Develop and Download Open Source Software

Tera Term

Browse Subversion Repository

/[ttssh2]/branches/ssh_chacha20poly1305/ttssh2/ttxssh/ssh.h

Contents of /branches/ssh_chacha20poly1305/ttssh2/ttxssh/ssh.h

Parent Directory Parent Directory | Revision Log Revision Log

Revision 6841 - (show annotations) (download) (as text)
Tue Jul 4 15:02:28 2017 UTC (6 years, 9 months ago) by doda
Original Path: trunk/ttssh2/ttxssh/ssh.h
File MIME type: text/x-chdr
File size: 30456 byte(s) 
TeraTerm Project としてのライセンス表記を追加

・Tera Term 本体分を横 80 桁に収まるように改行位置を調整
・ttssh 関連の分を追加
1 /*
2 * Copyright (c) 1998-2001, Robert O'Callahan
3 * (C) 2004-2017 TeraTerm Project
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. The name of the author may not be used to endorse or promote products
16 * derived from this software without specific prior written permission.
17 *
18 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR
19 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
21 * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY DIRECT, INDIRECT,
22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
23 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
24 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
25 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
26 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
27 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 */
29
30 /*
31 This code is copyright (C) 1998-1999 Robert O'Callahan.
32 See LICENSE.TXT for the license.
33 */
34
35 #ifndef __SSH_H
36 #define __SSH_H
37
38 #include "zlib.h"
39 #include <openssl/evp.h>
40
41 #include "buffer.h"
42 #include "config.h"
43 #include <sys/types.h>
44 #include <sys/stat.h>
45
46 #define DEBUG_PRINT_TO_FILE(base, msg, len) { \
47 static int count = 0; \
48 debug_print(count + base, msg, len); \
49 count++; \
50 }
51
52 // from OpenSSH
53 extern const EVP_CIPHER *evp_aes_128_ctr(void);
54 extern const EVP_CIPHER *evp_des3_ctr(void);
55 extern const EVP_CIPHER *evp_bf_ctr(void);
56 extern const EVP_CIPHER *evp_cast5_ctr(void);
57 extern const EVP_CIPHER *evp_camellia_128_ctr(void);
58
59 /* Some of this code has been adapted from Ian Goldberg's Pilot SSH */
60
61 typedef enum {
62 SSH_MSG_NONE, SSH_MSG_DISCONNECT, SSH_SMSG_PUBLIC_KEY, //2
63 SSH_CMSG_SESSION_KEY, SSH_CMSG_USER, SSH_CMSG_AUTH_RHOSTS, // 5
64 SSH_CMSG_AUTH_RSA, SSH_SMSG_AUTH_RSA_CHALLENGE,
65 SSH_CMSG_AUTH_RSA_RESPONSE, SSH_CMSG_AUTH_PASSWORD,
66 SSH_CMSG_REQUEST_PTY, // 10
67 SSH_CMSG_WINDOW_SIZE, SSH_CMSG_EXEC_SHELL,
68 SSH_CMSG_EXEC_CMD, SSH_SMSG_SUCCESS, SSH_SMSG_FAILURE,
69 SSH_CMSG_STDIN_DATA, SSH_SMSG_STDOUT_DATA, SSH_SMSG_STDERR_DATA,
70 SSH_CMSG_EOF, SSH_SMSG_EXITSTATUS,
71 SSH_MSG_CHANNEL_OPEN_CONFIRMATION, SSH_MSG_CHANNEL_OPEN_FAILURE,
72 SSH_MSG_CHANNEL_DATA, SSH_MSG_CHANNEL_INPUT_EOF,
73 SSH_MSG_CHANNEL_OUTPUT_CLOSED, SSH_MSG_OBSOLETED0,
74 SSH_SMSG_X11_OPEN, SSH_CMSG_PORT_FORWARD_REQUEST, SSH_MSG_PORT_OPEN,
75 SSH_CMSG_AGENT_REQUEST_FORWARDING, SSH_SMSG_AGENT_OPEN,
76 SSH_MSG_IGNORE, SSH_CMSG_EXIT_CONFIRMATION,
77 SSH_CMSG_X11_REQUEST_FORWARDING, SSH_CMSG_AUTH_RHOSTS_RSA,
78 SSH_MSG_DEBUG, SSH_CMSG_REQUEST_COMPRESSION,
79 SSH_CMSG_MAX_PACKET_SIZE, SSH_CMSG_AUTH_TIS,
80 SSH_SMSG_AUTH_TIS_CHALLENGE, SSH_CMSG_AUTH_TIS_RESPONSE,
81 SSH_CMSG_AUTH_KERBEROS, SSH_SMSG_AUTH_KERBEROS_RESPONSE
82 } SSHMessage;
83
84 typedef enum {
85 // SSH1
86 SSH_CIPHER_NONE, SSH_CIPHER_IDEA, SSH_CIPHER_DES, SSH_CIPHER_3DES,
87 SSH_CIPHER_TSS, SSH_CIPHER_RC4, SSH_CIPHER_BLOWFISH,
88 // SSH2
89 SSH2_CIPHER_3DES_CBC, SSH2_CIPHER_AES128_CBC,
90 SSH2_CIPHER_AES192_CBC, SSH2_CIPHER_AES256_CBC,
91 SSH2_CIPHER_BLOWFISH_CBC, SSH2_CIPHER_AES128_CTR,
92 SSH2_CIPHER_AES192_CTR, SSH2_CIPHER_AES256_CTR,
93 SSH2_CIPHER_ARCFOUR, SSH2_CIPHER_ARCFOUR128, SSH2_CIPHER_ARCFOUR256,
94 SSH2_CIPHER_CAST128_CBC,
95 SSH2_CIPHER_3DES_CTR, SSH2_CIPHER_BLOWFISH_CTR, SSH2_CIPHER_CAST128_CTR,
96 SSH2_CIPHER_CAMELLIA128_CBC, SSH2_CIPHER_CAMELLIA192_CBC, SSH2_CIPHER_CAMELLIA256_CBC,
97 SSH2_CIPHER_CAMELLIA128_CTR, SSH2_CIPHER_CAMELLIA192_CTR, SSH2_CIPHER_CAMELLIA256_CTR,
98 SSH_CIPHER_MAX = SSH2_CIPHER_CAMELLIA256_CTR,
99 } SSHCipher;
100
101 typedef enum {
102 SSH_AUTH_NONE, SSH_AUTH_RHOSTS, SSH_AUTH_RSA, SSH_AUTH_PASSWORD,
103 SSH_AUTH_RHOSTS_RSA, SSH_AUTH_TIS, SSH_AUTH_KERBEROS,
104 SSH_AUTH_PAGEANT = 16,
105 SSH_AUTH_MAX = SSH_AUTH_PAGEANT,
106 } SSHAuthMethod;
107
108 typedef enum {
109 SSH_GENERIC_AUTHENTICATION, SSH_TIS_AUTHENTICATION
110 } SSHAuthMode;
111
112 #define SSH_PROTOFLAG_SCREEN_NUMBER 1
113 #define SSH_PROTOFLAG_HOST_IN_FWD_OPEN 2
114
115 enum channel_type {
116 TYPE_SHELL, TYPE_PORTFWD, TYPE_SCP, TYPE_SFTP, TYPE_AGENT, TYPE_SUBSYSTEM_GEN,
117 };
118
119 // for SSH1
120 #define SSH_MAX_SEND_PACKET_SIZE 250000
121
122 // for SSH2
123 /* default window/packet sizes for tcp/x11-fwd-channel */
124 // changed CHAN_SES_WINDOW_DEFAULT from 32KB to 128KB. (2007.10.29 maya)
125 #define CHAN_SES_PACKET_DEFAULT (32*1024)
126 #define CHAN_SES_WINDOW_DEFAULT (4*CHAN_SES_PACKET_DEFAULT)
127 #define CHAN_TCP_PACKET_DEFAULT (32*1024)
128 #define CHAN_TCP_WINDOW_DEFAULT (4*CHAN_TCP_PACKET_DEFAULT)
129 #if 0 // unused
130 #define CHAN_X11_PACKET_DEFAULT (16*1024)
131 #define CHAN_X11_WINDOW_DEFAULT (4*CHAN_X11_PACKET_DEFAULT)
132 #endif
133
134
135 /* SSH2 constants */
136
137 /* SSH2 messages */
138 #define SSH2_MSG_DISCONNECT 1
139 #define SSH2_MSG_IGNORE 2
140 #define SSH2_MSG_UNIMPLEMENTED 3
141 #define SSH2_MSG_DEBUG 4
142 #define SSH2_MSG_SERVICE_REQUEST 5
143 #define SSH2_MSG_SERVICE_ACCEPT 6
144
145 #define SSH2_MSG_KEXINIT 20
146 #define SSH2_MSG_NEWKEYS 21
147
148 #define SSH2_MSG_KEXDH_INIT 30
149 #define SSH2_MSG_KEXDH_REPLY 31
150
151 #define SSH2_MSG_KEX_DH_GEX_GROUP 31
152 #define SSH2_MSG_KEX_DH_GEX_INIT 32
153 #define SSH2_MSG_KEX_DH_GEX_REPLY 33
154 #define SSH2_MSG_KEX_DH_GEX_REQUEST 34
155
156 #define SSH2_MSG_KEX_ECDH_INIT 30
157 #define SSH2_MSG_KEX_ECDH_REPLY 31
158
159 #define SSH2_MSG_USERAUTH_REQUEST 50
160 #define SSH2_MSG_USERAUTH_FAILURE 51
161 #define SSH2_MSG_USERAUTH_SUCCESS 52
162 #define SSH2_MSG_USERAUTH_BANNER 53
163
164 #define SSH2_MSG_USERAUTH_PK_OK 60
165 #define SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ 60
166 #define SSH2_MSG_USERAUTH_INFO_REQUEST 60
167 #define SSH2_MSG_USERAUTH_INFO_RESPONSE 61
168
169 #define SSH2_MSG_GLOBAL_REQUEST 80
170 #define SSH2_MSG_REQUEST_SUCCESS 81
171 #define SSH2_MSG_REQUEST_FAILURE 82
172 #define SSH2_MSG_CHANNEL_OPEN 90
173 #define SSH2_MSG_CHANNEL_OPEN_CONFIRMATION 91
174 #define SSH2_MSG_CHANNEL_OPEN_FAILURE 92
175 #define SSH2_MSG_CHANNEL_WINDOW_ADJUST 93
176 #define SSH2_MSG_CHANNEL_DATA 94
177 #define SSH2_MSG_CHANNEL_EXTENDED_DATA 95
178 #define SSH2_MSG_CHANNEL_EOF 96
179 #define SSH2_MSG_CHANNEL_CLOSE 97
180 #define SSH2_MSG_CHANNEL_REQUEST 98
181 #define SSH2_MSG_CHANNEL_SUCCESS 99
182 #define SSH2_MSG_CHANNEL_FAILURE 100
183
184 /* SSH2 miscellaneous constants */
185 #define SSH2_DISCONNECT_HOST_NOT_ALLOWED_TO_CONNECT 1
186 #define SSH2_DISCONNECT_PROTOCOL_ERROR 2
187 #define SSH2_DISCONNECT_KEY_EXCHANGE_FAILED 3
188 #define SSH2_DISCONNECT_HOST_AUTHENTICATION_FAILED 4
189 #define SSH2_DISCONNECT_MAC_ERROR 5
190 #define SSH2_DISCONNECT_COMPRESSION_ERROR 6
191 #define SSH2_DISCONNECT_SERVICE_NOT_AVAILABLE 7
192 #define SSH2_DISCONNECT_PROTOCOL_VERSION_NOT_SUPPORTED 8
193 #define SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE 9
194 #define SSH2_DISCONNECT_CONNECTION_LOST 10
195 #define SSH2_DISCONNECT_BY_APPLICATION 11
