📄 ssh.h
字号:
CRYPT_ALGO_TYPE pubkeyAlgo; /* Host signature algo */
BUFFER( CRYPT_MAX_PKCSIZE, secretValueLength ) \
BYTE secretValue[ CRYPT_MAX_PKCSIZE + 8 ]; /* Shared secret value */
int secretValueLength;
/* Short-term server key (SSHv1) or DH key agreement context (SSHv2),
and the client requested DH key size for the SSHv2 key exchange.
Alongside the actual key size, we also store the original encoded
form, which has to be hashed as part of the exchange hash. The
long-term host key is stored as the session info iKeyexCryptContext
for the client and privateKey for the server */
CRYPT_CONTEXT iServerCryptContext;
int serverKeySize, requestedServerKeySize;
BUFFER( UINT_SIZE * 3, encodedReqKeySizesLength ) \
BYTE encodedReqKeySizes[ ( UINT_SIZE * 3 ) + 8 ];
int encodedReqKeySizesLength;
/* Tables mapping SSHv2 algorithm names to cryptlib algorithm IDs.
These are declared once in ssh2.c and referred to here via pointers
to allow them to be static const, which is necessary in some
environments to get them into the read-only segment */
const ALGO_STRING_INFO FAR_BSS *algoStringPubkeyTbl;
int algoStringPubkeyTblNoEntries;
/* Function pointers to handshaking functions. These are set up as
required depending on whether the protocol being used is v1 or v2,
and the session is client or server */
CHECK_RETVAL \
int ( *beginHandshake )( INOUT SESSION_INFO *sessionInfoPtr,
INOUT struct SH *handshakeInfo ) \
STDC_NONNULL_ARG( ( 1, 2 ) );
CHECK_RETVAL \
int ( *exchangeKeys )( INOUT SESSION_INFO *sessionInfoPtr,
INOUT struct SH *handshakeInfo ) \
STDC_NONNULL_ARG( ( 1, 2 ) );
CHECK_RETVAL \
int ( *completeHandshake )( INOUT SESSION_INFO *sessionInfoPtr,
INOUT struct SH *handshakeInfo ) \
STDC_NONNULL_ARG( ( 1, 2 ) );
} SSH_HANDSHAKE_INFO;
/* Channel number and ID used to mark an unused channel */
#define UNUSED_CHANNEL_NO CRYPT_ERROR
#define UNUSED_CHANNEL_ID 0
/****************************************************************************
* *
* SSH Functions *
* *
****************************************************************************/
/* Unlike SSL, SSH only hashes portions of the handshake, and even then not
complete packets but arbitrary bits and pieces. In order to perform the
hashing, we have to be able to bookmark positions in a stream to allow
the data at that point to be hashed once it's been encoded or decoded.
The following macros set and complete a bookmark.
When we create or continue a packet stream, the packet type is written
before we can set the bookmark. To handle this, we also provide a macro
that sets the bookmark for a full packet by adjusting for the packet type
that's already been written */
#define streamBookmarkSet( stream, offset ) \
offset = stell( stream )
#define streamBookmarkSetFullPacket( stream, offset ) \
offset = stell( stream ) - ID_SIZE
CHECK_RETVAL \
