1 #include <u.h> 2 #include <libc.h> 3 #include <mp.h> 4 #include <auth.h> 5 #include <libsec.h> 6 7 enum /* internal debugging flags */ 8 { 9 DBG= 1<<0, 10 DBG_CRYPTO= 1<<1, 11 DBG_PACKET= 1<<2, 12 DBG_AUTH= 1<<3, 13 DBG_PROC= 1<<4, 14 DBG_PROTO= 1<<5, 15 DBG_IO= 1<<6, 16 DBG_SCP= 1<<7, 17 }; 18 19 enum /* protocol packet types */ 20 { 21 /* 0 */ 22 SSH_MSG_NONE=0, 23 SSH_MSG_DISCONNECT, 24 SSH_SMSG_PUBLIC_KEY, 25 SSH_CMSG_SESSION_KEY, 26 SSH_CMSG_USER, 27 SSH_CMSG_AUTH_RHOSTS, 28 SSH_CMSG_AUTH_RSA, 29 SSH_SMSG_AUTH_RSA_CHALLENGE, 30 SSH_CMSG_AUTH_RSA_RESPONSE, 31 SSH_CMSG_AUTH_PASSWORD, 32 33 /* 10 */ 34 SSH_CMSG_REQUEST_PTY, 35 SSH_CMSG_WINDOW_SIZE, 36 SSH_CMSG_EXEC_SHELL, 37 SSH_CMSG_EXEC_CMD, 38 SSH_SMSG_SUCCESS, 39 SSH_SMSG_FAILURE, 40 SSH_CMSG_STDIN_DATA, 41 SSH_SMSG_STDOUT_DATA, 42 SSH_SMSG_STDERR_DATA, 43 SSH_CMSG_EOF, 44 45 /* 20 */ 46 SSH_SMSG_EXITSTATUS, 47 SSH_MSG_CHANNEL_OPEN_CONFIRMATION, 48 SSH_MSG_CHANNEL_OPEN_FAILURE, 49 SSH_MSG_CHANNEL_DATA, 50 SSH_MSG_CHANNEL_INPUT_EOF, 51 SSH_MSG_CHANNEL_OUTPUT_CLOSED, 52 SSH_MSG_UNIX_DOMAIN_X11_FORWARDING, /* obsolete */ 53 SSH_SMSG_X11_OPEN, 54 SSH_CMSG_PORT_FORWARD_REQUEST, 55 SSH_MSG_PORT_OPEN, 56 57 /* 30 */ 58 SSH_CMSG_AGENT_REQUEST_FORWARDING, 59 SSH_SMSG_AGENT_OPEN, 60 SSH_MSG_IGNORE, 61 SSH_CMSG_EXIT_CONFIRMATION, 62 SSH_CMSG_X11_REQUEST_FORWARDING, 63 SSH_CMSG_AUTH_RHOSTS_RSA, 64 SSH_MSG_DEBUG, 65 SSH_CMSG_REQUEST_COMPRESSION, 66 SSH_CMSG_MAX_PACKET_SIZE, 67 SSH_CMSG_AUTH_TIS, 68 69 /* 40 */ 70 SSH_SMSG_AUTH_TIS_CHALLENGE, 71 SSH_CMSG_AUTH_TIS_RESPONSE, 72 SSH_CMSG_AUTH_KERBEROS, 73 SSH_SMSG_AUTH_KERBEROS_RESPONSE, 74 SSH_CMSG_HAVE_KERBEROS_TGT, 75 }; 76 77 enum /* protocol flags */ 78 { 79 SSH_PROTOFLAG_SCREEN_NUMBER=1<<0, 80 SSH_PROTOFLAG_HOST_IN_FWD_OPEN=1<<1, 81 }; 82 83 enum /* agent protocol packet types */ 84 { 85 SSH_AGENTC_NONE = 0, 86 SSH_AGENTC_REQUEST_RSA_IDENTITIES, 87 SSH_AGENT_RSA_IDENTITIES_ANSWER, 88 SSH_AGENTC_RSA_CHALLENGE, 89 SSH_AGENT_RSA_RESPONSE, 90 SSH_AGENT_FAILURE, 91 SSH_AGENT_SUCCESS, 92 SSH_AGENTC_ADD_RSA_IDENTITY, 93 SSH_AGENTC_REMOVE_RSA_IDENTITY, 94 }; 95 96 enum /* protocol constants */ 97 { 98 SSH_MAX_DATA = 256*1024, 99 SSH_MAX_MSG = SSH_MAX_DATA+4, 100 101 SESSKEYLEN = 32, 102 SESSIDLEN = 16, 103 104 COOKIELEN = 8, 105 }; 106 107 enum /* crypto ids */ 108 { 109 SSH_CIPHER_NONE = 0, 110 SSH_CIPHER_IDEA, 111 SSH_CIPHER_DES, 112 SSH_CIPHER_3DES, 113 SSH_CIPHER_TSS, 114 SSH_CIPHER_RC4, 115 SSH_CIPHER_BLOWFISH, 116 SSH_CIPHER_TWIDDLE, /* for debugging */ 117 }; 118 119 enum /* auth method ids */ 120 { 121 SSH_AUTH_RHOSTS = 1, 122 SSH_AUTH_RSA = 2, 123 SSH_AUTH_PASSWORD = 3, 124 SSH_AUTH_RHOSTS_RSA = 4, 125 SSH_AUTH_TIS = 5, 126 SSH_AUTH_USER_RSA = 6, 127 }; 128 129 typedef struct Auth Auth; 130 typedef struct Authsrv Authsrv; 131 typedef struct Cipher Cipher; 132 typedef struct CipherState CipherState; 133 typedef struct Conn Conn; 134 typedef struct Msg Msg; 135 136 #pragma incomplete CipherState 137 138 struct Auth 139 { 140 int id; 141 char *name; 142 int (*fn)(Conn*); 143 }; 144 145 struct Authsrv 146 { 147 int id; 148 char *name; 149 int firstmsg; 150 AuthInfo *(*fn)(Conn*, Msg*); 151 }; 152 153 struct Cipher 154 { 155 int id; 156 char *name; 157 CipherState *(*init)(Conn*, int isserver); 158 void (*encrypt)(CipherState*, uchar*, int); 159 void (*decrypt)(CipherState*, uchar*, int); 160 }; 161 162 struct Conn 163 { 164 QLock; 165 int fd[2]; 166 CipherState *cstate; 167 uchar cookie[COOKIELEN]; 168 uchar sessid[SESSIDLEN]; 169 uchar