196 #define SSH2_DISCONNECT_TOO_MANY_CONNECTIONS 12
197 #define SSH2_DISCONNECT_AUTH_CANCELLED_BY_USER 13
198 #define SSH2_DISCONNECT_NO_MORE_AUTH_METHODS_AVAILABLE 14
199 #define SSH2_DISCONNECT_ILLEGAL_USER_NAME 15
200
201 #define SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED 1
202 #define SSH2_OPEN_CONNECT_FAILED 2
203 #define SSH2_OPEN_UNKNOWN_CHANNEL_TYPE 3
204 #define SSH2_OPEN_RESOURCE_SHORTAGE 4
205
206 // Terminal Modes
207 #define SSH2_TTY_OP_END 0
208 #define SSH2_TTY_KEY_VINTR 1
209 #define SSH2_TTY_KEY_VQUIT 2
210 #define SSH2_TTY_KEY_VERASE 3
211 #define SSH2_TTY_KEY_VKILL 4
212 #define SSH2_TTY_KEY_VEOF 5
213 #define SSH2_TTY_KEY_VEOL 6
214 #define SSH2_TTY_KEY_VEOL2 7
215 #define SSH2_TTY_KEY_VSTART 8
216 #define SSH2_TTY_KEY_VSTOP 9
217 #define SSH2_TTY_KEY_VSUSP 10
218 #define SSH2_TTY_KEY_VDSUSP 11
219 #define SSH2_TTY_KEY_VREPRINT 12
220 #define SSH2_TTY_KEY_VWERASE 13
221 #define SSH2_TTY_KEY_VLNEXT 14
222 #define SSH2_TTY_KEY_VFLUSH 15
223 #define SSH2_TTY_KEY_VSWTCH 16
224 #define SSH2_TTY_KEY_VSTATUS 17
225 #define SSH2_TTY_KEY_VDISCARD 18
226 #define SSH2_TTY_OP_IGNPAR 30
227 #define SSH2_TTY_OP_PARMRK 31
228 #define SSH2_TTY_OP_INPCK 32
229 #define SSH2_TTY_OP_ISTRIP 33
230 #define SSH2_TTY_OP_INLCR 34
231 #define SSH2_TTY_OP_IGNCR 35
232 #define SSH2_TTY_OP_ICRNL 36
233 #define SSH2_TTY_OP_IUCLC 37
234 #define SSH2_TTY_OP_IXON 38
235 #define SSH2_TTY_OP_IXANY 39
236 #define SSH2_TTY_OP_IXOFF 40
237 #define SSH2_TTY_OP_IMAXBEL 41
238 #define SSH2_TTY_OP_ISIG 50
239 #define SSH2_TTY_OP_ICANON 51
240 #define SSH2_TTY_OP_XCASE 52
241 #define SSH2_TTY_OP_ECHO 53
242 #define SSH2_TTY_OP_ECHOE 54
243 #define SSH2_TTY_OP_ECHOK 55
244 #define SSH2_TTY_OP_ECHONL 56
245 #define SSH2_TTY_OP_NOFLSH 57
246 #define SSH2_TTY_OP_TOSTOP 58
247 #define SSH2_TTY_OP_IEXTEN 59
248 #define SSH2_TTY_OP_ECHOCTL 60
249 #define SSH2_TTY_OP_ECHOKE 61
250 #define SSH2_TTY_OP_PENDIN 62
251 #define SSH2_TTY_OP_OPOST 70
252 #define SSH2_TTY_OP_OLCUC 71
253 #define SSH2_TTY_OP_ONLCR 72
254 #define SSH2_TTY_OP_OCRNL 73
255 #define SSH2_TTY_OP_ONOCR 74
256 #define SSH2_TTY_OP_ONLRET 75
257 #define SSH2_TTY_OP_CS7 90
258 #define SSH2_TTY_OP_CS8 91
259 #define SSH2_TTY_OP_PARENB 92
260 #define SSH2_TTY_OP_PARODD 93
261 #define SSH2_TTY_OP_ISPEED 128
262 #define SSH2_TTY_OP_OSPEED 129
263
264
265 // �N���C�A���g�����T�[�o������������
266 enum kex_init_proposals {
267 PROPOSAL_KEX_ALGS,
268 PROPOSAL_SERVER_HOST_KEY_ALGS,
269 PROPOSAL_ENC_ALGS_CTOS,
270 PROPOSAL_ENC_ALGS_STOC,
271 PROPOSAL_MAC_ALGS_CTOS,
272 PROPOSAL_MAC_ALGS_STOC,
273 PROPOSAL_COMP_ALGS_CTOS,
274 PROPOSAL_COMP_ALGS_STOC,
275 PROPOSAL_LANG_CTOS,
276 PROPOSAL_LANG_STOC,
277 PROPOSAL_MAX
278 };
279
280 #define KEX_DEFAULT_KEX ""
281 #define KEX_DEFAULT_PK_ALG ""
282 #define KEX_DEFAULT_ENCRYPT ""
283 #define KEX_DEFAULT_MAC ""
284 #define KEX_DEFAULT_COMP ""
285 #define KEX_DEFAULT_LANG ""
286
287 static char *myproposal[PROPOSAL_MAX] = {
288 KEX_DEFAULT_KEX,
289 KEX_DEFAULT_PK_ALG,
290 KEX_DEFAULT_ENCRYPT,
291 KEX_DEFAULT_ENCRYPT,
292 KEX_DEFAULT_MAC,
293 KEX_DEFAULT_MAC,
294 KEX_DEFAULT_COMP,
295 KEX_DEFAULT_COMP,
296 KEX_DEFAULT_LANG,
297 KEX_DEFAULT_LANG,
298 };
299
300
301 typedef enum {
302 KEY_NONE,
303 KEY_RSA1,
304 KEY_RSA,
305 KEY_DSA,
306 KEY_ECDSA256,
307 KEY_ECDSA384,
308 KEY_ECDSA521,
309 KEY_ED25519,
310 KEY_UNSPEC,
311 KEY_MAX = KEY_UNSPEC,
312 } ssh_keytype;
313 #define isFixedLengthKey(type) ((type) >= KEY_DSA && (type) <= KEY_ED25519)
314
315 typedef struct ssh2_host_key {
316 ssh_keytype type;
317 char *name;
318 } ssh2_host_key_t;
319
320 static ssh2_host_key_t ssh2_host_key[] = {
321 {KEY_RSA1, "ssh-rsa1"}, // for SSH1 only
322 {KEY_RSA, "ssh-rsa"}, // RFC4253
323 {KEY_DSA, "ssh-dss"}, // RFC4253