int streamBookmarkComplete( INOUT STREAM *stream, OUT_PTR void **dataPtrPtr,
OUT int *length, const int position ) \
STDC_NONNULL_ARG( ( 1, 2, 3 ) );
/* Prototypes for functions in ssh2.c */
CHECK_RETVAL \
int readAlgoString( INOUT STREAM *stream,
IN_ARRAY( noAlgoStringEntries ) \
const ALGO_STRING_INFO *algoInfo,
const int noAlgoStringEntries,
OUT CRYPT_ALGO_TYPE *algo, const BOOLEAN useFirstMatch,
INOUT ERROR_INFO *errorInfo ) \
STDC_NONNULL_ARG( ( 1, 2, 4, 6 ) );
int writeAlgoString( INOUT STREAM *stream, const CRYPT_ALGO_TYPE algo ) \
STDC_NONNULL_ARG( ( 1 ) );
CHECK_RETVAL \
int completeKeyex( INOUT SESSION_INFO *sessionInfoPtr,
INOUT SSH_HANDSHAKE_INFO *handshakeInfo,
const BOOLEAN isServer ) \
STDC_NONNULL_ARG( ( 1, 2 ) );
CHECK_RETVAL \
int openPacketStreamSSH( INOUT STREAM *stream,
const SESSION_INFO *sessionInfoPtr,
const int bufferSize, const int packetType ) \
STDC_NONNULL_ARG( ( 1, 2 ) );
CHECK_RETVAL \
int continuePacketStreamSSH( INOUT STREAM *stream, const int packetType,
int *packetOffset ) \
STDC_NONNULL_ARG( ( 1, 3 ) );
CHECK_RETVAL \
int processHelloSSH( INOUT SESSION_INFO *sessionInfoPtr,
INOUT SSH_HANDSHAKE_INFO *handshakeInfo,
OUT int *keyexLength,
const BOOLEAN isServer ) \
STDC_NONNULL_ARG( ( 1, 2, 3 ) );
/* Prototypes for functions in ssh2_chn.c */
typedef enum { CHANNEL_NONE, CHANNEL_READ, CHANNEL_WRITE,
CHANNEL_BOTH, CHANNEL_LAST } CHANNEL_TYPE;
CHECK_RETVAL \
int createChannel( INOUT SESSION_INFO *sessionInfoPtr ) \
STDC_NONNULL_ARG( ( 1 ) );
CHECK_RETVAL \
int addChannel( INOUT SESSION_INFO *sessionInfoPtr, const long channelNo,
const int maxPacketSize,
IN_BUFFER( typeLen ) \
const void *type, const int typeLen,
IN_BUFFER_OPT( arg1Len ) \
const void *arg1, const int arg1Len ) \
STDC_NONNULL_ARG( ( 1, 4 ) );
CHECK_RETVAL \
int deleteChannel( INOUT SESSION_INFO *sessionInfoPtr, const long channelNo,
const CHANNEL_TYPE channelType,
const BOOLEAN closeLastChannel ) \
STDC_NONNULL_ARG( ( 1 ) );
CHECK_RETVAL \
int deleteChannelAddr( INOUT SESSION_INFO *sessionInfoPtr,
IN_BUFFER( addrInfoLen ) \
const char *addrInfo, const int addrInfoLen ) \
STDC_NONNULL_ARG( ( 1, 2 ) );
CHECK_RETVAL \
int selectChannel( INOUT SESSION_INFO *sessionInfoPtr, const long channelNo,
const CHANNEL_TYPE channelType ) \
STDC_NONNULL_ARG( ( 1 ) );
CHECK_RETVAL \
int getCurrentChannelNo( const SESSION_INFO *sessionInfoPtr,
const CHANNEL_TYPE channelType ) \
STDC_NONNULL_ARG( ( 1 ) );
CHECK_RETVAL \
CHANNEL_TYPE getChannelStatus( const SESSION_INFO *sessionInfoPtr,
const long channelNo ) \
STDC_NONNULL_ARG( ( 1 ) );
CHECK_RETVAL \
CHANNEL_TYPE getChannelStatusAddr( const SESSION_INFO *sessionInfoPtr,
IN_BUFFER( addrInfoLen ) \
const char *addrInfo,
const int addrInfoLen ) \
STDC_NONNULL_ARG( ( 1, 2 ) );
CHECK_RETVAL \
int getChannelAttribute( const SESSION_INFO *sessionInfoPtr,