sesskey[SESSKEYLEN]; 170 RSApub *serverkey; 171 RSApub *hostkey; 172 ulong flags; 173 ulong ciphermask; 174 Cipher *cipher; /* chosen cipher */ 175 Cipher **okcipher; /* list of acceptable ciphers */ 176 int nokcipher; 177 ulong authmask; 178 Auth **okauth; 179 int nokauth; 180 char *user; 181 char *host; 182 char *aliases; 183 int interactive; 184 Msg *unget; 185 186 RSApriv *serverpriv; /* server only */ 187 RSApriv *hostpriv; 188 Authsrv **okauthsrv; 189 int nokauthsrv; 190 }; 191 192 struct Msg 193 { 194 Conn *c; 195 uchar type; 196 ulong len; /* output: #bytes before pos, input: #bytes after pos */ 197 uchar *bp; /* beginning of allocated space */ 198 uchar *rp; /* read pointer */ 199 uchar *wp; /* write pointer */ 200 uchar *ep; /* end of allocated space */ 201 Msg *link; /* for sshnet */ 202 }; 203 204 #define LONG(p) (((p)[0]<<24)|((p)[1]<<16)|((p)[2]<<8)|((p)[3])) 205 #define PLONG(p, l) \ 206 (((p)[0]=(l)>>24),((p)[1]=(l)>>16),\ 207 ((p)[2]=(l)>>8),((p)[3]=(l))) 208 #define SHORT(p) (((p)[0]<<8)|(p)[1]) 209 #define PSHORT(p,l) \ 210 (((p)[0]=(l)>>8),((p)[1]=(l))) 211 212 extern char Edecode[]; 213 extern char Eencode[]; 214 extern char Ememory[]; 215 extern char Ehangup[]; 216 extern int doabort; 217 extern int debuglevel; 218 219 extern Auth authpassword; 220 extern Auth authrsa; 221 extern Auth authtis; 222 223 extern Authsrv authsrvpassword; 224 extern Authsrv authsrvtis; 225 226 extern Cipher cipher3des; 227 extern Cipher cipherblowfish; 228 extern Cipher cipherdes; 229 extern Cipher cipherrc4; 230 extern Cipher ciphernone; 231 extern Cipher ciphertwiddle; 232 233 /* msg.c */ 234 Msg* allocmsg(Conn*, int, int); 235 void badmsg(Msg*, int); 236 Msg* recvmsg(Conn*, int); 237 void unrecvmsg(Conn*, Msg*); 238 int sendmsg(Msg*); 239 uchar getbyte(Msg*); 240 ushort getshort(Msg*); 241 ulong getlong(Msg*); 242 char* getstring(Msg*); 243 void* getbytes(Msg*, int); 244 mpint* getmpint(Msg*); 245 RSApub* getRSApub(Msg*); 246 void putbyte(Msg*, uchar); 247 void putshort(Msg*, ushort); 248 void putlong(Msg*, ulong); 249 void putstring(Msg*, char*); 250 void putbytes(Msg*, void*, long); 251 void putmpint(Msg*, mpint*); 252 void putRSApub(Msg*, RSApub*); 253 mpint* rsapad(mpint*, int); 254 mpint* rsaunpad(mpint*); 255 void mptoberjust(mpint*, uchar*, int); 256 mpint* rsaencryptbuf(RSApub*, uchar*, int); 257 258 /* cmsg.c */ 259 void sshclienthandshake(Conn*); 260 void requestpty(Conn*); 261 int readgeom(int*, int*, int*, int*); 262 void sendwindowsize(Conn*, int, int, int, int); 263 int rawhack; 264 265 /* smsg.c */ 266 void sshserverhandshake(Conn*); 267 268 /* pubkey.c */ 269 enum 270 { 271 KeyOk, 272 KeyWrong, 273 NoKey, 274 NoKeyFile, 275 }; 276 int appendkey(char*, char*, RSApub*); 277 int findkey(char*, char*, RSApub*); 278 int replacekey(char*, char*, RSApub*); 279 280 /* agent.c */ 281 int startagent(Conn*); 282 void handleagentmsg(Msg*); 283 void handleagentopen(Msg*); 284 void handleagentieof(Msg*); 285 void handleagentoclose(Msg*); 286 287 /* util.c */ 288 void debug(int, char*, ...); 289 void* emalloc(long); 290 void* erealloc(void*, long); 291 void error(char*, ...); 292 RSApriv* readsecretkey(char*); 293 int readstrnl(int, char*, int); 294 void atexitkill(int); 295 void atexitkiller(void); 296 void calcsessid(Conn*); 297 void sshlog(char*, ...); 298 void setaliases(Conn*, char*); 299 void privatefactotum(void); 300 301 #pragma varargck argpos debug 2 302 #pragma varargck argpos error 1 303 #pragma varargck argpos sshlog 2 304