324 {KEY_ECDSA256, "ecdsa-sha2-nistp256"}, // RFC5656
325 {KEY_ECDSA384, "ecdsa-sha2-nistp384"}, // RFC5656
326 {KEY_ECDSA521, "ecdsa-sha2-nistp521"}, // RFC5656
327 {KEY_ED25519, "ssh-ed25519"}, // draft-bjh21-ssh-ed25519-02
328 {KEY_UNSPEC, "ssh-unknown"},
329 {KEY_NONE, NULL},
330 };
331
332 /* Minimum modulus size (n) for RSA keys. */
333 #define SSH_RSA_MINIMUM_MODULUS_SIZE 768
334
335 #define SSH_KEYGEN_DEFAULT_BITS 2048
336 #define SSH_RSA_MINIMUM_KEY_SIZE 768
337 #define SSH_DSA_MINIMUM_KEY_SIZE 1024
338
339 #define SSH_KEYGEN_MINIMUM_ROUNDS 1
340 #define SSH_KEYGEN_MAXIMUM_ROUNDS INT_MAX
341
342
343 typedef struct ssh2_cipher {
344 SSHCipher cipher;
345 char *name;
346 int block_size;
347 int key_len;
348 int discard_len;
349 const EVP_CIPHER *(*func)(void);
350 } ssh2_cipher_t;
351
352 static ssh2_cipher_t ssh2_ciphers[] = {
353 {SSH2_CIPHER_3DES_CBC, "3des-cbc", 8, 24, 0, EVP_des_ede3_cbc}, // RFC4253
354 {SSH2_CIPHER_AES128_CBC, "aes128-cbc", 16, 16, 0, EVP_aes_128_cbc}, // RFC4253
355 {SSH2_CIPHER_AES192_CBC, "aes192-cbc", 16, 24, 0, EVP_aes_192_cbc}, // RFC4253
356 {SSH2_CIPHER_AES256_CBC, "aes256-cbc", 16, 32, 0, EVP_aes_256_cbc}, // RFC4253
357 {SSH2_CIPHER_BLOWFISH_CBC, "blowfish-cbc", 8, 16, 0, EVP_bf_cbc}, // RFC4253
358 {SSH2_CIPHER_AES128_CTR, "aes128-ctr", 16, 16, 0, evp_aes_128_ctr}, // RFC4344
359 {SSH2_CIPHER_AES192_CTR, "aes192-ctr", 16, 24, 0, evp_aes_128_ctr}, // RFC4344
360 {SSH2_CIPHER_AES256_CTR, "aes256-ctr", 16, 32, 0, evp_aes_128_ctr}, // RFC4344
361 {SSH2_CIPHER_ARCFOUR, "arcfour", 8, 16, 0, EVP_rc4}, // RFC4253
362 {SSH2_CIPHER_ARCFOUR128, "arcfour128", 8, 16, 1536, EVP_rc4}, // RFC4345
363 {SSH2_CIPHER_ARCFOUR256, "arcfour256", 8, 32, 1536, EVP_rc4}, // RFC4345
364 {SSH2_CIPHER_CAST128_CBC, "cast128-cbc", 8, 16, 0, EVP_cast5_cbc}, // RFC4253
365 {SSH2_CIPHER_3DES_CTR, "3des-ctr", 8, 24, 0, evp_des3_ctr}, // RFC4344
366 {SSH2_CIPHER_BLOWFISH_CTR, "blowfish-ctr", 8, 32, 0, evp_bf_ctr}, // RFC4344
367 {SSH2_CIPHER_CAST128_CTR, "cast128-ctr", 8, 16, 0, evp_cast5_ctr}, // RFC4344
368 {SSH2_CIPHER_CAMELLIA128_CBC, "camellia128-cbc", 16, 16, 0, EVP_camellia_128_cbc}, // draft-kanno-secsh-camellia-02
369 {SSH2_CIPHER_CAMELLIA192_CBC, "camellia192-cbc", 16, 24, 0, EVP_camellia_192_cbc}, // draft-kanno-secsh-camellia-02
370 {SSH2_CIPHER_CAMELLIA256_CBC, "camellia256-cbc", 16, 32, 0, EVP_camellia_256_cbc}, // draft-kanno-secsh-camellia-02
371 {SSH2_CIPHER_CAMELLIA128_CTR, "camellia128-ctr", 16, 16, 0, evp_camellia_128_ctr}, // draft-kanno-secsh-camellia-02
372 {SSH2_CIPHER_CAMELLIA192_CTR, "camellia192-ctr", 16, 24, 0, evp_camellia_128_ctr}, // draft-kanno-secsh-camellia-02
373 {SSH2_CIPHER_CAMELLIA256_CTR, "camellia256-ctr", 16, 32, 0, evp_camellia_128_ctr}, // draft-kanno-secsh-camellia-02
374 #ifdef WITH_CAMELLIA_PRIVATE
375 {SSH2_CIPHER_CAMELLIA128_CBC, "camellia128-cbc@openssh.org", 16, 16, 0, EVP_camellia_128_cbc},
376 {SSH2_CIPHER_CAMELLIA192_CBC, "camellia192-cbc@openssh.org", 16, 24, 0, EVP_camellia_192_cbc},
377 {SSH2_CIPHER_CAMELLIA256_CBC, "camellia256-cbc@openssh.org", 16, 32, 0, EVP_camellia_256_cbc},
378 {SSH2_CIPHER_CAMELLIA128_CTR, "camellia128-ctr@openssh.org", 16, 16, 0, evp_camellia_128_ctr},
379 {SSH2_CIPHER_CAMELLIA192_CTR, "camellia192-ctr@openssh.org", 16, 24, 0, evp_camellia_128_ctr},
380 {SSH2_CIPHER_CAMELLIA256_CTR, "camellia256-ctr@openssh.org", 16, 32, 0, evp_camellia_128_ctr},
381 #endif // WITH_CAMELLIA_PRIVATE
382 {SSH_CIPHER_NONE, NULL, 0, 0, 0, NULL},
383 };
384
385
386 typedef enum {
387 KEX_DH_NONE, /* disabled line */
388 KEX_DH_GRP1_SHA1,
389 KEX_DH_GRP14_SHA1,
390 KEX_DH_GEX_SHA1,
391 KEX_DH_GEX_SHA256,
392 KEX_ECDH_SHA2_256,
393 KEX_ECDH_SHA2_384,
394 KEX_ECDH_SHA2_521,
395 KEX_DH_GRP14_SHA256,
396 KEX_DH_GRP16_SHA512,
397 KEX_DH_GRP18_SHA512,
398 KEX_DH_UNKNOWN,
399 KEX_DH_MAX = KEX_DH_UNKNOWN,
400 } kex_algorithm;
401
402 typedef struct ssh2_kex_algorithm {
403 kex_algorithm kextype;
404 char *name;
405 const EVP_MD *(*evp_md)(void);
406 } ssh2_kex_algorithm_t;
407
408 static ssh2_kex_algorithm_t ssh2_kex_algorithms[] = {
409 {KEX_DH_GRP1_SHA1, "diffie-hellman-group1-sha1", EVP_sha1}, // RFC4253
410 {KEX_DH_GRP14_SHA1, "diffie-hellman-group14-sha1", EVP_sha1}, // RFC4253
411 {KEX_DH_GEX_SHA1, "diffie-hellman-group-exchange-sha1", EVP_sha1}, // RFC4419
412 {KEX_DH_GEX_SHA256, "diffie-hellman-group-exchange-sha256", EVP_sha256}, // RFC4419
413 {KEX_ECDH_SHA2_256, "ecdh-sha2-nistp256", EVP_sha256}, // RFC5656
414 {KEX_ECDH_SHA2_384, "ecdh-sha2-nistp384", EVP_sha384}, // RFC5656
415 {KEX_ECDH_SHA2_521, "ecdh-sha2-nistp521", EVP_sha512}, // RFC5656
416 {KEX_DH_GRP14_SHA256, "diffie-hellman-group14-sha256", EVP_sha256}, // draft-baushke-ssh-dh-group-sha2-04
417 {KEX_DH_GRP16_SHA512, "diffie-hellman-group16-sha512", EVP_sha512}, // draft-baushke-ssh-dh-group-sha2-04
418 {KEX_DH_GRP18_SHA512, "diffie-hellman-group18-sha512", EVP_sha512}, // draft-baushke-ssh-dh-group-sha2-04
419 {KEX_DH_NONE , NULL, NULL},
420 };
421
422
423 typedef enum {
424 HMAC_NONE, /* disabled line */
425 HMAC_SHA1,
426 HMAC_MD5,
427 HMAC_SHA1_96,
428 HMAC_MD5_96,
429 HMAC_RIPEMD160,
430 HMAC_SHA2_256,
431 HMAC_SHA2_256_96,
432 HMAC_SHA2_512,
433 HMAC_SHA2_512_96,
434 HMAC_UNKNOWN,
435 HMAC_MAX = HMAC_UNKNOWN,
436 } hmac_type;
437
438 typedef struct ssh2_mac {
439 hmac_type type;
440 char *name;
441 const EVP_MD *(*evp_md)(void);
442 int truncatebits;
443 } ssh2_mac_t;
444
445 static ssh2_mac_t ssh2_macs[] = {
446 {HMAC_SHA1, "hmac-sha1", EVP_sha1, 0}, // RFC4253
447 {HMAC_MD5, "hmac-md5", EVP_md5, 0}, // RFC4253
448 {HMAC_SHA1_96, "hmac-sha1-96", EVP_sha1, 96}, // RFC4253
449 {HMAC_MD5_96, "hmac-md5-96", EVP_md5, 96}, // RFC4253
450 {HMAC_RIPEMD160, "hmac-ripemd160@openssh.com", EVP_ripemd160, 0},
451 {HMAC_SHA2_256, "hmac-sha2-256", EVP_sha256, 0}, // RFC6668
452 // {HMAC_SHA2_256_96, "hmac-sha2-256-96", EVP_sha256, 96}, // draft-dbider-sha2-mac-for-ssh-05, deleted at 06
453 {HMAC_SHA2_512, "hmac-sha2-512", EVP_sha512, 0}, // RFC6668
454 // {HMAC_SHA2_512_96, "hmac-sha2-512-96", EVP_sha512, 96}, // draft-dbider-sha2-mac-for-ssh-05, deleted at 06
455 {HMAC_NONE, NULL, NULL, 0},
456 };
457
458
459 typedef enum {
460 COMP_NONE, /* disabled line */
461 COMP_NOCOMP,
462 COMP_ZLIB,
463 COMP_DELAYED,
464 COMP_UNKNOWN,
465 COMP_MAX = COMP_UNKNOWN,
466 } compression_type;
467
468 typedef struct ssh2_comp {
469 compression_type type;
470 char *name;
471 } ssh2_comp_t;
472
473 static ssh2_comp_t ssh2_comps[] = {
474 {COMP_NOCOMP, "none"}, // RFC4253
475 {COMP_ZLIB, "zlib"}, // RFC4253
476 {COMP_DELAYED, "zlib@openssh.com"},
477 {COMP_NONE, NULL},
478 };
479
480
481 struct Enc {
482 u_char *key;
483 u_char *iv;
484 unsigned int key_len;
485 unsigned int block_size;
486 };
487
488 struct Mac {
489 char *name;
490 int enabled;
491 const EVP_MD *md;
492 int mac_len;
493 u_char *key;
494 int key_len;
495 };
496
497 struct Comp {
498 int type;
499 int enabled;
500 char *name;
501 };
502
503 typedef struct {
504 struct Enc enc;
505 struct Mac mac;
506 struct Comp comp;
507 } Newkeys;
508
509 #define roundup(x, y) ((((x)+((y)-1))/(y))*(y))
510
511 enum kex_modes {
512 MODE_IN,
513 MODE_OUT,
514 MODE_MAX
515 };
516
517
518 // �z�X�g�L�[(SSH1, SSH2����)���f�[�^�\�� (2006.3.21 yutaka)
519 typedef struct Key {
520 // host key type
521 ssh_keytype type;
522 // SSH2 RSA
523 RSA *rsa;
524 // SSH2 DSA
525 DSA *dsa;
526 // SSH2 ECDSA
527 EC_KEY *ecdsa;
528 // SSH1 RSA
529 int bits;
530 unsigned char *exp;
531 unsigned char *mod;
532 // SSH2 ED25519
533 unsigned char *ed25519_sk;
534 unsigned char *ed25519_pk;
535 int bcrypt_kdf;
536 } Key;
537
538 // fingerprint������
539 enum fp_rep {
540 SSH_FP_DEFAULT = 0,
541 SSH_FP_HEX,
542 SSH_FP_BASE64,
543 SSH_FP_BUBBLEBABBLE,
544 SSH_FP_RANDOMART
545 };
546 /*
547 enum fp_type {
548 SSH_FP_MD5,
549 SSH_FP_SHA1,
550 SSH_FP_SHA256
551 };
552 */
553 typedef enum {
554 SSH_DIGEST_MD5,
555 SSH_DIGEST_RIPEMD160,
556 SSH_DIGEST_SHA1,
557 SSH_DIGEST_SHA256,
558 SSH_DIGEST_SHA384,
559 SSH_DIGEST_SHA512,
560 SSH_DIGEST_MAX,
561 } digest_algorithm;
562
563 typedef struct ssh_digest {
564 digest_algorithm id;
565 char *name;
566 } ssh_digest_t;
567
568 /* NB. Indexed directly by algorithm number */
569 static ssh_digest_t ssh_digests[] = {
570 { SSH_DIGEST_MD5, "MD5" },
571 { SSH_DIGEST_RIPEMD160, "RIPEMD160" },
572 { SSH_DIGEST_SHA1, "SHA1" },
573 { SSH_DIGEST_SHA256, "SHA256" },
574 { SSH_DIGEST_SHA384, "SHA384" },
575 { SSH_DIGEST_SHA512, "SHA512" },
576 { SSH_DIGEST_MAX, NULL },
577 };
578
579 enum scp_dir {
580 TOREMOTE, FROMREMOTE,
581 };
582
583 /* The packet handler returns TRUE to keep the handler in place,
584 FALSE to remove the handler. */
585 typedef BOOL (* SSHPacketHandler)(PTInstVar pvar);
586
587 typedef struct _SSHPacketHandlerItem SSHPacketHandlerItem;
588 struct _SSHPacketHandlerItem {
589 SSHPacketHandler handler;
590 /* Circular list of handlers for given message */
591 SSHPacketHandlerItem *next_for_message;
592 SSHPacketHandlerItem *last_for_message;
593 /* Circular list of handlers in set */
594 SSHPacketHandlerItem *next_in_set;
595 int active_for_message;
596 };
597
598 typedef struct {
599 char *hostname;
600
601 int server_protocol_flags;
602 char *server_ID;
603
604 /* This buffer is used to hold the outgoing data, and encrypted in-place
605 here if necessary. */
606 unsigned char *outbuf;
607 long outbuflen;
608 /* This buffer is used by the SSH protocol processing to store uncompressed
609 packet data for compression. User data is never streamed through here;
610 it is compressed directly from the user's buffer. */
611 unsigned char *precompress_outbuf;
612 long precompress_outbuflen;
613 /* this is the length of the packet data, including the type header */
614 long outgoing_packet_len;
615
616 /* This buffer is used by the SSH protocol processing to store decompressed
617 packet data. User data is never streamed through here; it is decompressed
618 directly to the user's buffer. */
619 unsigned char *postdecompress_inbuf;
620 long postdecompress_inbuflen;
621
622 unsigned char *payload;
623 long payload_grabbed;
624 long payloadlen;
625 long payload_datastart;
626 long payload_datalen;
627
628 uint32 receiver_sequence_number;
629 uint32 sender_sequence_number;
630
631 z_stream compress_stream;
632 z_stream decompress_stream;
633 BOOL compressing;
634 BOOL decompressing;
635 int compression_level;
636
637 SSHPacketHandlerItem *packet_handlers[256];
638 int status_flags;
639
640 int win_cols;
641 int win_rows;
642
643 unsigned short tcpport;
644 } SSHState;
645
646 #define STATUS_DONT_SEND_USER_NAME 0x01
647 #define STATUS_EXPECTING_COMPRESSION_RESPONSE 0x02
648 #define STATUS_DONT_SEND_CREDENTIALS 0x04
649 #define STATUS_HOST_OK 0x08
650 #define STATUS_INTERACTIVE 0x10
651 #define STATUS_IN_PARTIAL_ID_STRING 0x20
652
653 void SSH_init(PTInstVar pvar);
654 void SSH_open(PTInstVar pvar);
655 void SSH_notify_disconnecting(PTInstVar pvar, char *reason);
656 /* SSH_handle_server_ID returns TRUE iff a valid ID string has been
657 received. If it returns FALSE, we need to keep looking for another
658 ID string. */
659 BOOL SSH_handle_server_ID(PTInstVar pvar, char *ID, int ID_len);
660 /* SSH_handle_packet requires NO PAYLOAD on entry.
661 'len' is the size of the packet: payload + padding (+ CRC for SSHv1)
662 'padding' is the size of the padding.
663 'data' points to the start of the packet data (the length field)
664 */
665 void SSH_handle_packet(PTInstVar pvar, char *data, int len, int padding);
666 void SSH_notify_win_size(PTInstVar pvar, int cols, int rows);
667 void SSH_notify_user_name(PTInstVar pvar);
668 void SSH_notify_cred(PTInstVar pvar);
669 void SSH_notify_host_OK(PTInstVar pvar);
670 void SSH_send(PTInstVar pvar, unsigned char const *buf, unsigned int buflen);
671 /* SSH_extract_payload returns number of bytes extracted */
672 int SSH_extract_payload(PTInstVar pvar, unsigned char *dest, int len);
673 void SSH_end(PTInstVar pvar);
674
675 void SSH_get_server_ID_info(PTInstVar pvar, char *dest, int len);
676 void SSH_get_protocol_version_info(PTInstVar pvar, char *dest, int len);
677 void SSH_get_compression_info(PTInstVar pvar, char *dest, int len);
678 void SSH_get_mac_info(PTInstVar pvar, char *dest, int len);
679
680 /* len must be <= SSH_MAX_SEND_PACKET_SIZE */
681 void SSH_channel_send(PTInstVar pvar, int channel_num,
682 uint32 remote_channel_num,
683 unsigned char *buf, int len, int retry);
684 void SSH_fail_channel_open(PTInstVar pvar, uint32 remote_channel_num);
685 void SSH_confirm_channel_open(PTInstVar pvar, uint32 remote_channel_num, uint32 local_channel_num);
686 void SSH_channel_output_eof(PTInstVar pvar, uint32 remote_channel_num);
687 void SSH_channel_input_eof(PTInstVar pvar, uint32 remote_channel_num, uint32 local_channel_num);
688 void SSH_request_forwarding(PTInstVar pvar, char *bind_address, int from_server_port,
689 char *to_local_host, int to_local_port);
690 void SSH_cancel_request_forwarding(PTInstVar pvar, char *bind_address, int from_server_port, int reply);
691 void SSH_request_X11_forwarding(PTInstVar pvar,
692 char *auth_protocol, unsigned char *auth_data, int auth_data_len, int screen_num);
693 void SSH_open_channel(PTInstVar pvar, uint32 local_channel_num,
694 char *to_remote_host, int to_remote_port,
695 char *originator, unsigned short originator_port);
696
697 int SSH_start_scp(PTInstVar pvar, char *sendfile, char *dstfile);
698 int SSH_start_scp_receive(PTInstVar pvar, char *filename);
699 int SSH_scp_transaction(PTInstVar pvar, char *sendfile, char *dstfile, enum scp_dir direction);
700 int SSH_sftp_transaction(PTInstVar pvar);
701
702 /* auxiliary SSH2 interfaces for pkt.c */
703 int SSH_get_min_packet_size(PTInstVar pvar);
704 /* data is guaranteed to be at least SSH_get_min_packet_size bytes long
705 at least 5 bytes must be decrypted */
706 void SSH_predecrpyt_packet(PTInstVar pvar, char *data);
707 int SSH_get_clear_MAC_size(PTInstVar pvar);
708
709 #define SSH_is_any_payload(pvar) ((pvar)->ssh_state.payload_datalen > 0)
710 #define SSH_get_host_name(pvar) ((pvar)->ssh_state.hostname)
711 #define SSH_get_compression_level(pvar) ((pvar)->ssh_state.compressing ? (pvar)->ts_SSH_CompressionLevel : 0)
712
713 void SSH2_send_kexinit(PTInstVar pvar);
714 BOOL do_SSH2_userauth(PTInstVar pvar);
715 BOOL do_SSH2_authrequest(PTInstVar pvar);
716 void debug_print(int no, char *msg, int len);
717 int get_cipher_block_size(SSHCipher cipher);
718 int get_cipher_key_len(SSHCipher cipher);
719 SSHCipher get_cipher_by_name(char *name);
720 char* get_kex_algorithm_name(kex_algorithm kextype);
721 const EVP_CIPHER* get_cipher_EVP_CIPHER(SSHCipher cipher);
722 const EVP_MD* get_kex_algorithm_EVP_MD(kex_algorithm kextype);
723 char* get_ssh2_mac_name(hmac_type type);
724 const EVP_MD* get_ssh2_mac_EVP_MD(hmac_type type);
725 int get_ssh2_mac_truncatebits(hmac_type type);
726 char* get_ssh2_comp_name(compression_type type);
727 char* get_ssh_keytype_name(ssh_keytype type);
728 char* get_digest_algorithm_name(digest_algorithm id);
729 int get_cipher_discard_len(SSHCipher cipher);
730 void ssh_heartbeat_lock_initialize(void);
731 void ssh_heartbeat_lock_finalize(void);
732 void ssh_heartbeat_lock(void);
733 void ssh_heartbeat_unlock(void);
734 void halt_ssh_heartbeat_thread(PTInstVar pvar);
735 void ssh2_channel_free(void);
736 BOOL handle_SSH2_userauth_msg60(PTInstVar pvar);
737 BOOL handle_SSH2_userauth_inforeq(PTInstVar pvar);
738 BOOL handle_SSH2_userauth_pkok(PTInstVar pvar);
739 BOOL handle_SSH2_userauth_passwd_changereq(PTInstVar pvar);
740 void SSH2_update_compression_myproposal(PTInstVar pvar);
741 void SSH2_update_cipher_myproposal(PTInstVar pvar);
742 void SSH2_update_kex_myproposal(PTInstVar pvar);
743 void SSH2_update_host_key_myproposal(PTInstVar pvar);
744 void SSH2_update_hmac_myproposal(PTInstVar pvar);
745 int SSH_notify_break_signal(PTInstVar pvar);
746
747 ///
748 enum scp_state {
749 SCP_INIT, SCP_TIMESTAMP, SCP_FILEINFO, SCP_DATA, SCP_CLOSING,
750 };
751
752 typedef struct bufchain {
753 buffer_t *msg;
754 struct bufchain *next;
755 } bufchain_t;
756
757 typedef struct PacketList {
758 char *buf;
759 unsigned int buflen;
760 struct PacketList *next;
761 } PacketList_t;
762
763 typedef struct scp {
764 enum scp_dir dir; // transfer direction
765 enum scp_state state; // SCP state
766 char localfile[MAX_PATH]; // local filename
767 char localfilefull[MAX_PATH]; // local filename fullpath
768 char remotefile[MAX_PATH]; // remote filename
769 FILE *localfp; // file pointer for local file
770 struct __stat64 filestat; // file status information
771 HWND progress_window;
772 HANDLE thread;
773 unsigned int thread_id;
774 PTInstVar pvar;
775 // for receiving file
776 long long filetotalsize;
777 long long filercvsize;
778 DWORD filemtime;
779 DWORD fileatime;
780 PacketList_t *pktlist_head;
781 PacketList_t *pktlist_tail;
782 } scp_t;
783
784 enum sftp_state {
785 SFTP_INIT, SFTP_CONNECTED, SFTP_REALPATH,
786 };
787
788 typedef struct sftp {
789 enum sftp_state state;
790 HWND console_window;
791 unsigned int transfer_buflen;
792 unsigned int num_requests;
793 unsigned int version;
794 unsigned int msg_id;
795 #define SFTP_EXT_POSIX_RENAME 0x00000001
796 #define SFTP_EXT_STATVFS 0x00000002
797 #define SFTP_EXT_FSTATVFS 0x00000004
798 #define SFTP_EXT_HARDLINK 0x00000008
799 unsigned int exts;
800 unsigned long long limit_kbps;
801 //struct bwlimit bwlimit_in, bwlimit_out;
802 char path[1024];
803 } sftp_t;
804
805 typedef struct channel {
806 int used;
807 int self_id;
808 int remote_id;
809 unsigned int local_window;
810 unsigned int local_window_max;
811 unsigned int local_consumed;
812 unsigned int local_maxpacket;
813 unsigned int remote_window;
814 unsigned int remote_maxpacket;
815 enum channel_type type;
816 int local_num;
817 bufchain_t *bufchain;
818 scp_t scp;
819 buffer_t *agent_msg;
820 int agent_request_len;
821 sftp_t sftp;
822 #define SSH_CHANNEL_STATE_CLOSE_SENT 0x00000001
823 unsigned int state;
824 } Channel_t;
825
826 unsigned char *begin_send_packet(PTInstVar pvar, int type, int len);
827 void finish_send_packet_special(PTInstVar pvar, int skip_compress);
828 void SSH2_send_channel_data(PTInstVar pvar, Channel_t *c, unsigned char *buf, unsigned int buflen, int retry);
829
830 #define finish_send_packet(pvar) finish_send_packet_special((pvar), 0)
831 #define get_payload_uint32(pvar, offset) get_uint32_MSBfirst((pvar)->ssh_state.payload + (offset))
832 #define get_uint32(buf) get_uint32_MSBfirst((buf))
833 #define set_uint32(buf, v) set_uint32_MSBfirst((buf), (v))
834 #define get_mpint_len(pvar, offset) ((get_ushort16_MSBfirst((pvar)->ssh_state.payload + (offset)) + 7) >> 3)
835 #define get_ushort16(buf) get_ushort16_MSBfirst((buf))
836 ///
837
838 /* Global request confirmation callbacks */
839 typedef void global_confirm_cb(PTInstVar pvar, int type, unsigned int seq, void *ctx);
840 void client_register_global_confirm(global_confirm_cb *cb, void *ctx);
841
842 /* Global request success/failure callbacks */
843 struct global_confirm {
844 global_confirm_cb *cb;
845 void *ctx;
846 int ref_count;
847 };
848
849 #endif
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
About OSDN
Find Software
Develop Software
Help