const CRYPT_ATTRIBUTE_TYPE attribute,
int *value ) \
STDC_NONNULL_ARG( ( 1, 3 ) );
CHECK_RETVAL \
int getChannelAttributeString( const SESSION_INFO *sessionInfoPtr,
const CRYPT_ATTRIBUTE_TYPE attribute,
OUT_BUFFER_OPT( dataMaxLength, *dataLength ) \
void *data, const int dataMaxLength,
OUT int *dataLength ) \
STDC_NONNULL_ARG( ( 1, 5 ) );
CHECK_RETVAL \
int getChannelExtAttribute( const SESSION_INFO *sessionInfoPtr,
const SSH_ATTRIBUTE_TYPE attribute,
OUT_BUFFER_OPT( dataMaxLength, *dataLength ) \
void *data, const int dataMaxLength,
int *dataLength ) \
STDC_NONNULL_ARG( ( 1, 5 ) );
CHECK_RETVAL \
int setChannelAttribute( INOUT SESSION_INFO *sessionInfoPtr,
const CRYPT_ATTRIBUTE_TYPE attribute,
const int value ) \
STDC_NONNULL_ARG( ( 1 ) );
CHECK_RETVAL \
int setChannelAttributeString( INOUT SESSION_INFO *sessionInfoPtr,
const CRYPT_ATTRIBUTE_TYPE attribute,
IN_BUFFER( dataLength ) \
const void *data, const int dataLength ) \
STDC_NONNULL_ARG( ( 1, 3 ) );
CHECK_RETVAL \
int setChannelExtAttribute( const SESSION_INFO *sessionInfoPtr,
const SSH_ATTRIBUTE_TYPE attribute,
IN_BUFFER_OPT( dataLength ) \
const void *data, const int dataLength ) \
STDC_NONNULL_ARG( ( 1 ) );
CHECK_RETVAL \
int enqueueResponse( INOUT SESSION_INFO *sessionInfoPtr, const int type,
const int noParams, const long channelNo,
const int param1, const int param2, const int param3 ) \
STDC_NONNULL_ARG( ( 1 ) );
CHECK_RETVAL \
int sendEnqueuedResponse( INOUT SESSION_INFO *sessionInfoPtr,
const int offset ) \
STDC_NONNULL_ARG( ( 1 ) );
CHECK_RETVAL \
int enqueueChannelData( INOUT SESSION_INFO *sessionInfoPtr, const int type,
const long channelNo, const int param ) \
STDC_NONNULL_ARG( ( 1 ) );
CHECK_RETVAL \
int appendChannelData( INOUT SESSION_INFO *sessionInfoPtr,
const int offset ) \
STDC_NONNULL_ARG( ( 1 ) );
/* Prototypes for functions in ssh2_msg.c */
CHECK_RETVAL \
int sendChannelOpen( INOUT SESSION_INFO *sessionInfoPtr ) \
STDC_NONNULL_ARG( ( 1 ) );
CHECK_RETVAL \
int processChannelOpen( INOUT SESSION_INFO *sessionInfoPtr,
INOUT STREAM *stream ) \
STDC_NONNULL_ARG( ( 1, 2 ) );
CHECK_RETVAL \
int processChannelControlMessage( INOUT SESSION_INFO *sessionInfoPtr,
INOUT STREAM *stream ) \
STDC_NONNULL_ARG( ( 1, 2 ) );
CHECK_RETVAL \
int closeChannel( INOUT SESSION_INFO *sessionInfoPtr,
const BOOLEAN closeLastChannel ) \
STDC_NONNULL_ARG( ( 1 ) );
/* Prototypes for functions in ssh2_cry.c */
typedef enum { MAC_NONE, MAC_START, MAC_END, MAC_ALL, MAC_LAST } MAC_TYPE;
CHECK_RETVAL \
int initDHcontextSSH( OUT CRYPT_CONTEXT *iCryptContext, OUT int *keySize,
IN_BUFFER_OPT( keyDataLength ) \
const void *keyData, const int keyDataLength,
const int requestedKeySize ) \
STDC_NONNULL_ARG( ( 1, 2 ) );
CHECK_RETVAL \
int initSecurityInfo( INOUT SESSION_INFO *sessionInfoPtr,
INOUT SSH_HANDSHAKE_INFO *handshakeInfo ) \
STDC_NONNULL_ARG( ( 1, 2 ) );
CHECK_RETVAL \
int initSecurityContextsSSH( INOUT SESSION_INFO *sessionInfoPtr ) \
STDC_NONNULL_ARG( ( 1 ) );
void destroySecurityContextsSSH( INOUT SESSION_INFO *sessionInfoPtr ) \
STDC_NONNULL_ARG( ( 1 ) );
CHECK_RETVAL \
int hashAsString( const CRYPT_CONTEXT iHashContext,
IN_BUFFER( dataLength ) \
const BYTE *data, const int dataLength ) \
STDC_NONNULL_ARG( ( 2 ) );
CHECK_RETVAL \
int hashAsMPI( const CRYPT_CONTEXT iHashContext,
IN_BUFFER( dataLength ) \
const BYTE *data, const int dataLength ) \
STDC_NONNULL_ARG( ( 2 ) );
CHECK_RETVAL \
int checkMacSSH( const CRYPT_CONTEXT iMacContext, const long seqNo,
IN_BUFFER( dataMaxLength ) \
const BYTE *data, const int dataMaxLength,
const int dataLength, const int packetDataLength,
const MAC_TYPE macType, const int macLength ) \
STDC_NONNULL_ARG( ( 3 ) );
CHECK_RETVAL \
int createMacSSH( const CRYPT_CONTEXT iMacContext, const long seqNo,
INOUT_BUFFER_FIXED( dataMaxLength ) \
BYTE *data, const int dataMaxLength,
const int dataLength ) \
STDC_NONNULL_ARG( ( 3 ) );
/* Prototypes for functions in ssh2_rw.c */
CHECK_RETVAL \
int wrapPacketSSH2( INOUT SESSION_INFO *sessionInfoPtr, INOUT STREAM *stream,
const int offset, const BOOLEAN useQuantisedPadding,
const BOOLEAN isWriteableStream ) \
STDC_NONNULL_ARG( ( 1, 2 ) );
CHECK_RETVAL \
int sendPacketSSH2( INOUT SESSION_INFO *sessionInfoPtr, INOUT STREAM *stream,
const BOOLEAN sendOnly ) \
STDC_NONNULL_ARG( ( 1, 2 ) );
CHECK_RETVAL \
int readPacketHeaderSSH2( INOUT SESSION_INFO *sessionInfoPtr,
const int expectedType, OUT long *packetLength,
OUT int *packetExtraLength,
INOUT_OPT READSTATE_INFO *readInfo ) \
STDC_NONNULL_ARG( ( 1, 3, 4 ) );
CHECK_RETVAL \
int readHSPacketSSH2( INOUT SESSION_INFO *sessionInfoPtr, int expectedType,
const int minPacketSize ) \
STDC_NONNULL_ARG( ( 1 ) );
CHECK_RETVAL \
int getDisconnectInfo( INOUT SESSION_INFO *sessionInfoPtr,
INOUT STREAM *stream ) \
STDC_NONNULL_ARG( ( 1, 2 ) );
/* Prototypes for session mapping functions */
void initSSH1processing( INOUT SESSION_INFO *sessionInfoPtr,
INOUT_OPT SSH_HANDSHAKE_INFO *handshakeInfo,
const BOOLEAN isServer ) \
STDC_NONNULL_ARG( ( 1 ) );
void initSSH2processing( INOUT SESSION_INFO *sessionInfoPtr,
INOUT_OPT SSH_HANDSHAKE_INFO *handshakeInfo,
const BOOLEAN isServer ) \
STDC_NONNULL_ARG( ( 1 ) );
void initSSH2clientProcessing( INOUT SESSION_INFO *sessionInfoPtr,
INOUT SSH_HANDSHAKE_INFO *handshakeInfo ) \
STDC_NONNULL_ARG( ( 1, 2 ) );
void initSSH2serverProcessing( INOUT SESSION_INFO *sessionInfoPtr,
INOUT SSH_HANDSHAKE_INFO *handshakeInfo ) \
STDC_NONNULL_ARG( ( 1, 2 ) );
#ifndef USE_SSH
#define initSSH2processing initSSH1processing
#endif /* USE_SSH */
#ifndef USE_SSH1
#define initSSH1processing initSSH2processing
#endif /* USE_SSH1 */
#endif /* _SSH_DEFINED */
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -