📄 ck_crp.c
字号:
str_send[2] = TELOPT_ENCRYPTION; str_send[3] = ENCRYPT_SUPPORT; str_suplen = 4; while (ep->type) { if ( EncryptType == ENCTYPE_ANY || EncryptType == ep->type ) {#ifdef DEBUG if (encrypt_debug_mode) { sprintf(dbgbuf, ">>>I will support %s\n", ENCTYPE_NAME(ep->type)); /* safe */ debug(F110,"encrypt_send_support",dbgbuf,0); }#endif if ((i_wont_support_decrypt & typemask(ep->type)) == 0) if ((str_send[str_suplen++] = ep->type) == IAC) str_send[str_suplen++] = IAC; } ++ep; } str_send[str_suplen++] = IAC; str_send[str_suplen++] = SE; /* * If the user has requested that decryption start * immediatly, then send a "REQUEST START" before * we negotiate the type. */ if (autodecrypt) encrypt_send_request_start(); if (deblog || tn_deb || debses) { int i; sprintf(tn_msg,"TELNET SENT SB %s SUPPORT ", TELOPT(TELOPT_ENCRYPTION)); /* safe */ for ( i=4;i<str_suplen-2;i++ ) { if ( str_send[i] == IAC ) { ckstrncat(tn_msg,"IAC ",TN_MSG_LEN); i++; } ckstrncat(tn_msg,ENCTYPE_NAME(str_send[i]),TN_MSG_LEN); ckstrncat(tn_msg," ",TN_MSG_LEN); } ckstrncat(tn_msg,"IAC SE",TN_MSG_LEN); debug(F100,tn_msg,"",0); if (tn_deb || debses) tn_debug(tn_msg); }#ifdef OS2 RequestTelnetMutex( SEM_INDEFINITE_WAIT );#endif ttol(str_send, str_suplen);#ifdef OS2 ReleaseTelnetMutex();#endif str_suplen = 0;}/* * Called when ENCRYPT SUPPORT is received. */int#ifdef CK_ANSICencrypt_support(unsigned char *_typelist, int _cnt)#elseencrypt_support(_typelist, _cnt) unsigned char * _typelist; int _cnt;#endif{ register int type, use_type = 0; unsigned char * typelist = _typelist; int cnt = _cnt; Encryptions *ep; debug(F111,"encrypt_support","cnt",cnt); /* * Forget anything the other side has previously told us. */ remote_supports_decrypt = 0; while (cnt-- > 0) { type = *typelist++; if ( EncryptType == ENCTYPE_ANY || EncryptType == type ) {#ifdef DEBUG if (encrypt_debug_mode) { sprintf(dbgbuf, ">>>Remote supports %s (%d)\n", ENCTYPE_NAME(type), type); /* safe */ debug(F110,"encrypt_support",dbgbuf,0); }#endif if ((type < ENCTYPE_CNT) && (I_SUPPORT_ENCRYPT & typemask(type))) { remote_supports_decrypt |= typemask(type); if (use_type == 0) use_type = type; } } } if (use_type) { ep = findencryption(use_type); if (!ep) { debug(F111,"encrypt_support","findencryption == NULL",use_type); return(-1); } type = ep->start ? (*ep->start)(DIR_ENCRYPT, 0) : 0;#ifdef DEBUG if (encrypt_debug_mode) { sprintf(dbgbuf, ">>>(*ep->start)() %s returned %d (%s)\n", ENCTYPE_NAME(use_type), type, ENCRYPT_NAME(type)); /* safe */ debug(F110,"encrypt_support",dbgbuf,0); }#endif if (type < 0) { debug(F111,"encrypt_support","type < 0",type); return(-1); } encrypt_mode = use_type; if (type == 0) encrypt_start_output(use_type); debug(F111,"encrypt_support","success",type); return(0); } debug(F111,"encrypt_support","failed",use_type); return(-1);}int#ifdef CK_ANSICencrypt_is(unsigned char *data, int cnt)#elseencrypt_is(data, cnt) unsigned char *data; int cnt;#endif /* CK_ANSIC */{ Encryptions *ep; register int type, ret; if (--cnt < 0) return(-1); type = *data++; if (type < ENCTYPE_CNT) remote_supports_encrypt |= typemask(type); if (!