN_print_fp(stderr,b); +} + +void +dump_digest(unsigned char *digest, int len) +{ + int i; + for (i = 0; i< len; i++){ + fprintf(stderr, "%02x", digest[i]); + if(i%2!=0) + fprintf(stderr, " "); + } + fprintf(stderr, "\n"); +} + +unsigned char * +kex_hash( + char *client_version_string, + char *server_version_string, + char *ckexinit, int ckexinitlen, + char *skexinit, int skexinitlen, + char *serverhostkeyblob, int sbloblen, + BIGNUM *client_dh_pub, + BIGNUM *server_dh_pub, + BIGNUM *shared_secret) +{ + Buffer b; + static unsigned char digest[EVP_MAX_MD_SIZE]; + EVP_MD *evp_md = EVP_sha1(); + EVP_MD_CTX md; + + buffer_init(&b); + buffer_put_string(&b, client_version_string, strlen(client_version_string)); + buffer_put_string(&b, server_version_string, strlen(server_version_string)); + + /* kexinit messages: fake header: len+SSH2_MSG_KEXINIT */ + buffer_put_int(&b, ckexinitlen+1); + buffer_put_char(&b, SSH2_MSG_KEXINIT); + buffer_append(&b, ckexinit, ckexinitlen); + buffer_put_int(&b, skexinitlen+1); + buffer_put_char(&b, SSH2_MSG_KEXINIT); + buffer_append(&b, skexinit, skexinitlen); + + buffer_put_string(&b, serverhostkeyblob, sbloblen); + buffer_put_bignum2(&b, client_dh_pub); + buffer_put_bignum2(&b, server_dh_pub); + buffer_put_bignum2(&b, shared_secret); + +#ifdef DEBUG_KEX + buffer_dump(&b); +#endif + + EVP_DigestInit(&md, evp_md); + EVP_DigestUpdate(&md, buffer_ptr(&b), buffer_len(&b)); + EVP_DigestFinal(&md, digest, NULL); + + buffer_free(&b); + +#ifdef DEBUG_KEX + dump_digest(digest, evp_md->md_size); +#endif + return digest; +} + +unsigned char * +derive_key(int id, int need, char unsigned *hash, BIGNUM *shared_secret) +{ + Buffer b; + EVP_MD *evp_md = EVP_sha1(); + EVP_MD_CTX md; + char c = id; + int have; + int mdsz = evp_md->md_size; + unsigned char *digest = xmalloc(((need+mdsz-1)/mdsz)*mdsz); + + buffer_init(&b); + buffer_put_bignum2(&b, shared_secret); + + EVP_DigestInit(&md, evp_md); + EVP_DigestUpdate(&md, buffer_ptr(&b), buffer_len(&b)); /* shared_secret K */ + EVP_DigestUpdate(&md, hash, mdsz); /* transport-06 */ + EVP_DigestUpdate(&md, &c, 1); /* key id */ + EVP_DigestUpdate(&md, hash, mdsz); /* session id */ + EVP_DigestFinal(&md, digest, NULL); + + /* expand */ + for (have = mdsz; need > have; have += mdsz) { + EVP_DigestInit(&md, evp_md); + EVP_DigestUpdate(&md, buffer_ptr(&b), buffer_len(&b)); + EVP_DigestUpdate(&md, hash, mdsz); + EVP_DigestUpdate(&md, digest, have); + EVP_DigestFinal(&md, digest + have, NULL); + } + buffer_free(&b); +#ifdef DEBUG_KEX + fprintf(stderr, "Digest '%c'== ", c); + dump_digest(digest, need); +#endif + return digest; +} + +#define NKEYS 6 + +#define MAX_PROP 20 +#define SEP "," + +char * +get_match(char *client, char *server) +{ + char *sproposals[MAX_PROP]; + char *p; + int i, j, nproposals; + + for ((p = strtok(server, SEP)), i=0; p; (p = strtok(NULL, SEP)), i++) { + if (i < MAX_PROP) + sproposals[i] = p; + else + break; + } + nproposals = i; + + for ((p = strtok(client, SEP)), i=0; p; (p = strtok(NULL, SEP)), i++) { + for (j = 0; j < nproposals; j++) + if (strcmp(p, sproposals[j]) == 0) + return xstrdup(p); + } + return NULL; +} +void +choose_enc(Enc *enc, char *client, char *server) +{ + char *name = get_match(client, server); + if (name == NULL) + fatal("no matching cipher found: client %s server %s", client, server); + enc->type = cipher_number(name); + + switch (enc->type) { + case SSH_CIPHER_3DES_CBC: + enc->key_len = 24; + enc->iv_len = 8; + enc->block_size = 8; + break; + case SSH_CIPHER_BLOWFISH_CBC: + case SSH_CIPHER_CAST128_CBC: + enc->key_len = 16; + enc->iv_len = 8; + enc->block_size = 8; + break; + case SSH_CIPHER_ARCFOUR: + enc->key_len = 16; + enc->iv_len = 0; + enc->block_size = 8; + break; + default: + fatal("unsupported cipher %s", name); + } + enc->name = name; + enc->enabled = 0; + enc->iv = NULL; + enc->key = NULL; +} +void +choose_mac(Mac *mac, char *client, char *server) +{ + char *name = get_match(client, server); + if (name == NULL) + fatal("no matching mac found: client %s server %s", client, server); + if (strcmp(name, "hmac-md5") == 0) { + mac->md = EVP_md5(); + } else if (strcmp(name, "hmac-sha1") == 0) { + mac->md = EVP_sha1(); + } else if (strcmp(name, "hmac-ripemd160@openssh.com") == 0) { + mac->md = EVP_ripemd160(); + } else { + fatal("unsupported mac %s", name); + } + mac->name = name; + mac->mac_len = mac->md->md_size; + mac->key_len = datafellows ? 16 : mac->mac_len; + mac->key = NULL; + mac->enabled = 0; +} +void +choose_comp(Comp *comp, char *client, char *server) +{ + char *name = get_match(client, server); + if (name == NULL) + fatal("no matching comp found: client %s server %s", client, server); + if (strcmp(name, "zlib") == 0) { + comp->type = 1; + } else if (strcmp(name, "none") == 0) { + comp->type = 0; + } else { + fatal("unsupported comp %s", name); + } + comp->name = name; +} +void +choose_kex(Kex *k, char *client, char *server) +{ + k->name = get_match(client, server); + if (k->name == NULL) + fatal("no kex alg"); + if (strcmp(k->name, KEX_DH1) != 0) + fatal("bad kex alg %s", k->name); +} +void +choose_hostkeyalg(Kex *k, char *client, char *server) +{ + k->hostkeyalg = get_match(client, server); + if (k->hostkeyalg == NULL) + fatal("no hostkey alg"); + if (strcmp(k->hostkeyalg, KEX_DSS) != 0) + fatal("bad hostkey alg %s", k->hostkeyalg); +} + +Kex * +kex_choose_conf(char *cprop[PROPOSAL_MAX], char *sprop[PROPOSAL_MAX], int server) +{ + int i; + int mode; + int ctos; /* direction: if true client-to-server */ + int need; + Kex *k; + + k = xmalloc(sizeof(*k)); + memset(k, 0, sizeof(*k)); + k->server = server; + + for (mode = 0; mode < MODE_MAX; mode++) { + int nenc, nmac, ncomp; + ctos = (!k->server && mode == MODE_OUT) || (k->server && mode == MODE_IN); + nenc = ctos ? PROPOSAL_ENC_ALGS_CTOS : PROPOSAL_ENC_ALGS_STOC; + nmac = ctos ? PROPOSAL_MAC_ALGS_CTOS : PROPOSAL_MAC_ALGS_STOC; + ncomp = ctos ? PROPOSAL_COMP_ALGS_CTOS : PROPOSAL_COMP_ALGS_STOC; + choose_enc (&k->enc [mode], cprop[nenc], sprop[nenc]); + choose_mac (&k->mac [mode], cprop[nmac], sprop[nmac]); + choose_comp(&k->comp[mode], cprop[ncomp], sprop[ncomp]); + log("kex: %s %s %s %s", + ctos ? "client->server" : "server->client", + k->enc[mode].name, + k->mac[mode].name, + k->comp[mode].name); + } + choose_kex(k, cprop[PROPOSAL_KEX_ALGS], sprop[PROPOSAL_KEX_ALGS]); + choose_hostkeyalg(k, cprop[PROPOSAL_SERVER_HOST_KEY_ALGS], + sprop[PROPOSAL_SERVER_HOST_KEY_ALGS]); + for (i = 0; i < PROPOSAL_MAX; i++) { + xfree(cprop[i]); + xfree(sprop[i]); + } + need = 0; + for (mode = 0; mode < MODE_MAX; mode++) { + if (need < k->enc[mode].key_len) + need = k->enc[mode].key_len; + if (need < k->enc[mode].iv_len) + need = k->enc[mode].iv_len; + if (need < k->mac[mode].key_len) + need = k->mac[mode].key_len; + } + /* need runden? */ +#define WE_NEED 32 + k->we_need = WE_NEED; + k->we_need = need; + return k; +} + +int +kex_derive_keys(Kex *k, unsigned char *hash, BIGNUM *shared_secret) +{ + int i; + int mode; + int ctos; + unsigned char *keys[NKEYS]; + + for (i = 0; i < NKEYS; i++) + keys[i] = derive_key('A'+i, k->we_need, hash, shared_secret); + + for (mode = 0; mode < MODE_MAX; mode++) { + ctos = (!k->server && mode == MODE_OUT) || (k->server && mode == MODE_IN); + k->enc[mode].iv = keys[ctos ? 0 : 1]; + k->enc[mode].key = keys[ctos ? 2 : 3]; + k->mac[mode].key = keys[ctos ? 4 : 5]; + } + return 0; +} @@ -0,0 +1,111 @@ +/* + * Copyright (c) 2000 Markus Friedl. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Markus Friedl. + * 4. The name of the author may not be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +#ifndef KEX_H +#define KEX_H + +#define KEX_DH1 "diffie-hellman-group1-sha1" +#define KEX_DSS "ssh-dss" + +enum kex_init_proposals { + PROPOSAL_KEX_ALGS, + PROPOSAL_SERVER_HOST_KEY_ALGS, + PROPOSAL_ENC_ALGS_CTOS, + PROPOSAL_ENC_ALGS_STOC, + PROPOSAL_MAC_ALGS_CTOS, + PROPOSAL_MAC_ALGS_STOC, + PROPOSAL_COMP_ALGS_CTOS, + PROPOSAL_COMP_ALGS_STOC, + PROPOSAL_LANG_CTOS, + PROPOSAL_LANG_STOC, + PROPOSAL_MAX +}; + +enum kex_modes { + MODE_IN, + MODE_OUT, + MODE_MAX +}; + +typedef struct Kex Kex; +typedef struct Mac Mac; +typedef struct Comp Comp; +typedef struct Enc Enc; + +struct Enc { + int type; + int enabled; + int block_size; + unsigned char *key; + unsigned char *iv; + int key_len; + int iv_len; + char *name; +}; +struct Mac { + EVP_MD *md; + int enabled; + int mac_len; + unsigned char *key; + int key_len; + char *name; +}; +struct Comp { + int type; + int enabled; + char *name; +}; +struct Kex { + Enc enc [MODE_MAX]; + Mac mac [MODE_MAX]; + Comp comp[MODE_MAX]; + int we_need; + int server; + char *name; + char *hostkeyalg; +}; + +Buffer *kex_init(char *myproposal[PROPOSAL_MAX]); +DH *new_dh_group1(); +Kex *kex_choose_conf(char *cprop[PROPOSAL_MAX], char *sprop[PROPOSAL_MAX], int server); +int kex_derive_keys(Kex *k, unsigned char *hash, BIGNUM *shared_secret); +void bignum_print(BIGNUM *b); +void packet_set_kex(Kex *k); + +unsigned char * +kex_hash( + char *client_version_string, + char *server_version_string, + char *ckexinit, int ckexinitlen, + char *skexinit, int skexinitlen, + char *serverhostkeyblob, int sbloblen, + BIGNUM *client_dh_pub, + BIGNUM *server_dh_pub, + BIGNUM *shared_secret); + +#endif @@ -28,7 +28,7 @@ */ #include "includes.h" -RCSID("$Id: nchan.c,v 1.6 2000/04/01 01:09:24 damien Exp $"); +RCSID("$Id: nchan.c,v 1.7 2000/04/04 04:39:02 damien Exp $"); #include "ssh.h" @@ -37,138 +37,169 @@ RCSID("$Id: nchan.c,v 1.6 2000/04/01 01:09:24 damien Exp $"); #include "channels.h" #include "nchan.h" -static void chan_send_ieof(Channel *c); -static void chan_send_oclose(Channel *c); -static void chan_shutdown_write(Channel *c); -static void chan_shutdown_read(Channel *c); +#include "ssh2.h" +#include "compat.h" +/* functions manipulating channel states */ /* * EVENTS update channel input/output states execute ACTIONS */ - /* events concerning the INPUT from socket for channel (istate) */ -void -chan_rcvd_oclose(Channel *c) +chan_event_fn *chan_rcvd_oclose = NULL; +chan_event_fn *chan_read_failed = NULL; +chan_event_fn *chan_ibuf_empty = NULL; +/* events concerning the OUTPUT from channel for socket (ostate) */ +chan_event_fn *chan_rcvd_ieof = NULL; +chan_event_fn *chan_write_failed = NULL; +chan_event_fn *chan_obuf_empty = NULL; +/* + * ACTIONS: should never update the channel states + */ +static void chan_send_ieof1(Channel *c); +static void chan_send_oclose1(Channel *c); +static void chan_send_close2(Channel *c); +static void chan_send_eof2(Channel *c); + +/* channel cleanup */ +chan_event_fn *chan_delete_if_full_closed = NULL; + +/* helper */ +static void chan_shutdown_write(Channel *c); +static void chan_shutdown_read(Channel *c); + +/* + * SSH1 specific implementation of event functions + */ + +static void +chan_rcvd_oclose1(Channel *c) { + debug("channel %d: rcvd oclose", c->self); switch (c->istate) { case CHAN_INPUT_WAIT_OCLOSE: - debug("channel %d: INPUT_WAIT_OCLOSE -> INPUT_CLOSED [rcvd OCLOSE]", c->self); + debug("channel %d: input wait_oclose -> closed", c->self); c->istate = CHAN_INPUT_CLOSED; break; case CHAN_INPUT_OPEN: - debug("channel %d: INPUT_OPEN -> INPUT_CLOSED [rvcd OCLOSE, send IEOF]", c->self); + debug("channel %d: input open -> closed", c->self); chan_shutdown_read(c); - chan_send_ieof(c); + chan_send_ieof1(c); c->istate = CHAN_INPUT_CLOSED; break; case CHAN_INPUT_WAIT_DRAIN: /* both local read_failed and remote write_failed */ - log("channel %d: INPUT_WAIT_DRAIN -> INPUT_CLOSED [rvcd OCLOSE, send IEOF]", c->self); - debug("channel %d: INPUT_WAIT_DRAIN -> INPUT_CLOSED [rvcd OCLOSE, send IEOF]", c->self); - chan_send_ieof(c); + log("channel %d: input