Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-1-5]: src/crypto/dist/ssh Pull up revision 1.2 (requested by tosh...
details: https://anonhg.NetBSD.org/src/rev/d4c9136b6153
branches: netbsd-1-5
changeset: 490523:d4c9136b6153
user: jhawk <jhawk%NetBSD.org@localhost>
date: Thu Jan 25 19:53:32 2001 +0000
description:
Pull up revision 1.2 (requested by toshii):
Set TCP_NODELAY interactive IPv6 connections.
diffstat:
crypto/dist/ssh/packet.c | 1319 ++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 1319 insertions(+), 0 deletions(-)
diffs (truncated from 1323 to 300 lines):
diff -r 3528da6839d6 -r d4c9136b6153 crypto/dist/ssh/packet.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/crypto/dist/ssh/packet.c Thu Jan 25 19:53:32 2001 +0000
@@ -0,0 +1,1319 @@
+/* $NetBSD: packet.c,v 1.1.1.1.2.2 2001/01/25 19:53:32 jhawk Exp $ */
+
+/*
+ * Author: Tatu Ylonen <ylo%cs.hut.fi@localhost>
+ * Copyright (c) 1995 Tatu Ylonen <ylo%cs.hut.fi@localhost>, Espoo, Finland
+ * All rights reserved
+ * This file contains code implementing the packet protocol and communication
+ * with the other side. This same code is used both on client and server side.
+ *
+ * As far as I am concerned, the code I have written for this software
+ * can be used freely for any purpose. Any derived versions of this
+ * software must be clearly marked as such, and if the derived work is
+ * incompatible with the protocol description in the RFC file, it must be
+ * called by a name other than "ssh" or "Secure Shell".
+ *
+ *
+ * SSH2 packet format added by Markus Friedl.
+ * Copyright (c) 2000 Markus Friedl. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/* from OpenBSD: packet.c,v 1.35 2000/09/07 20:27:52 deraadt Exp */
+
+#include <sys/cdefs.h>
+#ifndef lint
+__RCSID("$NetBSD: packet.c,v 1.1.1.1.2.2 2001/01/25 19:53:32 jhawk Exp $");
+#endif
+
+#include "includes.h"
+
+#include "xmalloc.h"
+#include "buffer.h"
+#include "packet.h"
+#include "bufaux.h"
+#include "ssh.h"
+#include "crc32.h"
+#include "cipher.h"
+#include "getput.h"
+
+#include "compress.h"
+#include "deattack.h"
+#include "channels.h"
+
+#include "compat.h"
+#include "ssh2.h"
+
+#include <openssl/bn.h>
+#include <openssl/dh.h>
+#include <openssl/hmac.h>
+#include <openssl/rand.h>
+#include "buffer.h"
+#include "kex.h"
+#include "hmac.h"
+
+#ifdef PACKET_DEBUG
+#define DBG(x) x
+#else
+#define DBG(x)
+#endif
+
+/*
+ * This variable contains the file descriptors used for communicating with
+ * the other side. connection_in is used for reading; connection_out for
+ * writing. These can be the same descriptor, in which case it is assumed to
+ * be a socket.
+ */
+static int connection_in = -1;
+static int connection_out = -1;
+
+/*
+ * Cipher type. This value is only used to determine whether to pad the
+ * packets with zeroes or random data.
+ */
+static int cipher_type = SSH_CIPHER_NONE;
+
+/* Protocol flags for the remote side. */
+static unsigned int remote_protocol_flags = 0;
+
+/* Encryption context for receiving data. This is only used for decryption. */
+static CipherContext receive_context;
+
+/* Encryption context for sending data. This is only used for encryption. */
+static CipherContext send_context;
+
+/* Buffer for raw input data from the socket. */
+static Buffer input;
+
+/* Buffer for raw output data going to the socket. */
+static Buffer output;
+
+/* Buffer for the partial outgoing packet being constructed. */
+static Buffer outgoing_packet;
+
+/* Buffer for the incoming packet currently being processed. */
+static Buffer incoming_packet;
+
+/* Scratch buffer for packet compression/decompression. */
+static Buffer compression_buffer;
+
+/* Flag indicating whether packet compression/decompression is enabled. */
+static int packet_compression = 0;
+
+/* default maximum packet size */
+int max_packet_size = 32768;
+
+/* Flag indicating whether this module has been initialized. */
+static int initialized = 0;
+
+/* Set to true if the connection is interactive. */
+static int interactive_mode = 0;
+
+/* True if SSH2 packet format is used */
+int use_ssh2_packet_format = 0;
+
+/* Session key information for Encryption and MAC */
+Kex *kex = NULL;
+
+void
+packet_set_kex(Kex *k)
+{
+ if( k->mac[MODE_IN ].key == NULL ||
+ k->enc[MODE_IN ].key == NULL ||
+ k->enc[MODE_IN ].iv == NULL ||
+ k->mac[MODE_OUT].key == NULL ||
+ k->enc[MODE_OUT].key == NULL ||
+ k->enc[MODE_OUT].iv == NULL)
+ fatal("bad KEX");
+ kex = k;
+}
+static void
+clear_enc_keys(Enc *enc, int len)
+{
+ memset(enc->iv, 0, len);
+ memset(enc->key, 0, len);
+ xfree(enc->iv);
+ xfree(enc->key);
+ enc->iv = NULL;
+ enc->key = NULL;
+}
+void
+packet_set_ssh2_format(void)
+{
+ DBG(debug("use_ssh2_packet_format"));
+ use_ssh2_packet_format = 1;
+}
+
+/*
+ * Sets the descriptors used for communication. Disables encryption until
+ * packet_set_encryption_key is called.
+ */
+void
+packet_set_connection(int fd_in, int fd_out)
+{
+ connection_in = fd_in;
+ connection_out = fd_out;
+ cipher_type = SSH_CIPHER_NONE;
+ cipher_set_key(&send_context, SSH_CIPHER_NONE, (unsigned char *) "", 0);
+ cipher_set_key(&receive_context, SSH_CIPHER_NONE, (unsigned char *) "", 0);
+ if (!initialized) {
+ initialized = 1;
+ buffer_init(&input);
+ buffer_init(&output);
+ buffer_init(&outgoing_packet);
+ buffer_init(&incoming_packet);
+ }
+ /* Kludge: arrange the close function to be called from fatal(). */
+ fatal_add_cleanup((void (*) (void *)) packet_close, NULL);
+}
+
+/* Returns 1 if remote host is connected via socket, 0 if not. */
+
+int
+packet_connection_is_on_socket()
+{
+ struct sockaddr_storage from, to;
+ socklen_t fromlen, tolen;
+
+ /* filedescriptors in and out are the same, so it's a socket */
+ if (connection_in == connection_out)
+ return 1;
+ fromlen = sizeof(from);
+ memset(&from, 0, sizeof(from));
+ if (getpeername(connection_in, (struct sockaddr *)&from, &fromlen) < 0)
+ return 0;
+ tolen = sizeof(to);
+ memset(&to, 0, sizeof(to));
+ if (getpeername(connection_out, (struct sockaddr *)&to, &tolen) < 0)
+ return 0;
+ if (fromlen != tolen || memcmp(&from, &to, fromlen) != 0)
+ return 0;
+ if (from.ss_family != AF_INET && from.ss_family != AF_INET6)
+ return 0;
+ return 1;
+}
+
+/* returns 1 if connection is via ipv4 */
+
+int
+packet_connection_is_ipv4()
+{
+ struct sockaddr_storage to;
+ socklen_t tolen = sizeof(to);
+
+ memset(&to, 0, sizeof(to));
+ if (getsockname(connection_out, (struct sockaddr *)&to, &tolen) < 0)
+ return 0;
+ if (to.ss_family != AF_INET)
+ return 0;
+ return 1;
+}
+
+/* Sets the connection into non-blocking mode. */
+
+void
+packet_set_nonblocking()
+{
+ /* Set the socket into non-blocking mode. */
+ if (fcntl(connection_in, F_SETFL, O_NONBLOCK) < 0)
+ error("fcntl O_NONBLOCK: %.100s", strerror(errno));
+
+ if (connection_out != connection_in) {
+ if (fcntl(connection_out, F_SETFL, O_NONBLOCK) < 0)
+ error("fcntl O_NONBLOCK: %.100s", strerror(errno));
+ }
+}
+
+/* Returns the socket used for reading. */
+
+int
+packet_get_connection_in()
+{
+ return connection_in;
+}
+
+/* Returns the descriptor used for writing. */
+
+int
+packet_get_connection_out()
+{
+ return connection_out;
+}
+
+/* Closes the connection and clears and frees internal data structures. */
+
+void
+packet_close()
+{
+ if (!initialized)
+ return;
+ initialized = 0;
+ if (connection_in == connection_out) {
+ shutdown(connection_out, SHUT_RDWR);
+ close(connection_out);
+ } else {
+ close(connection_in);
+ close(connection_out);
+ }
+ buffer_free(&input);
+ buffer_free(&output);
+ buffer_free(&outgoing_packet);
+ buffer_free(&incoming_packet);
+ if (packet_compression) {
+ buffer_free(&compression_buffer);
+ buffer_compress_uninit();
+ }
+}
+
+/* Sets remote side protocol flags. */
+
+void
+packet_set_protocol_flags(unsigned int protocol_flags)
+{
+ remote_protocol_flags = protocol_flags;
+ channel_set_options((protocol_flags & SSH_PROTOFLAG_HOST_IN_FWD_OPEN) != 0);
+}
+
+/* Returns the remote protocol flags set earlier by the above function. */
Home |
Main Index |
Thread Index |
Old Index