(ep = finddecryption(type))) {#ifdef DEBUG if (encrypt_debug_mode) { sprintf(dbgbuf, ">>>encrypt_is: " "Can't find type %s (%d) for initial negotiation\n", ENCTYPE_NAME_OK(type) ? ENCTYPE_NAME(type) : "(unknown)", type); /* safe */ debug(F110,"encrypt_is",dbgbuf,0); }#endif return(-1); } if (!ep->is) {#ifdef DEBUG if (encrypt_debug_mode) { sprintf(dbgbuf, ">>>encrypt_is: " "No initial negotiation needed for type %s (%d)\n", ENCTYPE_NAME_OK(type) ? ENCTYPE_NAME(type) : "(unknown)", type); /* safe */ debug(F110,"encrypt_is",dbgbuf,0); }#endif ret = 0; } else { ret = (*ep->is)(data, cnt);#ifdef DEBUG if (encrypt_debug_mode) { sprintf(dbgbuf, "encrypt_is: " "(*ep->is)(%x, %d) returned %s(%d)\n", data, cnt, (ret < 0) ? "FAIL " : (ret == 0) ? "SUCCESS " : "MORE_TO_DO ", ret); /* safe */ debug(F110,"encrypt_is",dbgbuf,0); }#endif } if (ret < 0) { autodecrypt = 0; return(-1); } else { decrypt_mode = type; if (ret == 0 && autodecrypt) { encrypt_send_request_start(); } } return(0);}int#ifdef CK_ANSICencrypt_reply(unsigned char *data, int cnt)#elseencrypt_reply(data, cnt) unsigned char *data; int cnt;#endif{ Encryptions *ep; register int ret, type; if (--cnt < 0) return(-1); type = *data++; if (!(ep = findencryption(type))) {#ifdef DEBUG if (encrypt_debug_mode) { sprintf(dbgbuf, ">>>Can't find type %s (%d) for initial negotiation\n", ENCTYPE_NAME_OK(type) ? ENCTYPE_NAME(type) : "(unknown)", type); /* safe */ debug(F110,"encrypt_reply",dbgbuf,0); }#endif return(-1); } if (!ep->reply) {#ifdef DEBUG if (encrypt_debug_mode) { sprintf(dbgbuf, ">>>No initial negotiation needed for type %s (%d)\n", ENCTYPE_NAME_OK(type) ? ENCTYPE_NAME(type) : "(unknown)", type); /* safe */ debug(F110,"encrypt_reply",dbgbuf,0); }#endif ret = 0; } else { ret = (*ep->reply)(data, cnt);#ifdef DEBUG if (encrypt_debug_mode) { sprintf(dbgbuf, "(*ep->reply)(%x, %d) returned %s(%d)\n", data, cnt, (ret < 0) ? "FAIL " : (ret == 0) ? "SUCCESS " : "MORE_TO_DO ", ret); /* safe */ debug(F110,"encrypt_reply",dbgbuf,0); }#endif }#ifdef DEBUG if (encrypt_debug_mode) { sprintf(dbgbuf, ">>>encrypt_reply returned %d\n", ret); /* safe */ debug(F110,"encrypt_reply",dbgbuf,0); }#endif if (ret < 0) { autoencrypt = 0; return(-1); } else { encrypt_mode = type; if (ret == 0 && autoencrypt) encrypt_start_output(type); } return(0);}/* * Called when a ENCRYPT START command is received. */int#ifdef CK_ANSICencrypt_start(unsigned char *data, int cnt)#elseencrypt_start(data, cnt) unsigned char *data; int cnt;#endif{ Encryptions *ep; if (!decrypt_mode) { /* * Something is wrong. We should not get a START * command without having already picked our * decryption scheme. Send a REQUEST-END to * attempt to clear the channel... */ encrypt_send_request_end(); printf("Authentication error!\n%s\n", "Warning, Cannot decrypt input stream!!!"); return(-1); } if (ep = finddecryption(decrypt_mode)) { if ( decrypt_input != ep->input ) { decrypt_input = ep->input; EncryptKSGlobalHack->decrypt = decrypt_ks_stream; EncryptKSGlobalHack->decrypt_type = ep->type; if (encrypt_verbose) { sprintf(dbgbuf, "Input is now decrypted with type %s", ENCTYPE_NAME(decrypt_mode)); /* safe */ debug(F110,"encrypt_start",dbgbuf,0); printf("%s\n",dbgbuf); }#ifdef DEBUG if (encrypt_debug_mode) { sprintf(dbgbuf, ">>>Start to decrypt input with type %s", ENCTYPE_NAME(decrypt_mode)); /* safe */ debug(F110,"ck_crp",dbgbuf,0); }#endif } } else { char buf[1024]; sprintf(buf, "Warning, Cannot decrypt type %s (%d)!!!", ENCTYPE_NAME_OK(decrypt_mode) ? ENCTYPE_NAME(decrypt_mode) : "(unknown)", decrypt_mode); /* safe */ printf("Authentication error!