drain -> closed", c->self); + chan_send_ieof1(c); c->istate = CHAN_INPUT_CLOSED; break; default: - error("protocol error: chan_rcvd_oclose %d for istate %d", c->self, c->istate); + error("channel %d: protocol error: chan_rcvd_oclose for istate %d", + c->self, c->istate); return; } } -void -chan_read_failed(Channel *c) +static void +chan_read_failed_12(Channel *c) { + debug("channel %d: read failed", c->self); switch (c->istate) { case CHAN_INPUT_OPEN: - debug("channel %d: INPUT_OPEN -> INPUT_WAIT_DRAIN [read failed]", c->self); + debug("channel %d: input open -> drain", c->self); chan_shutdown_read(c); c->istate = CHAN_INPUT_WAIT_DRAIN; break; default: - error("internal error: we do not read, but chan_read_failed %d for istate %d", - c->self, c->istate); + error("channel %d: internal error: we do not read, but chan_read_failed for istate %d", + c->self, c->istate); break; } } -void -chan_ibuf_empty(Channel *c) +static void +chan_ibuf_empty1(Channel *c) { + debug("channel %d: ibuf empty", c->self); if (buffer_len(&c->input)) { - error("internal error: chan_ibuf_empty %d for non empty buffer", c->self); + error("channel %d: internal error: chan_ibuf_empty for non empty buffer", + c->self); return; } switch (c->istate) { case CHAN_INPUT_WAIT_DRAIN: - debug("channel %d: INPUT_WAIT_DRAIN -> INPUT_WAIT_OCLOSE [inbuf empty, send IEOF]", c->self); - chan_send_ieof(c); + debug("channel %d: input drain -> wait_oclose", c->self); + chan_send_ieof1(c); c->istate = CHAN_INPUT_WAIT_OCLOSE; break; default: - error("internal error: chan_ibuf_empty %d for istate %d", c->self, c->istate); + error("channel %d: internal error: chan_ibuf_empty for istate %d", + c->self, c->istate); break; } } - -/* events concerning the OUTPUT from channel for socket (ostate) */ -void -chan_rcvd_ieof(Channel *c) +static void +chan_rcvd_ieof1(Channel *c) { + debug("channel %d: rcvd ieof", c->self); switch (c->ostate) { case CHAN_OUTPUT_OPEN: - debug("channel %d: OUTPUT_OPEN -> OUTPUT_WAIT_DRAIN [rvcd IEOF]", c->self); + debug("channel %d: output open -> drain", c->self); c->ostate = CHAN_OUTPUT_WAIT_DRAIN; break; case CHAN_OUTPUT_WAIT_IEOF: - debug("channel %d: OUTPUT_WAIT_IEOF -> OUTPUT_CLOSED [rvcd IEOF]", c->self); + debug("channel %d: output wait_ieof -> closed", c->self); c->ostate = CHAN_OUTPUT_CLOSED; break; default: - error("protocol error: chan_rcvd_ieof %d for ostate %d", c->self, c->ostate); + error("channel %d: protocol error: chan_rcvd_ieof for ostate %d", + c->self, c->ostate); break; } } -void -chan_write_failed(Channel *c) +static void +chan_write_failed1(Channel *c) { + debug("channel %d: write failed", c->self); switch (c->ostate) { case CHAN_OUTPUT_OPEN: - debug("channel %d: OUTPUT_OPEN -> OUTPUT_WAIT_IEOF [write failed]", c->self); - chan_send_oclose(c); + debug("channel %d: output open -> wait_ieof", c->self); + chan_send_oclose1(c); c->ostate = CHAN_OUTPUT_WAIT_IEOF; break; case CHAN_OUTPUT_WAIT_DRAIN: - debug("channel %d: OUTPUT_WAIT_DRAIN -> OUTPUT_CLOSED [write failed]", c->self); - chan_send_oclose(c); + debug("channel %d: output wait_drain -> closed", c->self); + chan_send_oclose1(c); c->ostate = CHAN_OUTPUT_CLOSED; break; default: - error("internal error: chan_write_failed %d for ostate %d", c->self, c->ostate); + error("channel %d: internal error: chan_write_failed for ostate %d", + c->self, c->ostate); break; } } -void -chan_obuf_empty(Channel *c) +static void +chan_obuf_empty1(Channel *c) { + debug("channel %d: obuf empty", c->self); if (buffer_len(&c->output)) { - debug("internal error: chan_obuf_empty %d for non empty buffer", c->self); + error("channel %d: internal error: chan_obuf_empty for non empty buffer", + c->self); return; } switch (c->ostate) { case CHAN_OUTPUT_WAIT_DRAIN: - debug("channel %d: OUTPUT_WAIT_DRAIN -> OUTPUT_CLOSED [obuf empty, send OCLOSE]", c->self); - chan_send_oclose(c); + debug("channel %d: output drain -> closed", c->self); + chan_send_oclose1(c); c->ostate = CHAN_OUTPUT_CLOSED; break; default: - error("internal error: chan_obuf_empty %d for ostate %d", c->self, c->ostate); + error("channel %d: internal error: chan_obuf_empty for ostate %d", + c->self, c->ostate); break; } } - -/* - * ACTIONS: should never update the channel states: c->istate or c->ostate - */ static void -chan_send_ieof(Channel *c) +chan_send_ieof1(Channel *c) { + debug("channel %d: send ieof", c->self); switch (c->istate) { case CHAN_INPUT_OPEN: case CHAN_INPUT_WAIT_DRAIN: @@ -177,13 +208,15 @@ chan_send_ieof(Channel *c) packet_send(); break; default: - error("internal error: channel %d: cannot send IEOF for istate %d", c->self, c->istate); + error("channel %d: internal error: cannot send ieof for istate %d", + c->self, c->istate); break; } } static void -chan_send_oclose(Channel *c) +chan_send_oclose1(Channel *c) { + debug("channel %d: send oclose", c->self); switch (c->ostate) { case CHAN_OUTPUT_OPEN: case CHAN_OUTPUT_WAIT_DRAIN: @@ -194,40 +227,246 @@ chan_send_oclose(Channel *c) packet_send(); break; default: - error("internal error: channel %d: cannot send OCLOSE for ostate %d", c->self, c->istate); + error("channel %d: internal error: cannot send oclose for ostate %d", + c->self, c->ostate); break; } } +static void +chan_delete_if_full_closed1(Channel *c) +{ + if (c->istate == CHAN_INPUT_CLOSED && c->ostate == CHAN_OUTPUT_CLOSED) { + debug("channel %d: full closed", c->self); + channel_free(c->self); + } +} -/* helper */ +/* + * the same for SSH2 + */ static void -chan_shutdown_write(Channel *c) +chan_rcvd_oclose2(Channel *c) { - /* shutdown failure is allowed if write failed already */ - debug("channel %d: shutdown_write", c->self); - if (shutdown(c->sock, SHUT_WR) < 0) - debug("chan_shutdown_write failed for #%d/fd%d: %.100s", - c->self, c->sock, strerror(errno)); + debug("channel %d: rcvd close", c->self); + if (c->flags & CHAN_CLOSE_RCVD) + error("channel %d: protocol error: close rcvd twice", c->self); + c->flags |= CHAN_CLOSE_RCVD; + if (c->type == SSH_CHANNEL_LARVAL) { + /* tear down larval channels immediately */ + c->ostate = CHAN_OUTPUT_CLOSED; + c->istate = CHAN_INPUT_CLOSED; + return; + } + switch (c->ostate) { + case CHAN_OUTPUT_OPEN: + /* wait until a data from the channel is consumed if a CLOSE is received */ + debug("channel %d: output open -> drain", c->self); + c->ostate = CHAN_OUTPUT_WAIT_DRAIN; + break; + } + switch (c->istate) { + case CHAN_INPUT_OPEN: + debug("channel %d: input open -> closed", c->self); + chan_shutdown_read(c); + break; + case CHAN_INPUT_WAIT_DRAIN: + debug("channel %d: input drain -> closed", c->self); + chan_send_eof2(c); + break; + } + c->istate = CHAN_INPUT_CLOSED; } static void -chan_shutdown_read(Channel *c) +chan_ibuf_empty2(Channel *c) +{ + debug("channel %d: ibuf empty", c->self); + if (buffer_len(&c->input)) { + error("channel %d: internal error: chan_ibuf_empty for non empty buffer", + c->self); + return; + } + switch (c->istate) { + case CHAN_INPUT_WAIT_DRAIN: + debug("channel %d: input drain -> closed", c->self); + if (!(c->flags & CHAN_CLOSE_SENT)) + chan_send_eof2(c); + c->istate = CHAN_INPUT_CLOSED; + break; + default: + error("channel %d: internal error: chan_ibuf_empty for istate %d", + c->self, c->istate); + break; + } +} +static void +chan_rcvd_ieof2(Channel *c) { - debug("channel %d: shutdown_read", c->self); - if (shutdown(c->sock, SHUT_RD) < 0) - error("chan_shutdown_read failed for #%d/fd%d [i%d o%d]: %.100s", - c->self, c->sock, c->istate, c->ostate, strerror(errno)); + debug("channel %d: rcvd eof", c->self); + if (c->ostate == CHAN_OUTPUT_OPEN) { + debug("channel %d: output open -> drain", c->self); + c->ostate = CHAN_OUTPUT_WAIT_DRAIN; + } } -void -chan_delete_if_full_closed(Channel *c) +static void +chan_write_failed2(Channel *c) +{ + debug("channel %d: write failed", c->self); + switch (c->ostate) { + case CHAN_OUTPUT_OPEN: + debug("channel %d: output open -> closed", c->self); + chan_shutdown_write(c); // ?? + c->ostate = CHAN_OUTPUT_CLOSED; + break; + case CHAN_OUTPUT_WAIT_DRAIN: + debug("channel %d: output drain -> closed", c->self); + chan_shutdown_write(c); + c->ostate = CHAN_OUTPUT_CLOSED; + break; + default: + error("channel %d: internal error: chan_write_failed for ostate %d", + c->self, c->ostate); + break; + } +} +static void +chan_obuf_empty2(Channel *c) +{ + debug("channel %d: obuf empty", c->self); + if (buffer_len(&c->output)) { + error("internal error: chan_obuf_empty %d for non empty buffer", + c->self); + return; + } + switch (c->ostate) { + case CHAN_OUTPUT_WAIT_DRAIN: + debug("channel %d: output drain -> closed", c->self); + chan_shutdown_write(c); + c->ostate = CHAN_OUTPUT_CLOSED; + break; + default: + error("channel %d: internal error: chan_obuf_empty for ostate %d", + c->self, c->ostate); + break; + } +} +static void +chan_send_eof2(Channel *c) +{ + debug("channel %d: send eof", c->self); + switch (c->istate) { + case CHAN_INPUT_WAIT_DRAIN: + packet_start(SSH2_MSG_CHANNEL_EOF); + packet_put_int(c->remote_id); + packet_send(); + break; + default: + error("channel %d: internal error: cannot send eof for istate %d", + c->self, c->istate); + break; + } +} +static void +chan_send_close2(Channel *c) +{ + debug("channel %d: send close", c->self); + if (c->ostate != CHAN_OUTPUT_CLOSED || + c->istate != CHAN_INPUT_CLOSED) { + error("channel %d: internal error: cannot send close for istate/ostate %d/%d", + c->self, c->istate, c->ostate); + } else if (c->flags & CHAN_CLOSE_SENT) { + error("channel %d: internal error: already sent close", c->self); + } else { + packet_start(SSH2_MSG_CHANNEL_CLOSE); + packet_put_int(c->remote_id); + packet_send(); + c->flags |= CHAN_CLOSE_SENT; + } +} +static void +chan_delete_if_full_closed2(Channel *c) { if (c->istate == CHAN_INPUT_CLOSED && c->ostate == CHAN_OUTPUT_CLOSED) { - debug("channel %d: full closed", c->self); - channel_free(c->self); + if (!(c->flags & CHAN_CLOSE_SENT)) { + chan_send_close2(c); + } + if ((c->flags & CHAN_CLOSE_SENT) && + (c->flags & CHAN_CLOSE_RCVD)) { + debug("channel %d: full closed2", c->self); + channel_free(c->self); + } } } + +/* shared */ void chan_init_iostates(Channel *c) { c->ostate = CHAN_OUTPUT_OPEN; c->istate = CHAN_INPUT_OPEN; + c->flags = 0; +} + +/* init */ +void +chan_init(void) +{ + if (compat20) { + chan_rcvd_oclose = chan_rcvd_oclose2; + chan_read_failed = chan_read_failed_12; + chan_ibuf_empty = chan_ibuf_empty2; + + chan_rcvd_ieof = chan_rcvd_ieof2; + chan_write_failed = chan_write_failed2; + chan_obuf_empty = chan_obuf_empty2; + + chan_delete_if_full_closed = chan_delete_if_full_closed2; + } else { + chan_rcvd_oclose = chan_rcvd_oclose1; + chan_read_failed = chan_read_failed_12; + chan_ibuf_empty = chan_ibuf_empty1; + + chan_rcvd_ieof = chan_rcvd_ieof1; + chan_write_failed = chan_write_failed1; + chan_obuf_empty = chan_obuf_empty1; + + chan_delete_if_full_closed = chan_delete_if_full_closed1; + } +} + +/* helper */ +static void +chan_shutdown_write(Channel *c) +{ + buffer_consume(&c->output, buffer_len(&c->output)); + if (compat20 && c->type == SSH_CHANNEL_LARVAL) + return; + /* shutdown failure is allowed if write failed already */ + debug("channel %d: close_write", c->self); + if (c->sock != -1) { + if (shutdown(c->sock, SHUT_WR) < 0) + debug("channel %d: chan_shutdown_write: shutdown() failed for fd%d: %.100s", + c->self, c->sock, strerror(errno)); + } else { + if (close(c->wfd) < 0) + log("channel %d: chan_shutdown_write: close() failed for fd%d: %.100s", + c->self, c->wfd, strerror(errno)); + c->wfd = -1; + } +} +static void +chan_shutdown_read(Channel *c) +{ + if (compat20 && c->type == SSH_CHANNEL_LARVAL) + return; + debug("channel %d: close_read", c->self); + if (c->sock != -1) { + if (shutdown(c->sock, SHUT_RD) < 0) + error("channel %d: chan_shutdown_read: shutdown() failed for fd%d [i%d o%d]: %.100s", + c->self, c->sock, c->istate, c->ostate, strerror(errno)); + } else { + if (close(c->rfd) < 0) + log("channel %d: chan_shutdown_read: close() failed for fd%d: %.100s", + c->self, c->rfd, strerror(errno)); + c->rfd = -1; + } } @@ -27,7 +27,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -/* RCSID("$Id: nchan.h,v 1.4 2000/04/01 01:09:24 damien Exp $"); */ +/* RCSID("$Id: nchan.h,v 1.5 2000/04/04 04:39:02 damien Exp $"); */ #ifndef NCHAN_H #define NCHAN_H @@ -72,17 +72,25 @@ #define CHAN_OUTPUT_WAIT_IEOF 0x40 #define CHAN_OUTPUT_CLOSED 0x80 -/* EVENTS for the input state */ -void chan_rcvd_oclose(Channel * c); -void chan_read_failed(Channel * c); -void chan_ibuf_empty(Channel * c); +#define CHAN_CLOSE_SENT 0x01 +#define CHAN_CLOSE_RCVD 0x02 -/* EVENTS for the output state */ -void chan_rcvd_ieof(Channel * c); -void chan_write_failed(Channel * c); -void chan_obuf_empty(Channel * c); -void chan_init_iostates(Channel * c); +/* Channel EVENTS */ +typedef void chan_event_fn(Channel * c); + +/* for the input state */ +extern chan_event_fn *chan_rcvd_oclose; +extern chan_event_fn *chan_read_failed; +extern chan_event_fn *chan_ibuf_empty; + +/* for the output state */ +extern chan_event_fn *chan_rcvd_ieof; +extern chan_event_fn *chan_write_failed; +extern chan_event_fn *chan_obuf_empty; -void chan_delete_if_full_closed(Channel *c); +extern chan_event_fn *chan_delete_if_full_closed; + +void chan_init_iostates(Channel * c); +void chan_init(void); #endif diff --git a/nchan2.ms b/nchan2.ms new file mode 100644 index 000000000..1b119d135 --- /dev/null +++ b/nchan2.ms @@ -0,0 +1,64 @@ +.TL +OpenSSH Channel Close Protocol 2.0 Implementation +.SH +Channel Input State Diagram +.PS +reset +l=1 +s=1.2 +ellipsewid=s*ellipsewid +boxwid=s*boxwid +ellipseht=s*ellipseht +S1: ellipse "INPUT" "OPEN" +move right 2*l from last ellipse.e +S3: ellipse invis +move down l from last ellipse.s +S4: ellipse "INPUT" "CLOSED" +move down l from 1st ellipse.s +S2: ellipse "INPUT" "WAIT" "DRAIN" +arrow from S1.e to S4.n +box invis "rcvd CLOSE/" "shutdown_read" with .sw at last arrow.c +arrow "ibuf_empty ||" "rcvd CLOSE/" "send EOF" "" from S2.e to S4.w +arrow from S1.s to S2.n +box invis "read_failed/" "shutdown_read" with .e at last arrow.c +ellipse wid .9*ellipsewid ht .9*ellipseht at S4 +arrow "start" "" from S1.w+(-0.5,0) to S1.w +.PE +.SH +Channel Output State Diagram +.PS +S1: ellipse "OUTPUT" "OPEN" +move right 2*l from last ellipse.e +S3: ellipse invis +move down l from last ellipse.s +S4: ellipse "OUTPUT" "CLOSED" +move down l from 1st ellipse.s +S2: ellipse "OUTPUT" "WAIT" "DRAIN" +arrow from S1.e to S4.n +box invis "write_failed/" "shutdown_write" with .sw at last arrow.c +arrow "obuf_empty ||" "write_failed/" "shutdown_write" "" from S2.e to S4.w +arrow from S1.s to S2.n +box invis "rcvd EOF ||" "rcvd CLOSE/" "-" with .e at last arrow.c +ellipse wid .9*ellipsewid ht .9*ellipseht at S4 +arrow "start" "" from S1.w+(-0.5,0) to S1.w +.PE +.SH +Notes +.PP +The input buffer is filled with data from the socket +(the socket represents the local consumer/producer of the +forwarded channel). +The data is then sent over the INPUT-end (transmit-end) of the channel to the +remote peer. +Data sent by the peer is received on the OUTPUT-end (receive-end), +saved in the output buffer and written to the socket. +.PP +If the local protocol instance has forwarded all data on the +INPUT-end of the channel, it sends an EOF message to the peer. +.PP +A CLOSE message is sent to the peer if +both the INPUT- and the OUTOUT-half of the local +end of the channel are closed. +.PP +The channel can be deallocated by a protocol instance +if a CLOSE message he been both sent and received. @@ -11,11 +11,13 @@ * * This file contains code implementing the packet protocol and communication * with the other side. This same code is used both on client and server side. - * + * + * SSH2 packet format added by Markus Friedl. + * */ #include "includes.h" -RCSID("$Id: packet.c,v 1.13 2000/04/01 01:09:25 damien Exp $"); +RCSID("$Id: packet.c,v 1.14 2000/04/04 04:39:03 damien Exp $"); #include "xmalloc.h" #include "buffer.h" @@ -30,6 +32,22 @@ RCSID("$Id: packet.c,v 1.13 2000/04/01 01:09:25 damien Exp $"); #include "deattack.h" #include "channels.h" +#include "compat.h" +#include "ssh2.h" + +#include <ssl/bn.h> +#include <ssl/dh.h> +#include <ssl/hmac.h> +#include "buffer.h" +#include "kex.h" +#include "hmac.h" + +#ifdef PACKET_DEBUG +#define DBG(x) x +#else +#define DBG(x) +#endif + /* * This variable contains the file descriptors used for communicating with * the other side. connection_in is used for reading; connection_out for @@ -81,11 +99,45 @@ static int initialized = 0; /* Set to true if the connection is interactive. */ static int interactive_mode = 0; +/* True if SSH2 packet format is used */ +int use_ssh2_packet_format = 0; + +/* Session key information for Encryption and MAC */ +Kex *kex = NULL; + +void +packet_set_kex(Kex *k) +{ + if( k->mac[MODE_IN ].key == NULL || + k->enc[MODE_IN ].key == NULL || + k->enc[MODE_IN ].iv == NULL || + k->mac[MODE_OUT].key == NULL || + k->enc[MODE_OUT].key == NULL || + k->enc[MODE_OUT].iv == NULL) + fatal("bad KEX"); + kex = k; +} +void +clear_enc_keys(Enc *enc, int len) +{ + memset(enc->iv, 0, len); + memset(enc->key, 0, len); + xfree(enc->iv); + xfree(enc->key); + enc->iv = NULL; + enc->key = NULL; +} +void +packet_set_ssh2_format(void) +{ + debug("use_ssh2_packet_format"); + use_ssh2_packet_format = 1; +} + /* * Sets the descriptors used for communication. Disables encryption until * packet_set_encryption_key is called. */ - void packet_set_connection(int fd_in, int fd_out) { @@ -225,6 +277,7 @@ packet_get_protocol_flags() * Level is compression level 1 (fastest) - 9 (slow, best) as in gzip. */ +/*** XXXXX todo: kex means re-init */ void packet_start_compression(int level) { @@ -242,7 +295,7 @@ packet_start_compression(int level) void packet_encrypt(CipherContext * cc, void *dest, void *src, - unsigned int bytes) + unsigned int bytes) { cipher_encrypt(cc, dest, src, bytes); } @@ -254,7 +307,7 @@ packet_encrypt(CipherContext * cc, void *dest, void *src, void packet_decrypt(CipherContext * cc, void *dest, void *src, - unsigned int bytes) + unsigned int bytes) { int i; @@ -266,15 +319,11 @@ packet_decrypt(CipherContext * cc, void *dest, void *src, * (C)1998 CORE-SDI, Buenos Aires Argentina Ariel Futoransky(futo@core-sdi.com) */ - switch (cc->type) { - case SSH_CIPHER_NONE: + if (cc->type == SSH_CIPHER_NONE || compat20) { i = DEATTACK_OK; - break; - default: + } else { i = detect_attack(src, bytes, NULL); - break; } - if (i == DEATTACK_DETECTED) packet_disconnect("crc32 compensation attack: network attack detected"); @@ -289,8 +338,11 @@ packet_decrypt(CipherContext * cc, void *dest, void *src, void packet_set_encryption_key(const unsigned char *key, unsigned int keylen, - int cipher) + int cipher) { + if (keylen < 20) + fatal("keylen too small: %d", keylen); + /* All other ciphers use the same key in both directions for now. */ cipher_set_key(&receive_context, cipher, key, keylen, 0); cipher_set_key(&send_context, cipher, key, keylen, 1); @@ -299,7 +351,7 @@ packet_set_encryption_key(const unsigned char *key, unsigned int keylen, /* Starts constructing a packet to send. */ void -packet_start(int type) +packet_start1(int type) { char buf[9]; @@ -309,6 +361,29 @@ packet_start(int type) buffer_append(&outgoing_packet, buf, 9); } +void +packet_start2(int type) +{ + char buf[4+1+1]; + + buffer_clear(&outgoing_packet); + memset(buf, 0, sizeof buf); + /* buf[0..3] = payload_len; */ + /* buf[4] = pad_len; */ + buf[5] = type & 0xff; + buffer_append(&outgoing_packet, buf, sizeof buf); +} + +void +packet_start(int type) +{ + DBG(debug("packet_start[%d]",type)); + if (use_ssh2_packet_format) + packet_start2(type); + else + packet_start1(type); +} + /* Appends a character to the packet data. */ void @@ -333,6 +408,18 @@ packet_put_string(const char *buf, unsigned int len) { buffer_put_string(&outgoing_packet, buf, len); } +void +packet_put_cstring(const char *str) +{ + buffer_put_string(&outgoing_packet, str, strlen(str)); +} + +void +packet_put_raw(const char *buf, unsigned int len) +{ + buffer_append(&outgoing_packet, buf, len); +} + /* Appends an arbitrary precision integer to packet data. */ @@ -341,6 +428,11 @@ packet_put_bignum(BIGNUM * value) { buffer_put_bignum(&outgoing_packet, value); } +void +packet_put_bignum2(BIGNUM * value) +{ + buffer_put_bignum2(&outgoing_packet, value); +} /* * Finalizes and sends the packet. If the encryption key has been set, @@ -348,7 +440,7 @@ packet_put_bignum(BIGNUM * value) */ void -packet_send() +packet_send1() { char buf[8], *cp; int i, padding, len; @@ -419,6 +511,139 @@ packet_send() } /* + * Finalize packet in SSH2 format (compress, mac, encrypt, enqueue) + */ +void +packet_send2() +{ + unsigned char *macbuf = NULL; + char *cp; + unsigned int packet_length = 0; + unsigned int i, padlen, len; + u_int32_t rand = 0; + static unsigned int seqnr = 0; + int type; + Enc *enc = NULL; + Mac *mac = NULL; + Comp *comp = NULL; + int block_size; + + if (kex != NULL) { + enc = &kex->enc[MODE_OUT]; + mac = &kex->mac[MODE_OUT]; + comp = &kex->comp[MODE_OUT]; + } + block_size = enc ? enc->block_size : 8; + + cp = buffer_ptr(&outgoing_packet); + type = cp[5] & 0xff; + +#ifdef PACKET_DEBUG + fprintf(stderr, "plain: "); + buffer_dump(&outgoing_packet); +#endif + + if (comp && comp->enabled) { + len = buffer_len(&outgoing_packet); + /* skip header, compress only payload */ + buffer_consume(&outgoing_packet, 5); + buffer_clear(&compression_buffer); + buffer_compress(&outgoing_packet, &compression_buffer); + buffer_clear(&outgoing_packet); + buffer_append(&outgoing_packet, "\0\0\0\0\0", 5); + buffer_append(&outgoing_packet, buffer_ptr(&compression_buffer), + buffer_len(&compression_buffer)); + DBG(debug("compression: raw %d compressed %d", len, + buffer_len(&outgoing_packet))); + } + + /* sizeof (packet_len + pad_len + payload) */ + len = buffer_len(&outgoing_packet); + + /* + * calc size of padding, alloc space, get random data, + * minimum padding is 4 bytes + */ + padlen = block_size - (len % block_size); + if (padlen < 4) + padlen += block_size; + buffer_append_space(&outgoing_packet, &cp, padlen); + if (enc && enc->type != SSH_CIPHER_NONE) { + for (i = 0; i < padlen; i++) { + if (i % 4 == 0) + rand = arc4random(); + cp[i] = rand & 0xff; + rand <<= 8; + } + } + /* packet_length includes payload, padding and padding length field */ + packet_length = buffer_len(&outgoing_packet) - 4; + cp = buffer_ptr(&outgoing_packet); + PUT_32BIT(cp, packet_length); + cp[4] = padlen & 0xff; + DBG(debug("send: len %d (includes padlen %d)", packet_length+4, padlen)); + + /* compute MAC over seqnr and packet(length fields, payload, padding) */ + if (mac && mac->enabled) { + macbuf = hmac( mac->md, seqnr, + (unsigned char *) buffer_ptr(&outgoing_packet), + buffer_len(&outgoing_packet), + mac->key, mac->key_len + ); + DBG(debug("done calc HMAC out #%d", seqnr)); + } + /* encrypt packet and append to output buffer. */ + buffer_append_space(&output, &cp, buffer_len(&outgoing_packet)); + packet_encrypt(&send_context, cp, buffer_ptr(&outgoing_packet), + buffer_len(&outgoing_packet)); + /* append unencrypted MAC */ + if (mac && mac->enabled) + buffer_append(&output, (char *)macbuf, mac->mac_len); +#ifdef PACKET_DEBUG + fprintf(stderr, "encrypted: "); + buffer_dump(&output); +#endif + /* increment sequence number for outgoing packets */ + if (++seqnr == 0) + log("outgoing seqnr wraps around"); + buffer_clear(&outgoing_packet); + + if (type == SSH2_MSG_NEWKEYS) { + if (kex==NULL || mac==NULL || enc==NULL || comp==NULL) + fatal("packet_send2: no KEX"); + if (mac->md != NULL) + mac->enabled = 1; + debug("cipher_set_key_iv send_context"); + cipher_set_key_iv(&send_context, enc->type, + enc->key, enc->key_len, + enc->iv, enc->iv_len); + clear_enc_keys(enc, kex->we_need); + if (comp->type != 0 && comp->enabled == 0) { + comp->enabled = 1; + if (! packet_compression) + packet_start_compression(6); + } + } +} + +void +packet_send() +{ + if (use_ssh2_packet_format) + packet_send2(); + else + packet_send1(); + DBG(debug("packet_send done")); +} + +void +packet_send_and_wait() +{ + packet_send(); + packet_write_wait(); +} + +/* * Waits until a packet has been received, and returns its type. Note that * no other data is processed until this returns, so this function should not * be used during the interactive session. @@ -430,6 +655,7 @@ packet_read(int *payload_len_ptr) int type, len; fd_set set; char buf[8192]; + DBG(debug("packet_read()")); /* Since we are blocking, ensure that all written packets have been sent. */ packet_write_wait(); @@ -483,7 +709,7 @@ packet_read_expect(int *payload_len_ptr, int expected_type) type = packet_read(payload_len_ptr); if (type != expected_type) packet_disconnect("Protocol error: expected packet type %d, got %d", - expected_type, type); + expected_type, type); } /* Checks if a full packet is available in the data received so far via @@ -502,15 +728,13 @@ packet_read_expect(int *payload_len_ptr, int expected_type) */ int -packet_read_poll(int *payload_len_ptr) +packet_read_poll1(int *payload_len_ptr) { unsigned int len, padded_len; unsigned char *ucp; - char buf[8], *cp, *msg; + char buf[8], *cp; unsigned int checksum, stored_checksum; -restart: - /* Check if input size is less than minimum packet size. */ if (buffer_len(&input) < 4 + 8) return SSH_MSG_NONE; @@ -543,7 +767,7 @@ restart: /* Compute packet checksum. */ checksum = crc32((unsigned char *) buffer_ptr(&incoming_packet), - buffer_len(&incoming_packet) - 4); + buffer_len(&incoming_packet) - 4); /* Skip padding. */ buffer_consume(&incoming_packet, 8 - len % 8); @@ -552,7 +776,7 @@ restart: if (len != buffer_len(&incoming_packet)) packet_disconnect("packet_read_poll: len %d != buffer_len %d.", - len, buffer_len(&incoming_packet)); + len, buffer_len(&incoming_packet)); ucp = (unsigned char *) buffer_ptr(&incoming_packet) + len - 4; stored_checksum = GET_32BIT(ucp); @@ -566,7 +790,7 @@ restart: buffer_uncompress(&incoming_packet, &compression_buffer); buffer_clear(&incoming_packet); buffer_append(&incoming_packet, buffer_ptr(&compression_buffer), - buffer_len(&compression_buffer)); + buffer_len(&compression_buffer)); } /* Get packet type. */ buffer_get(&incoming_packet, &buf[0], 1); @@ -574,29 +798,208 @@ restart: /* Return length of payload (without type field). */ *payload_len_ptr = buffer_len(&incoming_packet); - /* Handle disconnect message. */ - if ((unsigned char) buf[0] == SSH_MSG_DISCONNECT) { - msg = packet_get_string(NULL); - log("Received disconnect: %.900s", msg); - xfree(msg); - fatal_cleanup(); - } - - /* Ignore ignore messages. */ - if ((unsigned char) buf[0] == SSH_MSG_IGNORE) - goto restart; - - /* Send debug messages as debugging output. */ - if ((unsigned char) buf[0] == SSH_MSG_DEBUG) { - msg = packet_get_string(NULL); - debug("Remote: %.900s", msg); - xfree(msg); - goto restart; - } /* Return type. */ return (unsigned char) buf[0]; } +int +packet_read_poll2(int *payload_len_ptr) +{ + unsigned int padlen, need; + unsigned char buf[8], *macbuf; + unsigned char *ucp; + char *cp; + static unsigned int packet_length = 0; + static unsigned int seqnr = 0; + int type; + int maclen, block_size; + Enc *enc = NULL; + Mac *mac = NULL; + Comp *comp = NULL; + + if (kex != NULL) { + enc = &kex->enc[MODE_IN]; + mac = &kex->mac[MODE_IN]; + comp = &kex->comp[MODE_IN]; + } + maclen = mac && mac->enabled ? mac->mac_len : 0; + block_size = enc ? enc->block_size : 8; + + if (packet_length == 0) { + /* + * check if input size is less than the cipher block size, + * decrypt first block and extract length of incoming packet + */ + if (buffer_len(&input) < block_size) + return SSH_MSG_NONE; + buffer_clear(&incoming_packet); + buffer_append_space(&incoming_packet, &cp, block_size); + packet_decrypt(&receive_context, cp, buffer_ptr(&input), + block_size); + ucp = (unsigned char *) buffer_ptr(&incoming_packet); + packet_length = GET_32BIT(ucp); + if (packet_length < 1 + 4 || packet_length > 256 * 1024) { + buffer_dump(&incoming_packet); + packet_disconnect("Bad packet length %d.", packet_length); + } + DBG(debug("input: packet len %d", packet_length+4)); + buffer_consume(&input, block_size); + } + /* we have a partial packet of block_size bytes */ + need = 4 + packet_length - block_size; + DBG(debug("partial packet %d, need %d, maclen %d", block_size, + need, maclen)); + if (need % block_size != 0) + fatal("padding error: need %d block %d mod %d", + need, block_size, need % block_size); + /* + * check if the entire packet has been received and + * decrypt into incoming_packet + */ + if (buffer_len(&input) < need + maclen) + return SSH_MSG_NONE; +#ifdef PACKET_DEBUG + fprintf(stderr, "read_poll enc/full: "); + buffer_dump(&input); +#endif + buffer_append_space(&incoming_packet, &cp, need); + packet_decrypt(&receive_context, cp, buffer_ptr(&input), need); + buffer_consume(&input, need); + /* + * compute MAC over seqnr and packet, + * increment sequence number for incoming packet + */ + if (mac && mac->enabled) { + macbuf = hmac( mac->md, seqnr, + (unsigned char *) buffer_ptr(&incoming_packet), + buffer_len(&incoming_packet), + mac->key, mac->key_len + ); + if (memcmp(macbuf, buffer_ptr(&input), mac->mac_len) != 0) + packet_disconnect("Corrupted HMAC on input."); + DBG(debug("HMAC #%d ok", seqnr)); + buffer_consume(&input, mac->mac_len); + } + if (++seqnr == 0) + log("incoming seqnr wraps around"); + + /* get padlen */ + cp = buffer_ptr(&incoming_packet) + 4; + padlen = *cp & 0xff; + DBG(debug("input: padlen %d", padlen)); + if (padlen < 4) + packet_disconnect("Corrupted padlen %d on input.", padlen); + + /* skip packet size + padlen, discard padding */ + buffer_consume(&incoming_packet, 4 + 1); + buffer_consume_end(&incoming_packet, padlen); + + DBG(debug("input: len before de-compress %d", buffer_len(&incoming_packet))); + if (comp && comp->enabled) { + buffer_clear(&compression_buffer); + buffer_uncompress(&incoming_packet, &compression_buffer); + buffer_clear(&incoming_packet); + buffer_append(&incoming_packet, buffer_ptr(&compression_buffer), + buffer_len(&compression_buffer)); + DBG(debug("input: len after de-compress %d", buffer_len(&incoming_packet))); + } + /* + * get packet type, implies consume. + * return length of payload (without type field) + */ + buffer_get(&incoming_packet, (char *)&buf[0], 1); + *payload_len_ptr = buffer_len(&incoming_packet); + + /* reset for next packet */ + packet_length = 0; + + /* extract packet type */ + type = (unsigned char)buf[0]; + + if (type == SSH2_MSG_NEWKEYS) { + if (kex==NULL || mac==NULL || enc==NULL || comp==NULL) + fatal("packet_read_poll2: no KEX"); + if (mac->md != NULL) + mac->enabled = 1; + debug("cipher_set_key_iv receive_context"); + cipher_set_key_iv(&receive_context, enc->type, + enc->key, enc->key_len, + enc->iv, enc->iv_len); + clear_enc_keys(enc, kex->we_need); + if (comp->type != 0 && comp->enabled == 0) { + comp->enabled = 1; + if (! packet_compression) + packet_start_compression(6); + } + } + +#ifdef PACKET_DEBUG + fprintf(stderr, "read/plain[%d]:\r\n",type); + buffer_dump(&incoming_packet); +#endif + return (unsigned char)type; +} + +int +packet_read_poll(int *payload_len_ptr) +{ + char *msg; + for (;;) { + int type = use_ssh2_packet_format ? + packet_read_poll2(payload_len_ptr): + packet_read_poll1(payload_len_ptr); + + if(compat20) { + int reason; + if (type != 0) + DBG(debug("received packet type %d", type)); + switch(type) { + case SSH2_MSG_IGNORE: + break; + case SSH2_MSG_DEBUG: + packet_get_char(); + msg = packet_get_string(NULL); + debug("Remote: %.900s", msg); + xfree(msg); + msg = packet_get_string(NULL); + xfree(msg); + break; + case SSH2_MSG_DISCONNECT: + reason = packet_get_int(); + msg = packet_get_string(NULL); + log("Received disconnect: %d: %.900s", reason, msg); + xfree(msg); + fatal_cleanup(); + break; + default: + return type; + break; + } + } else { + switch(type) { + case SSH_MSG_IGNORE: + break; + case SSH_MSG_DEBUG: + msg = packet_get_string(NULL); + debug("Remote: %.900s", msg); + xfree(msg); + break; + case SSH_MSG_DISCONNECT: + msg = packet_get_string(NULL); + log("Received disconnect: %.900s", msg); + fatal_cleanup(); + xfree(msg); + break; + default: + if (type != 0) + DBG(debug("received packet type %d", type)); + return type; + break; + } + } + } +} + /* * Buffers the given amount of input characters. This is intended to be used * together with packet_read_poll. @@ -637,6 +1040,21 @@ packet_get_bignum(BIGNUM * value, int *length_ptr) *length_ptr = buffer_get_bignum(&incoming_packet, value); } +void +packet_get_bignum2(BIGNUM * value, int *length_ptr) +{ + *length_ptr = buffer_get_bignum2(&incoming_packet, value); +} + +char * +packet_get_raw(int *length_ptr) +{ + int bytes = buffer_len(&incoming_packet); + if (length_ptr != NULL) + *length_ptr = bytes; + return buffer_ptr(&incoming_packet); +} + /* * Returns a string from the packet data. The string is allocated using * xmalloc; it is the responsibility of the calling program to free it when @@ -701,8 +1119,15 @@ packet_disconnect(const char *fmt,...) va_end(args); /* Send the disconnect message to the other side, and wait for it to get sent. */ - packet_start(SSH_MSG_DISCONNECT); - packet_put_string(buf, strlen(buf)); + if (compat20) { + packet_start(SSH2_MSG_DISCONNECT); + packet_put_int(SSH2_DISCONNECT_PROTOCOL_ERROR); + packet_put_cstring(buf); + packet_put_cstring(""); + } else { + packet_start(SSH_MSG_DISCONNECT); + packet_put_string(buf, strlen(buf)); + } packet_send(); packet_write_wait(); @@ -833,7 +1258,8 @@ packet_set_maxsize(int s) { static int called = 0; if (called) { - log("packet_set_maxsize: called twice: old %d new %d", max_packet_size, s); + log("packet_set_maxsize: called twice: old %d new %d", + max_packet_size, s); return -1; } if (s < 4 * 1024 || s > 1024 * 1024) { @@ -13,7 +13,7 @@ * */ -/* RCSID("$Id: packet.h,v 1.10 2000/03/17 12:40:16 damien Exp $"); */ +/* RCSID("$Id: packet.h,v 1.11 2000/04/04 04:39:03 damien Exp $"); */ #ifndef PACKET_H #define PACKET_H @@ -90,9 +90,12 @@ void packet_put_int(unsigned int value); /* Appends an arbitrary precision integer to packet data. */ void packet_put_bignum(BIGNUM * value); +void packet_put_bignum2(BIGNUM * value); /* Appends a string to packet data. */ void packet_put_string(const char *buf, unsigned int len); +void packet_put_cstring(const char *str); +void packet_put_raw(const char *buf, unsigned int len); /* * Finalizes and sends the packet. If the encryption key has been set, @@ -136,6 +139,8 @@ unsigned int packet_get_int(void); * must have been initialized before this call. */ void packet_get_bignum(BIGNUM * value, int *length_ptr); +void packet_get_bignum2(BIGNUM * value, int *length_ptr); +char *packet_get_raw(int *length_ptr); /* * Returns a string from the packet data. The string is allocated using @@ -202,4 +207,7 @@ do { \ int packet_connection_is_on_socket(void); int packet_connection_is_ipv4(void); +/* enable SSH2 packet format */ +void packet_set_ssh2_format(void); + #endif /* PACKET_H */ |