\n%s\n",buf); encrypt_send_request_end(); return(-1); } return(0);}int#ifdef CK_ANSICencrypt_dont_support(int type)#elseencrypt_dont_support(type) int type;#endif{ i_wont_support_encrypt |= typemask(type); i_wont_support_decrypt |= typemask(type); return(0);}int#ifdef CK_ANSICencrypt_session_key(Session_Key *key, int server)#elseencrypt_session_key(key, server) Session_Key *key; int server;#endif{ Encryptions *ep = encryptions; if (havesessionkey) return(0); havesessionkey = 1; while (ep->type) { debug(F111,"encrypt_session_key",ep->name,ep->type); if (ep->session) { if ((*ep->session)(key, server) < 0) { i_wont_support_encrypt |= typemask(ep->type); i_wont_support_decrypt |= typemask(ep->type); } } ++ep; } debug(F111,"encrypt_session_key (done)",ep->name,ep->type); return(0);}/* * Called when ENCRYPT END is received. */int#ifdef CK_ANSICencrypt_end(VOID)#elseencrypt_end()#endif{ decrypt_input = NULL; EncryptKSGlobalHack->decrypt = NULL; EncryptKSGlobalHack->decrypt_type = ENCTYPE_ANY;#ifdef DEBUG if (encrypt_debug_mode) { sprintf(dbgbuf, ">>>Input is back to clear text"); /* safe */ debug(F110,"encrypt_end",dbgbuf,0); }#endif if (encrypt_verbose) { sprintf(dbgbuf, "Input is now clear text"); /* safe */ debug(F110,"encrypt_end",dbgbuf,0); printf("%s\n",dbgbuf); } return(0);}/* * Called when ENCRYPT REQUEST-END is received. */int#ifdef CK_ANSICencrypt_request_end(VOID)#elseencrypt_request_end()#endif{ encrypt_send_end(); return(0);}/* * Called when ENCRYPT REQUEST-START is received. If we receive * this before a type is picked, then that indicates that the * other side wants us to start encrypting data as soon as we * can. */int#ifdef CK_ANSICencrypt_request_start(VOID)#elseencrypt_request_start()#endif{ if (encrypt_mode != 0) encrypt_start_output(encrypt_mode); return(0);}static unsigned char str_keyid[(MAXKEYLEN*2)+5] = { IAC, SB, TELOPT_ENCRYPTION};_PROTOTYP(int encrypt_keyid,(struct key_info *,unsigned char *,int));int#ifdef CK_ANSICencrypt_enc_keyid(unsigned char *keyid, int len)#elseencrypt_enc_keyid(keyid, len) unsigned char *keyid; int len;#endif{ return(encrypt_keyid(&ki[1], keyid, len));}int#ifdef CK_ANSICencrypt_dec_keyid(unsigned char *keyid, int len)#elseencrypt_dec_keyid(keyid, len) unsigned char *keyid; int len;#endif /* CK_ANSIC */{ return(encrypt_keyid(&ki[0], keyid, len));}int#ifdef CK_ANSICencrypt_keyid(struct key_info *kp, unsigned char *keyid, int len)#elseencrypt_keyid(kp, keyid, len) struct key_info *kp; unsigned char *keyid; int len;#endif{ Encryptions *ep; int dir = kp->dir; register int ret = 0; if (!(ep = (*kp->getcrypt)(*kp->modep))) { if (len == 0) return(-1); kp->keylen = 0; } else if (len == 0 || len > MAXKEYLEN) { /* * Empty option or Key too long, indicates a failure. */ if (kp->keylen == 0) return(-1); kp->keylen = 0; if (ep->keyid) (void)(*ep->keyid)(dir, kp->keyid, &kp->keylen); } else if ((len != kp->keylen) || (memcmp(keyid, kp->keyid, len) != 0)) { /* * Length or contents are different */ kp->keylen = len; memcpy(kp->keyid, keyid, len); /* length < MAXKEYLEN */ if (ep->keyid) (void)(*ep->keyid)(dir, kp->keyid, &kp->keylen); } else { if (ep->keyid) ret = (*ep->keyid)(dir, kp->keyid, &kp->keylen); if ((ret == 0) && (dir == DIR_ENCRYPT) && autoencrypt) encrypt_start_output(*kp->modep); return(0); } encrypt_send_keyid(dir, kp->keyid, kp->keylen, 0); return(0);}int#ifdef CK_ANSICencrypt_send_keyid(int dir, unsigned char *keyid, int keylen, int saveit)⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -