From 455e1b534d70da0002da24f0bab36c84e25e8659 Mon Sep 17 00:00:00 2001 From: Apex Liu Date: Wed, 8 Mar 2017 14:24:58 +0800 Subject: [PATCH] update libssh to 0.7.4. --- .gitignore | 2 + client/tp_assist/tp_assist.cpp | 3 + client/tp_assist/ts_env.cpp | 36 +- client/tp_assist/ts_http_rpc.cpp | 14 +- client/tp_assist/ts_http_rpc.h | 3 + common/libex/src/ex_util.cpp | 2 - external/libssh-win-static/include/config.h | 8 +- .../libssh-win-static/include/libssh/agent.h | 8 +- .../libssh-win-static/include/libssh/bignum.h | 6 +- .../libssh-win-static/include/libssh/blf.h | 26 +- .../libssh-win-static/include/libssh/buffer.h | 46 +- .../include/libssh/callbacks.h | 149 ---- .../include/libssh/channels.h | 15 +- .../libssh-win-static/include/libssh/crypto.h | 24 +- .../libssh-win-static/include/libssh/dh.h | 28 +- .../libssh-win-static/include/libssh/kex.h | 6 +- .../include/libssh/libcrypto.h | 12 +- .../include/libssh/libgcrypt.h | 18 +- .../libssh-win-static/include/libssh/libssh.h | 58 +- .../libssh-win-static/include/libssh/misc.h | 9 - .../libssh-win-static/include/libssh/packet.h | 18 +- .../libssh-win-static/include/libssh/pki.h | 5 - .../include/libssh/pki_priv.h | 5 + .../libssh-win-static/include/libssh/poll.h | 2 - .../libssh-win-static/include/libssh/priv.h | 22 +- .../libssh-win-static/include/libssh/server.h | 3 + .../libssh-win-static/include/libssh/sftp.h | 14 +- .../libssh-win-static/libssh.vs2015.vcxproj | 5 +- .../libssh.vs2015.vcxproj.filters | 3 - external/libssh-win-static/src/agent.c | 44 +- external/libssh-win-static/src/auth.c | 49 +- external/libssh-win-static/src/auth1.c | 12 +- external/libssh-win-static/src/bignum.c | 6 +- external/libssh-win-static/src/buffer.c | 153 ++-- external/libssh-win-static/src/callbacks.c | 98 +-- external/libssh-win-static/src/channels.c | 240 +++--- external/libssh-win-static/src/channels1.c | 66 +- external/libssh-win-static/src/client.c | 11 +- external/libssh-win-static/src/connector.c | 619 -------------- external/libssh-win-static/src/curve25519.c | 30 +- external/libssh-win-static/src/dh.c | 104 ++- external/libssh-win-static/src/ecdh.c | 26 +- .../src/external/bcrypt_pbkdf.c | 4 +- .../libssh-win-static/src/external/blowfish.c | 42 +- .../src/external/curve25519_ref.c | 4 - .../libssh-win-static/src/external/fe25519.c | 5 - .../libssh-win-static/src/gcrypt_missing.c | 4 +- external/libssh-win-static/src/gssapi.c | 144 +++- external/libssh-win-static/src/gzip.c | 14 +- external/libssh-win-static/src/kex.c | 34 +- external/libssh-win-static/src/kex1.c | 36 +- external/libssh-win-static/src/known_hosts.c | 22 +- external/libssh-win-static/src/legacy.c | 2 +- external/libssh-win-static/src/libcrypto.c | 799 +++++++----------- external/libssh-win-static/src/libgcrypt.c | 52 -- external/libssh-win-static/src/messages.c | 243 ++---- external/libssh-win-static/src/misc.c | 21 +- external/libssh-win-static/src/options.c | 27 +- external/libssh-win-static/src/packet.c | 81 +- external/libssh-win-static/src/packet1.c | 44 +- external/libssh-win-static/src/packet_cb.c | 18 +- external/libssh-win-static/src/packet_crypt.c | 23 +- external/libssh-win-static/src/pcap.c | 44 +- external/libssh-win-static/src/pki.c | 305 ++----- .../src/pki_container_openssh.c | 75 +- external/libssh-win-static/src/pki_crypto.c | 147 ++-- external/libssh-win-static/src/pki_ed25519.c | 2 +- external/libssh-win-static/src/pki_gcrypt.c | 578 +++++++------ external/libssh-win-static/src/poll.c | 65 +- external/libssh-win-static/src/server.c | 58 +- external/libssh-win-static/src/session.c | 10 +- external/libssh-win-static/src/sftp.c | 261 +++--- external/libssh-win-static/src/sftpserver.c | 48 +- external/libssh-win-static/src/socket.c | 24 +- external/libssh-win-static/src/wrapper.c | 10 +- external/readme.md | 4 + server/tp_core/common/base_env.cpp | 25 +- server/tp_core/common/protocol_interface.h | 1 + server/tp_core/core/ts_env.cpp | 35 +- server/tp_core/core/ts_env.h | 5 +- server/tp_core/core/ts_main.cpp | 1 + .../www/teleport/app/eom_app/module/record.py | 3 + 82 files changed, 2029 insertions(+), 3299 deletions(-) delete mode 100644 external/libssh-win-static/src/connector.c diff --git a/.gitignore b/.gitignore index fb587de..9df5007 100644 --- a/.gitignore +++ b/.gitignore @@ -63,3 +63,5 @@ __pycache__ /build.bat /dist/windows/client/assist/apps /dist/windows/client/assist/cfg +/client/tools/putty +/client/tools/winscp diff --git a/client/tp_assist/tp_assist.cpp b/client/tp_assist/tp_assist.cpp index 239ac61..8a2592f 100644 --- a/client/tp_assist/tp_assist.cpp +++ b/client/tp_assist/tp_assist.cpp @@ -128,6 +128,9 @@ int APIENTRY wWinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPTSTR lpCmd DispatchMessage(&msg); } + http_rpc_stop(); + WaitForSingleObject(hThread, INFINITE); + CloseHandle(g_SingleInstanceMutexHandle); LocalFree(g_argv); diff --git a/client/tp_assist/ts_env.cpp b/client/tp_assist/ts_env.cpp index ed0aad4..9d0be5b 100644 --- a/client/tp_assist/ts_env.cpp +++ b/client/tp_assist/ts_env.cpp @@ -28,26 +28,48 @@ bool TsEnv::init(void) if (!ex_dirname(m_exec_path)) return false; + +#ifdef _DEBUG + m_ssh_client_conf_file = m_exec_path; + ex_path_join(m_ssh_client_conf_file, false, L"ssh.ini", NULL); + + m_scp_client_conf_file = m_exec_path; + ex_path_join(m_scp_client_conf_file, false, L"scp.ini", NULL); + + m_telnet_client_conf_file = m_exec_path; + ex_path_join(m_telnet_client_conf_file, false, L"telnet.ini", NULL); + + m_log_path = m_exec_path; + ex_path_join(m_log_path, false, L"log", NULL); + + m_site_path = m_exec_path; + ex_path_join(m_site_path, true, L"..", L"..", L"..", L"..", L"client", L"tp_assist", L"site", NULL); + + m_tools_path = m_exec_path; + ex_path_join(m_tools_path, true, L"..", L"..", L"..", L"..", L"client", L"tools", NULL); + +#else TCHAR szBuf[PATH_MAX] = { 0 }; SHGetSpecialFolderPathW(NULL, szBuf, CSIDL_APPDATA, FALSE); m_ssh_client_conf_file = szBuf;// m_exec_path; - ex_path_join(m_ssh_client_conf_file, false, _T("eomsoft"), _T("teleport"), _T("assist"), _T("cfg"), _T("ssh.ini"), NULL); + ex_path_join(m_ssh_client_conf_file, false, L"eomsoft", L"teleport", L"assist", L"cfg", L"ssh.ini", NULL); m_scp_client_conf_file = szBuf;// m_exec_path; - ex_path_join(m_scp_client_conf_file, false, _T("eomsoft"), _T("teleport"), _T("assist"), _T("cfg"), _T("scp.ini"), NULL); + ex_path_join(m_scp_client_conf_file, false, L"eomsoft", L"teleport", L"assist", L"cfg", L"scp.ini", NULL); m_telnet_client_conf_file = szBuf;// m_exec_path; - ex_path_join(m_telnet_client_conf_file, false, _T("eomsoft"), _T("teleport"), _T("assist"), _T("cfg"), _T("telnet.ini"), NULL); + ex_path_join(m_telnet_client_conf_file, false, L"eomsoft", L"teleport", L"assist", L"cfg", L"telnet.ini", NULL); m_log_path = szBuf;// m_exec_path; - ex_path_join(m_log_path, false, _T("eomsoft"), _T("teleport"), _T("assist"), _T("log"), NULL); + ex_path_join(m_log_path, false, L"eomsoft", L"teleport", L"assist", L"log", NULL); m_site_path = m_exec_path; - ex_path_join(m_site_path, false, _T("site"), NULL); - + ex_path_join(m_site_path, false, L"site", NULL); + m_tools_path = m_exec_path; - ex_path_join(m_tools_path, false, _T("tools"), NULL); + ex_path_join(m_tools_path, false, L"tools", NULL); +#endif return true; } diff --git a/client/tp_assist/ts_http_rpc.cpp b/client/tp_assist/ts_http_rpc.cpp index 46be619..658d038 100644 --- a/client/tp_assist/ts_http_rpc.cpp +++ b/client/tp_assist/ts_http_rpc.cpp @@ -108,6 +108,12 @@ void http_rpc_main_loop(void) EXLOGW("[prc] main loop end.\n"); } +void http_rpc_stop(void) +{ + g_http_interface.stop(); +} + + #define HEXTOI(x) (isdigit(x) ? x - '0' : x - 'W') int ts_url_decode(const char *src, int src_len, char *dst, int dst_len, int is_form_url_encoded) @@ -147,6 +153,7 @@ int ts_url_decode(const char *src, int src_len, char *dst, int dst_len, int is_f TsHttpRpc::TsHttpRpc() { + m_stop = false; mg_mgr_init(&m_mg_mgr, NULL); } @@ -212,12 +219,17 @@ bool TsHttpRpc::init(const char* ip, int port) void TsHttpRpc::run(void) { - for (;;) + while(!m_stop) { mg_mgr_poll(&m_mg_mgr, 500); } } +void TsHttpRpc::stop(void) +{ + m_stop = true; +} + void TsHttpRpc::_mg_event_handler(struct mg_connection *nc, int ev, void *ev_data) { struct http_message *hm = (struct http_message*)ev_data; diff --git a/client/tp_assist/ts_http_rpc.h b/client/tp_assist/ts_http_rpc.h index f543669..13eb378 100644 --- a/client/tp_assist/ts_http_rpc.h +++ b/client/tp_assist/ts_http_rpc.h @@ -61,6 +61,7 @@ json_param */ void http_rpc_main_loop(void); +void http_rpc_stop(void); typedef std::map content_type_map; @@ -80,6 +81,7 @@ public: bool init(const char* ip, int port); void run(void); + void stop(void); ex_astr get_content_type(ex_astr file_suffix) { @@ -113,6 +115,7 @@ private: private: content_type_map m_content_type_map; struct mg_mgr m_mg_mgr; + bool m_stop; }; #endif // __TS_HTTP_RPC_H__ diff --git a/common/libex/src/ex_util.cpp b/common/libex/src/ex_util.cpp index c8c879d..81bd035 100644 --- a/common/libex/src/ex_util.cpp +++ b/common/libex/src/ex_util.cpp @@ -3,8 +3,6 @@ #include #include -// #include - EX_BOOL ex_initialize(const char* lc_ctype) { #ifdef EX_OS_UNIX diff --git a/external/libssh-win-static/include/config.h b/external/libssh-win-static/include/config.h index a280de5..0a57676 100644 --- a/external/libssh-win-static/include/config.h +++ b/external/libssh-win-static/include/config.h @@ -6,7 +6,7 @@ #define PACKAGE "libssh" /* Version number of package */ -#define VERSION "0.7.0" +#define VERSION "0.7.4" /* #undef LOCALEDIR */ /* #undef DATADIR */ @@ -81,10 +81,10 @@ /*************************** FUNCTIONS ***************************/ /* Define to 1 if you have the `EVP_aes128_ctr' function. */ -/*#define HAVE_OPENSSL_EVP_AES_CTR 1*/ +#define HAVE_OPENSSL_EVP_AES_CTR 1 /* Define to 1 if you have the `EVP_aes128_cbc' function. */ -/*#define HAVE_OPENSSL_EVP_AES_CBC 1*/ +#define HAVE_OPENSSL_EVP_AES_CBC 1 /* Define to 1 if you have the `snprintf' function. */ #define HAVE_SNPRINTF 1 @@ -157,7 +157,7 @@ #define HAVE_MSC_THREAD_LOCAL_STORAGE 1 /* #undef HAVE_GCC_VOLATILE_MEMORY_PROTECTION */ -#define HAVE_GCC_NARG_MACRO 1 +/*#define HAVE_GCC_NARG_MACRO 1*/ /* #undef HAVE_COMPILER__FUNC__ */ #define HAVE_COMPILER__FUNCTION__ 1 diff --git a/external/libssh-win-static/include/libssh/agent.h b/external/libssh-win-static/include/libssh/agent.h index c739273..77209d0 100644 --- a/external/libssh-win-static/include/libssh/agent.h +++ b/external/libssh-win-static/include/libssh/agent.h @@ -81,16 +81,16 @@ struct ssh_agent_struct { * * @return An allocated ssh agent structure or NULL on error. */ -struct ssh_agent_struct *ssh_agent_new(struct ssh_session_struct *session); +struct ssh_agent_struct *agent_new(struct ssh_session_struct *session); -void ssh_agent_close(struct ssh_agent_struct *agent); +void agent_close(struct ssh_agent_struct *agent); /** * @brief Free an allocated ssh agent structure. * * @param agent The ssh agent structure to free. */ -void ssh_agent_free(struct ssh_agent_struct *agent); +void agent_free(struct ssh_agent_struct *agent); /** * @brief Check if the ssh agent is running. @@ -99,7 +99,7 @@ void ssh_agent_free(struct ssh_agent_struct *agent); * * @return 1 if it is running, 0 if not. */ -int ssh_agent_is_running(struct ssh_session_struct *session); +int agent_is_running(struct ssh_session_struct *session); int ssh_agent_get_ident_count(struct ssh_session_struct *session); diff --git a/external/libssh-win-static/include/libssh/bignum.h b/external/libssh-win-static/include/libssh/bignum.h index df77ebe..61786c8 100644 --- a/external/libssh-win-static/include/libssh/bignum.h +++ b/external/libssh-win-static/include/libssh/bignum.h @@ -24,9 +24,9 @@ #include "libssh/libcrypto.h" #include "libssh/libgcrypt.h" -bignum ssh_make_string_bn(ssh_string string); -void ssh_make_string_bn_inplace(ssh_string string, bignum bnout); -ssh_string ssh_make_bignum_string(bignum num); +bignum make_string_bn(ssh_string string); +void make_string_bn_inplace(ssh_string string, bignum bnout); +ssh_string make_bignum_string(bignum num); void ssh_print_bignum(const char *which,bignum num); diff --git a/external/libssh-win-static/include/libssh/blf.h b/external/libssh-win-static/include/libssh/blf.h index ce131e6..21185f3 100644 --- a/external/libssh-win-static/include/libssh/blf.h +++ b/external/libssh-win-static/include/libssh/blf.h @@ -53,7 +53,7 @@ typedef struct BlowfishContext { uint32_t S[4][256]; /* S-Boxes */ uint32_t P[BLF_N + 2]; /* Subkeys */ -} ssh_blf_ctx; +} blf_ctx; /* Raw access to customized Blowfish * blf_key is just: @@ -61,24 +61,24 @@ typedef struct BlowfishContext { * Blowfish_expand0state( state, key, keylen ) */ -void Blowfish_encipher(ssh_blf_ctx *, uint32_t *, uint32_t *); -void Blowfish_decipher(ssh_blf_ctx *, uint32_t *, uint32_t *); -void Blowfish_initstate(ssh_blf_ctx *); -void Blowfish_expand0state(ssh_blf_ctx *, const uint8_t *, uint16_t); +void Blowfish_encipher(blf_ctx *, uint32_t *, uint32_t *); +void Blowfish_decipher(blf_ctx *, uint32_t *, uint32_t *); +void Blowfish_initstate(blf_ctx *); +void Blowfish_expand0state(blf_ctx *, const uint8_t *, uint16_t); void Blowfish_expandstate -(ssh_blf_ctx *, const uint8_t *, uint16_t, const uint8_t *, uint16_t); +(blf_ctx *, const uint8_t *, uint16_t, const uint8_t *, uint16_t); /* Standard Blowfish */ -void ssh_blf_key(ssh_blf_ctx *, const uint8_t *, uint16_t); -void ssh_blf_enc(ssh_blf_ctx *, uint32_t *, uint16_t); -void ssh_blf_dec(ssh_blf_ctx *, uint32_t *, uint16_t); +void blf_key(blf_ctx *, const uint8_t *, uint16_t); +void blf_enc(blf_ctx *, uint32_t *, uint16_t); +void blf_dec(blf_ctx *, uint32_t *, uint16_t); -void ssh_blf_ecb_encrypt(ssh_blf_ctx *, uint8_t *, uint32_t); -void ssh_blf_ecb_decrypt(ssh_blf_ctx *, uint8_t *, uint32_t); +void blf_ecb_encrypt(blf_ctx *, uint8_t *, uint32_t); +void blf_ecb_decrypt(blf_ctx *, uint8_t *, uint32_t); -void ssh_blf_cbc_encrypt(ssh_blf_ctx *, uint8_t *, uint8_t *, uint32_t); -void ssh_blf_cbc_decrypt(ssh_blf_ctx *, uint8_t *, uint8_t *, uint32_t); +void blf_cbc_encrypt(blf_ctx *, uint8_t *, uint8_t *, uint32_t); +void blf_cbc_decrypt(blf_ctx *, uint8_t *, uint8_t *, uint32_t); /* Converts uint8_t to uint32_t */ uint32_t Blowfish_stream2word(const uint8_t *, uint16_t , uint16_t *); diff --git a/external/libssh-win-static/include/libssh/buffer.h b/external/libssh-win-static/include/libssh/buffer.h index d4cb071..826d0b7 100644 --- a/external/libssh-win-static/include/libssh/buffer.h +++ b/external/libssh-win-static/include/libssh/buffer.h @@ -41,12 +41,17 @@ struct ssh_buffer_struct { #define SSH_BUFFER_PACK_END ((uint32_t) 0x4f65feb3) +LIBSSH_API void ssh_buffer_free(ssh_buffer buffer); +LIBSSH_API void *ssh_buffer_get_begin(ssh_buffer buffer); +LIBSSH_API uint32_t ssh_buffer_get_len(ssh_buffer buffer); +LIBSSH_API ssh_buffer ssh_buffer_new(void); void ssh_buffer_set_secure(ssh_buffer buffer); -int ssh_buffer_add_ssh_string(ssh_buffer buffer, ssh_string string); -int ssh_buffer_add_u8(ssh_buffer buffer, uint8_t data); -int ssh_buffer_add_u16(ssh_buffer buffer, uint16_t data); -int ssh_buffer_add_u32(ssh_buffer buffer, uint32_t data); -int ssh_buffer_add_u64(ssh_buffer buffer, uint64_t data); +int buffer_add_ssh_string(ssh_buffer buffer, ssh_string string); +int buffer_add_u8(ssh_buffer buffer, uint8_t data); +int buffer_add_u16(ssh_buffer buffer, uint16_t data); +int buffer_add_u32(ssh_buffer buffer, uint32_t data); +int buffer_add_u64(ssh_buffer buffer, uint64_t data); +int ssh_buffer_add_data(ssh_buffer buffer, const void *data, uint32_t len); int ssh_buffer_pack_va(struct ssh_buffer_struct *buffer, const char *format, @@ -69,20 +74,27 @@ int _ssh_buffer_unpack(struct ssh_buffer_struct *buffer, #define ssh_buffer_unpack(buffer, format, ...) \ _ssh_buffer_unpack((buffer), (format), __VA_NARG__(__VA_ARGS__), __VA_ARGS__, SSH_BUFFER_PACK_END) -int ssh_buffer_prepend_data(ssh_buffer buffer, const void *data, uint32_t len); -int ssh_buffer_add_buffer(ssh_buffer buffer, ssh_buffer source); +int buffer_prepend_data(ssh_buffer buffer, const void *data, uint32_t len); +int buffer_add_buffer(ssh_buffer buffer, ssh_buffer source); +int ssh_buffer_reinit(ssh_buffer buffer); + +/* buffer_get_rest returns a pointer to the current position into the buffer */ +void *buffer_get_rest(ssh_buffer buffer); +/* buffer_get_rest_len returns the number of bytes which can be read */ +uint32_t buffer_get_rest_len(ssh_buffer buffer); /* buffer_read_*() returns the number of bytes read, except for ssh strings */ -int ssh_buffer_get_u8(ssh_buffer buffer, uint8_t *data); -int ssh_buffer_get_u32(ssh_buffer buffer, uint32_t *data); -int ssh_buffer_get_u64(ssh_buffer buffer, uint64_t *data); +int buffer_get_u8(ssh_buffer buffer, uint8_t *data); +int buffer_get_u32(ssh_buffer buffer, uint32_t *data); +int buffer_get_u64(ssh_buffer buffer, uint64_t *data); -/* ssh_buffer_get_ssh_string() is an exception. if the String read is too large or invalid, it will answer NULL. */ -ssh_string ssh_buffer_get_ssh_string(ssh_buffer buffer); -/* ssh_gets a string out of a SSH-1 mpint */ -ssh_string ssh_buffer_get_mpint(ssh_buffer buffer); -/* ssh_buffer_pass_bytes acts as if len bytes have been read (used for padding) */ -uint32_t ssh_buffer_pass_bytes_end(ssh_buffer buffer, uint32_t len); -uint32_t ssh_buffer_pass_bytes(ssh_buffer buffer, uint32_t len); +uint32_t buffer_get_data(ssh_buffer buffer, void *data, uint32_t requestedlen); +/* buffer_get_ssh_string() is an exception. if the String read is too large or invalid, it will answer NULL. */ +ssh_string buffer_get_ssh_string(ssh_buffer buffer); +/* gets a string out of a SSH-1 mpint */ +ssh_string buffer_get_mpint(ssh_buffer buffer); +/* buffer_pass_bytes acts as if len bytes have been read (used for padding) */ +uint32_t buffer_pass_bytes_end(ssh_buffer buffer, uint32_t len); +uint32_t buffer_pass_bytes(ssh_buffer buffer, uint32_t len); #endif /* BUFFER_H_ */ diff --git a/external/libssh-win-static/include/libssh/callbacks.h b/external/libssh-win-static/include/libssh/callbacks.h index 2527a49..6bd8c57 100644 --- a/external/libssh-win-static/include/libssh/callbacks.h +++ b/external/libssh-win-static/include/libssh/callbacks.h @@ -124,18 +124,6 @@ typedef void (*ssh_global_request_callback) (ssh_session session, typedef ssh_channel (*ssh_channel_open_request_x11_callback) (ssh_session session, const char * originator_address, int originator_port, void *userdata); -/** - * @brief Handles an SSH new channel open "auth-agent" request. This happens when the server - * sends back an "auth-agent" connection attempt. This is a client-side API - * @param session current session handler - * @param userdata Userdata to be passed to the callback function. - * @returns a valid ssh_channel handle if the request is to be allowed - * @returns NULL if the request should not be allowed - * @warning The channel pointer returned by this callback must be closed by the application. - */ -typedef ssh_channel (*ssh_channel_open_request_auth_agent_callback) (ssh_session session, - void *userdata); - /** * The structure to replace libssh functions with appropriate callbacks. */ @@ -166,9 +154,6 @@ struct ssh_callbacks_struct { /** This function will be called when an incoming X11 request is received. */ ssh_channel_open_request_x11_callback channel_open_request_x11_function; - /** This function will be called when an incoming "auth-agent" request is received. - */ - ssh_channel_open_request_auth_agent_callback channel_open_request_auth_agent_function; }; typedef struct ssh_callbacks_struct *ssh_callbacks; @@ -435,84 +420,6 @@ typedef struct ssh_socket_callbacks_struct *ssh_socket_callbacks; ((p)-> c != NULL) \ ) -/** - * @internal - * - * @brief Iterate through a list of callback structures - * - * This tests for their validity and executes them. The userdata argument is - * automatically passed through. - * - * @param list list of callbacks - * - * @param cbtype type of the callback - * - * @param c callback name - * - * @param va_args parameters to be passed - */ -#define ssh_callbacks_execute_list(list, cbtype, c, ...) \ - do { \ - struct ssh_iterator *i = ssh_list_get_iterator(list); \ - cbtype cb; \ - while (i != NULL){ \ - cb = ssh_iterator_value(cbtype, i); \ - if (ssh_callbacks_exists(cb, c)) \ - cb-> c (__VA_ARGS__, cb->userdata); \ - i = i->next; \ - } \ - } while(0) - -/** - * @internal - * - * @brief iterate through a list of callback structures. - * - * This tests for their validity and give control back to the calling code to - * execute them. Caller can decide to break the loop or continue executing the - * callbacks with different parameters - * - * @code - * ssh_callbacks_iterate(channel->callbacks, ssh_channel_callbacks, - * channel_eof_function){ - * rc = ssh_callbacks_iterate_exec(session, channel); - * if (rc != SSH_OK){ - * break; - * } - * } - * ssh_callbacks_iterate_end(); - * @endcode - */ -/* -#define ssh_callbacks_iterate(_cb_list, _cb_type, _cb_name) \ - do { \ - struct ssh_iterator *_cb_i = ssh_list_get_iterator(_cb_list); \ - _cb_type _cb; \ - __typeof__(_cb->_cb_name) _cb_p; \ - for (; _cb_i != NULL; _cb_i = _cb_i->next) { \ - _cb = ssh_iterator_value(_cb_type, _cb_i); \ - if (ssh_callbacks_exists(_cb, _cb_name) && \ - (_cb_p = _cb->_cb_name)) -*/ - -#define ssh_callbacks_iterate(_cb_list, _cb_type, _cb_callback, _cb_function) \ - do { \ - struct ssh_iterator *_cb_i = ssh_list_get_iterator(_cb_list); \ - _cb_type _cb; \ - _cb_callback _cb_p; \ - for (; _cb_i != NULL; _cb_i = _cb_i->next) { \ - _cb = ssh_iterator_value(_cb_type, _cb_i); \ - if (ssh_callbacks_exists(_cb, _cb_function) && \ - (_cb_p = _cb->_cb_function)) - - -#define ssh_callbacks_iterate_exec(...) \ - _cb_p(__VA_ARGS__, _cb->userdata) - -#define ssh_callbacks_iterate_end() \ - } \ - } while(0) - /** @brief Prototype for a packet callback, to be called when a new packet arrives * @param session The current session of the packet * @param type packet type (see ssh2.h) @@ -772,22 +679,6 @@ typedef int (*ssh_channel_subsystem_request_callback) (ssh_session session, const char *subsystem, void *userdata); -/** - * @brief SSH channel write will not block (flow control). - * - * @param channel the channel - * - * @param[in] bytes size of the remote window in bytes. Writing as much data - * will not block. - * - * @param[in] userdata Userdata to be passed to the callback function. - * - * @returns 0 default return value (other return codes may be added in future). - */ -typedef int (*ssh_channel_write_wontblock_callback) (ssh_session session, - ssh_channel channel, - size_t bytes, - void *userdata); struct ssh_channel_callbacks_struct { /** DON'T SET THIS use ssh_callbacks_init() instead. */ @@ -852,10 +743,6 @@ struct ssh_channel_callbacks_struct { * (like sftp). */ ssh_channel_subsystem_request_callback channel_subsystem_request_function; - /** This function will be called when the channel write is guaranteed - * not to block. - */ - ssh_channel_write_wontblock_callback channel_write_wontblock_function; }; typedef struct ssh_channel_callbacks_struct *ssh_channel_callbacks; @@ -880,46 +767,10 @@ typedef struct ssh_channel_callbacks_struct *ssh_channel_callbacks; * @param cb The callback structure itself. * * @return SSH_OK on success, SSH_ERROR on error. - * @warning this function will not replace existing callbacks but set the - * new one atop of them. */ LIBSSH_API int ssh_set_channel_callbacks(ssh_channel channel, ssh_channel_callbacks cb); -/** - * @brief Add channel callback functions - * - * This function will add channel callback functions to the channel callback - * list. - * Callbacks missing from a callback structure will be probed in the next - * on the list. - * - * @param channel The channel to set the callback structure. - * - * @param cb The callback structure itself. - * - * @return SSH_OK on success, SSH_ERROR on error. - * - * @see ssh_set_channel_callbacks - */ -LIBSSH_API int ssh_add_channel_callbacks(ssh_channel channel, - ssh_channel_callbacks cb); - -/** - * @brief Remove a channel callback. - * - * The channel has been added with ssh_add_channel_callbacks or - * ssh_set_channel_callbacks in this case. - * - * @param channel The channel to remove the callback structure from. - * - * @param cb The callback structure to remove - * - * @returns SSH_OK on success, SSH_ERROR on error. - */ -LIBSSH_API int ssh_remove_channel_callbacks(ssh_channel channel, - ssh_channel_callbacks cb); - /** @} */ /** @group libssh_threads diff --git a/external/libssh-win-static/include/libssh/channels.h b/external/libssh-win-static/include/libssh/channels.h index 2c34bf5..b05c4c0 100644 --- a/external/libssh-win-static/include/libssh/channels.h +++ b/external/libssh-win-static/include/libssh/channels.h @@ -74,8 +74,7 @@ struct ssh_channel_struct { int version; int exit_status; enum ssh_channel_request_state_e request_state; - struct ssh_list *callbacks; /* list of ssh_channel_callbacks */ - + ssh_channel_callbacks callbacks; /* counters */ ssh_counter counter; }; @@ -106,13 +105,13 @@ SSH_PACKET_CALLBACK(ssh_packet_close1); SSH_PACKET_CALLBACK(ssh_packet_exist_status1); /* channels1.c */ -int ssh_channel_open_session1(ssh_channel channel); -int ssh_channel_request_pty_size1(ssh_channel channel, const char *terminal, +int channel_open_session1(ssh_channel channel); +int channel_request_pty_size1(ssh_channel channel, const char *terminal, int cols, int rows); -int ssh_channel_change_pty_size1(ssh_channel channel, int cols, int rows); -int ssh_channel_request_shell1(ssh_channel channel); -int ssh_channel_request_exec1(ssh_channel channel, const char *cmd); -int ssh_channel_write1(ssh_channel channel, const void *data, int len); +int channel_change_pty_size1(ssh_channel channel, int cols, int rows); +int channel_request_shell1(ssh_channel channel); +int channel_request_exec1(ssh_channel channel, const char *cmd); +int channel_write1(ssh_channel channel, const void *data, int len); ssh_channel ssh_get_channel1(ssh_session session); #endif diff --git a/external/libssh-win-static/include/libssh/crypto.h b/external/libssh-win-static/include/libssh/crypto.h index e370c74..61a2b27 100644 --- a/external/libssh-win-static/include/libssh/crypto.h +++ b/external/libssh-win-static/include/libssh/crypto.h @@ -59,20 +59,6 @@ enum ssh_key_exchange_e { SSH_KEX_CURVE25519_SHA256_LIBSSH_ORG }; -enum ssh_cipher_e { - SSH_NO_CIPHER=0, - SSH_BLOWFISH_CBC, - SSH_3DES_CBC, - SSH_3DES_CBC_SSH1, - SSH_DES_CBC_SSH1, - SSH_AES128_CBC, - SSH_AES192_CBC, - SSH_AES256_CBC, - SSH_AES128_CTR, - SSH_AES192_CTR, - SSH_AES256_CTR -}; - struct ssh_crypto_struct { bignum e,f,x,k,y; #ifdef HAVE_ECDH @@ -118,15 +104,12 @@ struct ssh_crypto_struct { struct ssh_cipher_struct { const char *name; /* ssh name of the algorithm */ unsigned int blocksize; /* blocksize of the algo */ - enum ssh_cipher_e ciphertype; + unsigned int keylen; /* length of the key structure */ #ifdef HAVE_LIBGCRYPT - size_t keylen; /* length of the key structure */ gcry_cipher_hd_t *key; #elif defined HAVE_LIBCRYPTO - struct ssh_3des_key_schedule *des3_key; - struct ssh_aes_key_schedule *aes_key; - const EVP_CIPHER *cipher; - EVP_CIPHER_CTX ctx; + void *key; /* a key buffer allocated for the algo */ + void *IV; #endif unsigned int keysize; /* bytes of key used. != keylen */ /* sets the new key for immediate use */ @@ -136,7 +119,6 @@ struct ssh_cipher_struct { unsigned long len); void (*decrypt)(struct ssh_cipher_struct *cipher, void *in, void *out, unsigned long len); - void (*cleanup)(struct ssh_cipher_struct *cipher); }; /* vim: set ts=2 sw=2 et cindent: */ diff --git a/external/libssh-win-static/include/libssh/dh.h b/external/libssh-win-static/include/libssh/dh.h index 8e0d5aa..95b76cd 100644 --- a/external/libssh-win-static/include/libssh/dh.h +++ b/external/libssh-win-static/include/libssh/dh.h @@ -25,27 +25,27 @@ #include "libssh/crypto.h" -int ssh_dh_generate_e(ssh_session session); -int ssh_dh_generate_f(ssh_session session); -int ssh_dh_generate_x(ssh_session session); -int ssh_dh_generate_y(ssh_session session); +int dh_generate_e(ssh_session session); +int dh_generate_f(ssh_session session); +int dh_generate_x(ssh_session session); +int dh_generate_y(ssh_session session); int ssh_crypto_init(void); void ssh_crypto_finalize(void); -ssh_string ssh_dh_get_e(ssh_session session); -ssh_string ssh_dh_get_f(ssh_session session); -int ssh_dh_import_f(ssh_session session,ssh_string f_string); -int ssh_dh_import_e(ssh_session session, ssh_string e_string); -void ssh_dh_import_pubkey(ssh_session session,ssh_string pubkey_string); -int ssh_dh_build_k(ssh_session session); +ssh_string dh_get_e(ssh_session session); +ssh_string dh_get_f(ssh_session session); +int dh_import_f(ssh_session session,ssh_string f_string); +int dh_import_e(ssh_session session, ssh_string e_string); +void dh_import_pubkey(ssh_session session,ssh_string pubkey_string); +int dh_build_k(ssh_session session); int ssh_client_dh_init(ssh_session session); int ssh_client_dh_reply(ssh_session session, ssh_buffer packet); -int ssh_make_sessionid(ssh_session session); +int make_sessionid(ssh_session session); /* add data for the final cookie */ -int ssh_hashbufin_add_cookie(ssh_session session, unsigned char *cookie); -int ssh_hashbufout_add_cookie(ssh_session session); -int ssh_generate_session_keys(ssh_session session); +int hashbufin_add_cookie(ssh_session session, unsigned char *cookie); +int hashbufout_add_cookie(ssh_session session); +int generate_session_keys(ssh_session session); #endif /* DH_H_ */ diff --git a/external/libssh-win-static/include/libssh/kex.h b/external/libssh-win-static/include/libssh/kex.h index e872bde..1a5b6d4 100644 --- a/external/libssh-win-static/include/libssh/kex.h +++ b/external/libssh-win-static/include/libssh/kex.h @@ -38,10 +38,10 @@ SSH_PACKET_CALLBACK(ssh_packet_publickey1); int ssh_send_kex(ssh_session session, int server_kex); void ssh_list_kex(struct ssh_kex_struct *kex); -int ssh_set_client_kex(ssh_session session); +int set_client_kex(ssh_session session); int ssh_kex_select_methods(ssh_session session); -int ssh_verify_existing_algo(int algo, const char *name); -char **ssh_space_tokenize(const char *chain); +int verify_existing_algo(int algo, const char *name); +char **space_tokenize(const char *chain); int ssh_get_kex1(ssh_session session); char *ssh_find_matching(const char *in_d, const char *what_d); const char *ssh_kex_get_supported_method(uint32_t algo); diff --git a/external/libssh-win-static/include/libssh/libcrypto.h b/external/libssh-win-static/include/libssh/libcrypto.h index 6a08837..c378388 100644 --- a/external/libssh-win-static/include/libssh/libcrypto.h +++ b/external/libssh-win-static/include/libssh/libcrypto.h @@ -30,13 +30,15 @@ #include #include #include +#ifdef HAVE_OPENSSL_ECC #include +#endif -typedef EVP_MD_CTX* SHACTX; -typedef EVP_MD_CTX* SHA256CTX; -typedef EVP_MD_CTX* SHA384CTX; -typedef EVP_MD_CTX* SHA512CTX; -typedef EVP_MD_CTX* MD5CTX; +typedef SHA_CTX* SHACTX; +typedef SHA256_CTX* SHA256CTX; +typedef SHA512_CTX* SHA384CTX; +typedef SHA512_CTX* SHA512CTX; +typedef MD5_CTX* MD5CTX; typedef HMAC_CTX* HMACCTX; #ifdef HAVE_ECC typedef EVP_MD_CTX *EVPCTX; diff --git a/external/libssh-win-static/include/libssh/libgcrypt.h b/external/libssh-win-static/include/libssh/libgcrypt.h index 7556aca..8e52a68 100644 --- a/external/libssh-win-static/include/libssh/libgcrypt.h +++ b/external/libssh-win-static/include/libssh/libgcrypt.h @@ -52,15 +52,15 @@ typedef void *EVPCTX; typedef gcry_mpi_t bignum; /* missing gcrypt functions */ -int ssh_gcry_dec2bn(bignum *bn, const char *data); -char *ssh_gcry_bn2dec(bignum bn); +int my_gcry_dec2bn(bignum *bn, const char *data); +char *my_gcry_bn2dec(bignum bn); #define bignum_new() gcry_mpi_new(0) #define bignum_free(num) gcry_mpi_release(num) #define bignum_set_word(bn,n) gcry_mpi_set_ui(bn,n) #define bignum_bin2bn(bn,datalen,data) gcry_mpi_scan(data,GCRYMPI_FMT_USG,bn,datalen,NULL) -#define bignum_bn2dec(num) ssh_gcry_bn2dec(num) -#define bignum_dec2bn(num, data) ssh_gcry_dec2bn(data, num) +#define bignum_bn2dec(num) my_gcry_bn2dec(num) +#define bignum_dec2bn(num, data) my_gcry_dec2bn(data, num) #define bignum_bn2hex(num,data) gcry_mpi_aprint(GCRYMPI_FMT_HEX,data,NULL,num) #define bignum_hex2bn(num,datalen,data) gcry_mpi_scan(num,GCRYMPI_FMT_HEX,data,datalen,NULL) #define bignum_rand(num,bits) gcry_mpi_randomize(num,bits,GCRY_STRONG_RANDOM),gcry_mpi_set_bit(num,bits-1),gcry_mpi_set_bit(num,0) @@ -71,16 +71,6 @@ char *ssh_gcry_bn2dec(bignum bn); #define bignum_bn2bin(num,datalen,data) gcry_mpi_print(GCRYMPI_FMT_USG,data,datalen,NULL,num) #define bignum_cmp(num1,num2) gcry_mpi_cmp(num1,num2) -/* Helper functions for data conversions. */ - -/* Extract an MPI from the given s-expression SEXP named NAME which is - encoded using INFORMAT and store it in a newly allocated ssh_string - encoded using OUTFORMAT. */ -ssh_string ssh_sexp_extract_mpi(const gcry_sexp_t sexp, - const char *name, - enum gcry_mpi_format informat, - enum gcry_mpi_format outformat); - #endif /* HAVE_LIBGCRYPT */ struct ssh_cipher_struct *ssh_get_ciphertab(void); diff --git a/external/libssh-win-static/include/libssh/libssh.h b/external/libssh-win-static/include/libssh/libssh.h index 5b4d4ef..d16f8c6 100644 --- a/external/libssh-win-static/include/libssh/libssh.h +++ b/external/libssh-win-static/include/libssh/libssh.h @@ -79,7 +79,7 @@ /* libssh version */ #define LIBSSH_VERSION_MAJOR 0 #define LIBSSH_VERSION_MINOR 7 -#define LIBSSH_VERSION_MICRO 0 +#define LIBSSH_VERSION_MICRO 4 #define LIBSSH_VERSION_INT SSH_VERSION_INT(LIBSSH_VERSION_MAJOR, \ LIBSSH_VERSION_MINOR, \ @@ -123,7 +123,6 @@ typedef struct ssh_scp_struct* ssh_scp; typedef struct ssh_session_struct* ssh_session; typedef struct ssh_string_struct* ssh_string; typedef struct ssh_event_struct* ssh_event; -typedef struct ssh_connector_struct * ssh_connector; typedef void* ssh_gssapi_creds; /* Socket type */ @@ -190,8 +189,7 @@ enum ssh_channel_type_e { SSH_CHANNEL_SESSION, SSH_CHANNEL_DIRECT_TCPIP, SSH_CHANNEL_FORWARDED_TCPIP, - SSH_CHANNEL_X11, - SSH_CHANNEL_AUTH_AGENT + SSH_CHANNEL_X11 }; enum ssh_channel_requests_e { @@ -209,7 +207,6 @@ enum ssh_global_requests_e { SSH_GLOBAL_REQUEST_UNKNOWN=0, SSH_GLOBAL_REQUEST_TCPIP_FORWARD, SSH_GLOBAL_REQUEST_CANCEL_TCPIP_FORWARD, - SSH_GLOBAL_REQUEST_KEEPALIVE }; enum ssh_publickey_state_e { @@ -257,9 +254,7 @@ enum ssh_keytypes_e{ SSH_KEYTYPE_RSA, SSH_KEYTYPE_RSA1, SSH_KEYTYPE_ECDSA, - SSH_KEYTYPE_ED25519, - SSH_KEYTYPE_DSS_CERT01, - SSH_KEYTYPE_RSA_CERT01 + SSH_KEYTYPE_ED25519 }; enum ssh_keycmp_e { @@ -374,15 +369,6 @@ enum ssh_scp_request_types { SSH_SCP_REQUEST_WARNING }; -enum ssh_connector_flags_e { - /** Only the standard stream of the channel */ - SSH_CONNECTOR_STDOUT = 1, - /** Only the exception stream of the channel */ - SSH_CONNECTOR_STDERR = 2, - /** Merge both standard and exception streams */ - SSH_CONNECTOR_BOTH = 3 -}; - LIBSSH_API int ssh_blocking_flush(ssh_session session, int timeout); LIBSSH_API ssh_channel ssh_channel_accept_x11(ssh_channel channel, int timeout_ms); LIBSSH_API int ssh_channel_change_pty_size(ssh_channel channel,int cols,int rows); @@ -416,7 +402,6 @@ LIBSSH_API int ssh_channel_request_sftp(ssh_channel channel); LIBSSH_API int ssh_channel_request_subsystem(ssh_channel channel, const char *subsystem); LIBSSH_API int ssh_channel_request_x11(ssh_channel channel, int single_connection, const char *protocol, const char *cookie, int screen_number); -LIBSSH_API int ssh_channel_request_auth_agent(ssh_channel channel); LIBSSH_API int ssh_channel_send_eof(ssh_channel channel); LIBSSH_API int ssh_channel_select(ssh_channel *readchans, ssh_channel *writechans, ssh_channel *exceptchans, struct timeval * timeout); @@ -424,26 +409,11 @@ LIBSSH_API void ssh_channel_set_blocking(ssh_channel channel, int blocking); LIBSSH_API void ssh_channel_set_counter(ssh_channel channel, ssh_counter counter); LIBSSH_API int ssh_channel_write(ssh_channel channel, const void *data, uint32_t len); -LIBSSH_API int ssh_channel_write_stderr(ssh_channel channel, - const void *data, - uint32_t len); LIBSSH_API uint32_t ssh_channel_window_size(ssh_channel channel); LIBSSH_API char *ssh_basename (const char *path); LIBSSH_API void ssh_clean_pubkey_hash(unsigned char **hash); LIBSSH_API int ssh_connect(ssh_session session); - -LIBSSH_API ssh_connector ssh_connector_new(ssh_session session); -LIBSSH_API void ssh_connector_free(ssh_connector connector); -LIBSSH_API int ssh_connector_set_in_channel(ssh_connector connector, - ssh_channel channel, - enum ssh_connector_flags_e flags); -LIBSSH_API int ssh_connector_set_out_channel(ssh_connector connector, - ssh_channel channel, - enum ssh_connector_flags_e flags); -LIBSSH_API void ssh_connector_set_in_fd(ssh_connector connector, socket_t fd); -LIBSSH_API void ssh_connector_set_out_fd(ssh_connector connector, socket_t fd); - LIBSSH_API const char *ssh_copyright(void); LIBSSH_API void ssh_disconnect(ssh_session session); LIBSSH_API char *ssh_dirname (const char *path); @@ -470,7 +440,7 @@ LIBSSH_API char *ssh_get_hexa(const unsigned char *what, size_t len); LIBSSH_API char *ssh_get_issue_banner(ssh_session session); LIBSSH_API int ssh_get_openssh_version(ssh_session session); -LIBSSH_API int ssh_get_server_publickey(ssh_session session, ssh_key *key); +LIBSSH_API int ssh_get_publickey(ssh_session session, ssh_key *key); enum ssh_publickey_hash_type { SSH_PUBLICKEY_HASH_SHA1, @@ -486,7 +456,6 @@ SSH_DEPRECATED LIBSSH_API int ssh_get_pubkey_hash(ssh_session session, unsigned SSH_DEPRECATED LIBSSH_API ssh_channel ssh_forward_accept(ssh_session session, int timeout_ms); SSH_DEPRECATED LIBSSH_API int ssh_forward_cancel(ssh_session session, const char *address, int port); SSH_DEPRECATED LIBSSH_API int ssh_forward_listen(ssh_session session, const char *address, int port, int *bound_port); -SSH_DEPRECATED LIBSSH_API int ssh_get_publickey(ssh_session session, ssh_key *key); LIBSSH_API int ssh_get_random(void *where,int len,int strong); @@ -579,21 +548,12 @@ LIBSSH_API int ssh_pki_export_privkey_file(const ssh_key privkey, void *auth_data, const char *filename); -LIBSSH_API int ssh_pki_copy_cert_to_privkey(const ssh_key cert_key, - ssh_key privkey); - LIBSSH_API int ssh_pki_import_pubkey_base64(const char *b64_key, enum ssh_keytypes_e type, ssh_key *pkey); LIBSSH_API int ssh_pki_import_pubkey_file(const char *filename, ssh_key *pkey); -LIBSSH_API int ssh_pki_import_cert_base64(const char *b64_cert, - enum ssh_keytypes_e type, - ssh_key *pkey); -LIBSSH_API int ssh_pki_import_cert_file(const char *filename, - ssh_key *pkey); - LIBSSH_API int ssh_pki_export_privkey_to_pubkey(const ssh_key privkey, ssh_key *pkey); LIBSSH_API int ssh_pki_export_pubkey_base64(const ssh_key key, @@ -694,11 +654,9 @@ LIBSSH_API ssh_event ssh_event_new(void); LIBSSH_API int ssh_event_add_fd(ssh_event event, socket_t fd, short events, ssh_event_callback cb, void *userdata); LIBSSH_API int ssh_event_add_session(ssh_event event, ssh_session session); -LIBSSH_API int ssh_event_add_connector(ssh_event event, ssh_connector connector); LIBSSH_API int ssh_event_dopoll(ssh_event event, int timeout); LIBSSH_API int ssh_event_remove_fd(ssh_event event, socket_t fd); LIBSSH_API int ssh_event_remove_session(ssh_event event, ssh_session session); -LIBSSH_API int ssh_event_remove_connector(ssh_event event, ssh_connector connector); LIBSSH_API void ssh_event_free(ssh_event event); LIBSSH_API const char* ssh_get_clientbanner(ssh_session session); LIBSSH_API const char* ssh_get_serverbanner(ssh_session session); @@ -708,14 +666,6 @@ LIBSSH_API const char* ssh_get_cipher_out(ssh_session session); LIBSSH_API const char* ssh_get_hmac_in(ssh_session session); LIBSSH_API const char* ssh_get_hmac_out(ssh_session session); -LIBSSH_API ssh_buffer ssh_buffer_new(void); -LIBSSH_API void ssh_buffer_free(ssh_buffer buffer); -LIBSSH_API int ssh_buffer_reinit(ssh_buffer buffer); -LIBSSH_API int ssh_buffer_add_data(ssh_buffer buffer, const void *data, uint32_t len); -LIBSSH_API uint32_t ssh_buffer_get_data(ssh_buffer buffer, void *data, uint32_t requestedlen); -LIBSSH_API void *ssh_buffer_get(ssh_buffer buffer); -LIBSSH_API uint32_t ssh_buffer_get_len(ssh_buffer buffer); - #ifndef LIBSSH_LEGACY_0_4 #include "libssh/legacy.h" #endif diff --git a/external/libssh-win-static/include/libssh/misc.h b/external/libssh-win-static/include/libssh/misc.h index 1e69b06..128e2ba 100644 --- a/external/libssh-win-static/include/libssh/misc.h +++ b/external/libssh-win-static/include/libssh/misc.h @@ -33,15 +33,6 @@ int ssh_analyze_banner(ssh_session session, int server, int *ssh1, int *ssh2); int ssh_is_ipaddr_v4(const char *str); int ssh_is_ipaddr(const char *str); -#ifndef HAVE_NTOHLL -/* macro for byte ordering */ -uint64_t ntohll(uint64_t); -#endif - -#ifndef HAVE_HTONLL -#define htonll(x) ntohll((x)) -#endif - /* list processing */ struct ssh_list { diff --git a/external/libssh-win-static/include/libssh/packet.h b/external/libssh-win-static/include/libssh/packet.h index 3a84eb7..d8ef35b 100644 --- a/external/libssh-win-static/include/libssh/packet.h +++ b/external/libssh-win-static/include/libssh/packet.h @@ -43,10 +43,10 @@ enum ssh_packet_state_e { PACKET_STATE_PROCESSING }; -int ssh_packet_send(ssh_session session); +int packet_send(ssh_session session); #ifdef WITH_SSH1 -int ssh_packet_send1(ssh_session session) ; +int packet_send1(ssh_session session) ; void ssh_packet_set_default_callbacks1(ssh_session session); SSH_PACKET_CALLBACK(ssh_packet_disconnect1); @@ -78,12 +78,12 @@ void ssh_packet_set_default_callbacks(ssh_session session); void ssh_packet_process(ssh_session session, uint8_t type); /* PACKET CRYPT */ -uint32_t ssh_packet_decrypt_len(ssh_session session, char *crypted); -int ssh_packet_decrypt(ssh_session session, void *packet, unsigned int len); -unsigned char *ssh_packet_encrypt(ssh_session session, - void *packet, - unsigned int len); -int ssh_packet_hmac_verify(ssh_session session,ssh_buffer buffer, - unsigned char *mac, enum ssh_hmac_e type); +uint32_t packet_decrypt_len(ssh_session session, char *crypted); +int packet_decrypt(ssh_session session, void *packet, unsigned int len); +unsigned char *packet_encrypt(ssh_session session, + void *packet, + unsigned int len); +int packet_hmac_verify(ssh_session session,ssh_buffer buffer, + unsigned char *mac, enum ssh_hmac_e type); #endif /* PACKET_H_ */ diff --git a/external/libssh-win-static/include/libssh/pki.h b/external/libssh-win-static/include/libssh/pki.h index 905956b..9f9ddf4 100644 --- a/external/libssh-win-static/include/libssh/pki.h +++ b/external/libssh-win-static/include/libssh/pki.h @@ -60,7 +60,6 @@ struct ssh_key_struct { ed25519_pubkey *ed25519_pubkey; ed25519_privkey *ed25519_privkey; void *cert; - enum ssh_keytypes_e cert_type; }; struct ssh_signature_struct { @@ -113,10 +112,6 @@ int ssh_pki_export_pubkey_rsa1(const ssh_key key, char *rsa1, size_t rsa1_len); -int ssh_pki_import_cert_blob(const ssh_string cert_blob, - ssh_key *pkey); - - /* SSH Signing Functions */ ssh_string ssh_pki_do_sign(ssh_session session, ssh_buffer sigbuf, const ssh_key privatekey); diff --git a/external/libssh-win-static/include/libssh/pki_priv.h b/external/libssh-win-static/include/libssh/pki_priv.h index 9a8857d..5acb02a 100644 --- a/external/libssh-win-static/include/libssh/pki_priv.h +++ b/external/libssh-win-static/include/libssh/pki_priv.h @@ -43,6 +43,11 @@ int bcrypt_pbkdf(const char *pass, /* Magic defined in OpenSSH/PROTOCOL.key */ #define OPENSSH_AUTH_MAGIC "openssh-key-v1" +#define ssh_pki_log(...) \ + _ssh_log(SSH_LOG_FUNCTIONS, __func__, __VA_ARGS__) +void _ssh_pki_log(const char *function, + const char *format, ...) PRINTF_ATTRIBUTE(2, 3); + int pki_key_ecdsa_nid_from_name(const char *name); const char *pki_key_ecdsa_nid_to_name(int nid); diff --git a/external/libssh-win-static/include/libssh/poll.h b/external/libssh-win-static/include/libssh/poll.h index 3aa9a49..bbc03a9 100644 --- a/external/libssh-win-static/include/libssh/poll.h +++ b/external/libssh-win-static/include/libssh/poll.h @@ -155,7 +155,5 @@ int ssh_poll_ctx_add_socket (ssh_poll_ctx ctx, struct ssh_socket_struct *s); void ssh_poll_ctx_remove(ssh_poll_ctx ctx, ssh_poll_handle p); int ssh_poll_ctx_dopoll(ssh_poll_ctx ctx, int timeout); ssh_poll_ctx ssh_poll_get_default_ctx(ssh_session session); -int ssh_event_add_poll(ssh_event event, ssh_poll_handle p); -void ssh_event_remove_poll(ssh_event event, ssh_poll_handle p); #endif /* POLL_H_ */ diff --git a/external/libssh-win-static/include/libssh/priv.h b/external/libssh-win-static/include/libssh/priv.h index da07d93..5a74915 100644 --- a/external/libssh-win-static/include/libssh/priv.h +++ b/external/libssh-win-static/include/libssh/priv.h @@ -259,10 +259,6 @@ int decompress_buffer(ssh_session session,ssh_buffer buf, size_t maxlen); /* match.c */ int match_hostname(const char *host, const char *pattern, unsigned int len); -/* connector.c */ -int ssh_connector_set_event(ssh_connector connector, ssh_event event); -int ssh_connector_remove_event(ssh_connector connector); - #ifndef MIN #define MIN(a,b) ((a) < (b) ? (a) : (b)) #endif @@ -365,6 +361,24 @@ int ssh_connector_remove_event(ssh_connector connector); #define CLOSE_SOCKET(s) do { if ((s) != SSH_INVALID_SOCKET) { _XCLOSESOCKET(s); (s) = SSH_INVALID_SOCKET;} } while(0) +#ifndef HAVE_HTONLL +# ifdef WORDS_BIGENDIAN +# define htonll(x) (x) +# else +# define htonll(x) \ + (((uint64_t)htonl((x) & 0xFFFFFFFF) << 32) | htonl((x) >> 32)) +# endif +#endif + +#ifndef HAVE_NTOHLL +# ifdef WORDS_BIGENDIAN +# define ntohll(x) (x) +# else +# define ntohll(x) \ + (((uint64_t)ntohl((x) & 0xFFFFFFFF) << 32) | ntohl((x) >> 32)) +# endif +#endif + void ssh_agent_state_free(void *data); #endif /* _LIBSSH_PRIV_H */ diff --git a/external/libssh-win-static/include/libssh/server.h b/external/libssh-win-static/include/libssh/server.h index 6564f7c..385a10a 100644 --- a/external/libssh-win-static/include/libssh/server.h +++ b/external/libssh-win-static/include/libssh/server.h @@ -316,6 +316,9 @@ LIBSSH_API int ssh_channel_request_send_exit_signal(ssh_channel channel, int core, const char *errmsg, const char *lang); +LIBSSH_API int ssh_channel_write_stderr(ssh_channel channel, + const void *data, + uint32_t len); LIBSSH_API int ssh_send_keepalive(ssh_session session); diff --git a/external/libssh-win-static/include/libssh/sftp.h b/external/libssh-win-static/include/libssh/sftp.h index 7bd2450..8fb8f11 100644 --- a/external/libssh-win-static/include/libssh/sftp.h +++ b/external/libssh-win-static/include/libssh/sftp.h @@ -54,9 +54,7 @@ extern "C" { #endif /* gid_t */ #ifdef _MSC_VER #ifndef ssize_t -# ifndef _SSIZE_T_ - typedef _W64 SSIZE_T ssize_t; -# endif + typedef _W64 SSIZE_T ssize_t; #endif /* ssize_t */ #endif /* _MSC_VER */ #endif /* _WIN32 */ @@ -964,16 +962,6 @@ void sftp_handle_remove(sftp_session sftp, void *handle); #define SSH_FXF_EXCL 0x20 #define SSH_FXF_TEXT 0x40 -/* file type flags */ -#define SSH_S_IFMT 00170000 -#define SSH_S_IFSOCK 0140000 -#define SSH_S_IFLNK 0120000 -#define SSH_S_IFREG 0100000 -#define SSH_S_IFBLK 0060000 -#define SSH_S_IFDIR 0040000 -#define SSH_S_IFCHR 0020000 -#define SSH_S_IFIFO 0010000 - /* rename flags */ #define SSH_FXF_RENAME_OVERWRITE 0x00000001 #define SSH_FXF_RENAME_ATOMIC 0x00000002 diff --git a/external/libssh-win-static/libssh.vs2015.vcxproj b/external/libssh-win-static/libssh.vs2015.vcxproj index 0147563..4b140d5 100644 --- a/external/libssh-win-static/libssh.vs2015.vcxproj +++ b/external/libssh-win-static/libssh.vs2015.vcxproj @@ -30,14 +30,14 @@ StaticLibrary true v140_xp - Unicode + MultiByte StaticLibrary false v140_xp true - Unicode + MultiByte StaticLibrary @@ -165,7 +165,6 @@ - diff --git a/external/libssh-win-static/libssh.vs2015.vcxproj.filters b/external/libssh-win-static/libssh.vs2015.vcxproj.filters index 0e5dc50..4c87dcd 100644 --- a/external/libssh-win-static/libssh.vs2015.vcxproj.filters +++ b/external/libssh-win-static/libssh.vs2015.vcxproj.filters @@ -63,9 +63,6 @@ Source Files - - Source Files - Source Files diff --git a/external/libssh-win-static/src/agent.c b/external/libssh-win-static/src/agent.c index 0b145ff..e520773 100644 --- a/external/libssh-win-static/src/agent.c +++ b/external/libssh-win-static/src/agent.c @@ -143,7 +143,7 @@ static size_t atomicio(struct ssh_agent_struct *agent, void *buf, size_t n, int } } -ssh_agent ssh_agent_new(struct ssh_session_struct *session) { +ssh_agent agent_new(struct ssh_session_struct *session) { ssh_agent agent = NULL; agent = malloc(sizeof(struct ssh_agent_struct)); @@ -205,7 +205,7 @@ int ssh_set_agent_socket(ssh_session session, socket_t fd){ return SSH_OK; } -void ssh_agent_close(struct ssh_agent_struct *agent) { +void agent_close(struct ssh_agent_struct *agent) { if (agent == NULL) { return; } @@ -213,13 +213,13 @@ void ssh_agent_close(struct ssh_agent_struct *agent) { ssh_socket_close(agent->sock); } -void ssh_agent_free(ssh_agent agent) { +void agent_free(ssh_agent agent) { if (agent) { if (agent->ident) { ssh_buffer_free(agent->ident); } if (agent->sock) { - ssh_agent_close(agent); + agent_close(agent); ssh_socket_free(agent->sock); } SAFE_FREE(agent); @@ -273,13 +273,13 @@ static int agent_talk(struct ssh_session_struct *session, uint32_t len = 0; uint8_t payload[1024] = {0}; - len = ssh_buffer_get_len(request); + len = buffer_get_rest_len(request); SSH_LOG(SSH_LOG_TRACE, "Request length: %u", len); agent_put_u32(payload, len); /* send length and then the request packet */ if (atomicio(session->agent, payload, 4, 0) == 4) { - if (atomicio(session->agent, ssh_buffer_get(request), len, 0) + if (atomicio(session->agent, buffer_get_rest(request), len, 0) != len) { SSH_LOG(SSH_LOG_WARN, "atomicio sending request failed: %s", strerror(errno)); @@ -354,7 +354,7 @@ int ssh_agent_get_ident_count(struct ssh_session_struct *session) { ssh_set_error_oom(session); return -1; } - if (ssh_buffer_add_u8(request, c1) < 0) { + if (buffer_add_u8(request, c1) < 0) { ssh_set_error_oom(session); ssh_buffer_free(request); return -1; @@ -375,7 +375,7 @@ int ssh_agent_get_ident_count(struct ssh_session_struct *session) { ssh_buffer_free(request); /* get message type and verify the answer */ - rc = ssh_buffer_get_u8(reply, (uint8_t *) &type); + rc = buffer_get_u8(reply, (uint8_t *) &type); if (rc != sizeof(uint8_t)) { ssh_set_error(session, SSH_FATAL, "Bad authentication reply size: %d", rc); @@ -400,7 +400,7 @@ int ssh_agent_get_ident_count(struct ssh_session_struct *session) { return -1; } - ssh_buffer_get_u32(reply, (uint32_t *) buf); + buffer_get_u32(reply, (uint32_t *) buf); session->agent->count = agent_get_u32(buf); SSH_LOG(SSH_LOG_DEBUG, "Agent count: %d", session->agent->count); @@ -447,13 +447,13 @@ ssh_key ssh_agent_get_next_ident(struct ssh_session_struct *session, return NULL; case 2: /* get the blob */ - blob = ssh_buffer_get_ssh_string(session->agent->ident); + blob = buffer_get_ssh_string(session->agent->ident); if (blob == NULL) { return NULL; } /* get the comment */ - tmp = ssh_buffer_get_ssh_string(session->agent->ident); + tmp = buffer_get_ssh_string(session->agent->ident); if (tmp == NULL) { ssh_string_free(blob); @@ -472,10 +472,6 @@ ssh_key ssh_agent_get_next_ident(struct ssh_session_struct *session, /* get key from blob */ rc = ssh_pki_import_pubkey_blob(blob, &key); - if (rc == SSH_ERROR) { - /* Try again as a cert. */ - rc = ssh_pki_import_cert_blob(blob, &key); - } ssh_string_free(blob); if (rc == SSH_ERROR) { return NULL; @@ -488,7 +484,7 @@ ssh_key ssh_agent_get_next_ident(struct ssh_session_struct *session, return key; } -int ssh_agent_is_running(ssh_session session) { +int agent_is_running(ssh_session session) { if (session == NULL || session->agent == NULL) { return 0; } @@ -525,7 +521,7 @@ ssh_string ssh_agent_sign_data(ssh_session session, } /* create request */ - if (ssh_buffer_add_u8(request, SSH2_AGENTC_SIGN_REQUEST) < 0) { + if (buffer_add_u8(request, SSH2_AGENTC_SIGN_REQUEST) < 0) { ssh_buffer_free(request); return NULL; } @@ -537,7 +533,7 @@ ssh_string ssh_agent_sign_data(ssh_session session, } /* adds len + blob */ - rc = ssh_buffer_add_ssh_string(request, key_blob); + rc = buffer_add_ssh_string(request, key_blob); ssh_string_free(key_blob); if (rc < 0) { ssh_buffer_free(request); @@ -545,17 +541,17 @@ ssh_string ssh_agent_sign_data(ssh_session session, } /* Add data */ - dlen = ssh_buffer_get_len(data); - if (ssh_buffer_add_u32(request, htonl(dlen)) < 0) { + dlen = buffer_get_rest_len(data); + if (buffer_add_u32(request, htonl(dlen)) < 0) { ssh_buffer_free(request); return NULL; } - if (ssh_buffer_add_data(request, ssh_buffer_get(data), dlen) < 0) { + if (ssh_buffer_add_data(request, buffer_get_rest(data), dlen) < 0) { ssh_buffer_free(request); return NULL; } - if (ssh_buffer_add_u32(request, htonl(flags)) < 0) { + if (buffer_add_u32(request, htonl(flags)) < 0) { ssh_buffer_free(request); return NULL; } @@ -575,7 +571,7 @@ ssh_string ssh_agent_sign_data(ssh_session session, ssh_buffer_free(request); /* check if reply is valid */ - if (ssh_buffer_get_u8(reply, (uint8_t *) &type) != sizeof(uint8_t)) { + if (buffer_get_u8(reply, (uint8_t *) &type) != sizeof(uint8_t)) { ssh_buffer_free(reply); return NULL; } @@ -596,7 +592,7 @@ ssh_string ssh_agent_sign_data(ssh_session session, return NULL; } - sig_blob = ssh_buffer_get_ssh_string(reply); + sig_blob = buffer_get_ssh_string(reply); ssh_buffer_free(reply); return sig_blob; diff --git a/external/libssh-win-static/src/auth.c b/external/libssh-win-static/src/auth.c index 43dd0d2..48a0d5b 100644 --- a/external/libssh-win-static/src/auth.c +++ b/external/libssh-win-static/src/auth.c @@ -158,7 +158,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_banner){ (void)type; (void)user; - banner = ssh_buffer_get_ssh_string(packet); + banner = buffer_get_ssh_string(packet); if (banner == NULL) { SSH_LOG(SSH_LOG_WARN, "Invalid SSH_USERAUTH_BANNER packet"); @@ -391,7 +391,7 @@ int ssh_userauth_none(ssh_session session, const char *username) { session->auth_state = SSH_AUTH_STATE_NONE; session->pending_call_state = SSH_PENDING_CALL_AUTH_NONE; - rc = ssh_packet_send(session); + rc = packet_send(session); if (rc == SSH_ERROR) { return SSH_AUTH_ERROR; } @@ -430,7 +430,7 @@ fail: * SSH_AUTH_PARTIAL: You've been partially authenticated, you still * have to use another method.\n * SSH_AUTH_SUCCESS: The public key is accepted, you want now to use - * ssh_userauth_publickey().\n + * ssh_userauth_pubkey(). * SSH_AUTH_AGAIN: In nonblocking mode, you've got to call this again * later. * @@ -503,7 +503,7 @@ int ssh_userauth_try_publickey(ssh_session session, session->auth_state = SSH_AUTH_STATE_NONE; session->pending_call_state = SSH_PENDING_CALL_AUTH_OFFER_PUBKEY; - rc = ssh_packet_send(session); + rc = packet_send(session); if (rc == SSH_ERROR) { return SSH_AUTH_ERROR; } @@ -524,7 +524,7 @@ fail: } /** - * @brief Authenticate with public/private key or certificate. + * @brief Authenticate with public/private key. * * @param[in] session The SSH session. * @@ -538,7 +538,8 @@ fail: * method.\n * SSH_AUTH_PARTIAL: You've been partially authenticated, you still * have to use another method.\n - * SSH_AUTH_SUCCESS: The public key is accepted.\n + * SSH_AUTH_SUCCESS: The public key is accepted, you want now to use + * ssh_userauth_pubkey(). * SSH_AUTH_AGAIN: In nonblocking mode, you've got to call this again * later. * @@ -552,8 +553,6 @@ int ssh_userauth_publickey(ssh_session session, { ssh_string str = NULL; int rc; - const char *type_c; - enum ssh_keytypes_e key_type; if (session == NULL) { return SSH_AUTH_ERROR; @@ -578,7 +577,7 @@ int ssh_userauth_publickey(ssh_session session, default: ssh_set_error(session, SSH_FATAL, - "Bad call during pending SSH call in ssh_userauth_try_publickey"); + "Bad call during pending SSH call in ssh_userauth_try_pubkey"); return SSH_AUTH_ERROR; } @@ -589,11 +588,7 @@ int ssh_userauth_publickey(ssh_session session, return SSH_AUTH_ERROR; } - /* Cert auth requires presenting the cert type name (*-cert@openssh.com) */ - key_type = privkey->cert != NULL ? privkey->cert_type : privkey->type; - type_c = ssh_key_type_to_char(key_type); - - /* get public key or cert */ + /* public key */ rc = ssh_pki_export_pubkey_blob(privkey, &str); if (rc < 0) { goto fail; @@ -606,8 +601,8 @@ int ssh_userauth_publickey(ssh_session session, "ssh-connection", "publickey", 1, /* private key */ - type_c, /* algo */ - str /* public key or cert */ + privkey->type_c, /* algo */ + str /* public key */ ); if (rc < 0) { goto fail; @@ -620,7 +615,7 @@ int ssh_userauth_publickey(ssh_session session, goto fail; } - rc = ssh_buffer_add_ssh_string(session->out_buffer, str); + rc = buffer_add_ssh_string(session->out_buffer, str); ssh_string_free(str); str = NULL; if (rc < 0) { @@ -629,7 +624,7 @@ int ssh_userauth_publickey(ssh_session session, session->auth_state = SSH_AUTH_STATE_NONE; session->pending_call_state = SSH_PENDING_CALL_AUTH_PUBKEY; - rc = ssh_packet_send(session); + rc = packet_send(session); if (rc == SSH_ERROR) { return SSH_AUTH_ERROR; } @@ -665,7 +660,7 @@ static int ssh_userauth_agent_publickey(ssh_session session, default: ssh_set_error(session, SSH_FATAL, - "Bad call during pending SSH call in ssh_userauth_try_publickey"); + "Bad call during pending SSH call in ssh_userauth_try_pubkey"); return SSH_ERROR; } @@ -705,7 +700,7 @@ static int ssh_userauth_agent_publickey(ssh_session session, goto fail; } - rc = ssh_buffer_add_ssh_string(session->out_buffer, str); + rc = buffer_add_ssh_string(session->out_buffer, str); ssh_string_free(str); if (rc < 0) { goto fail; @@ -713,7 +708,7 @@ static int ssh_userauth_agent_publickey(ssh_session session, session->auth_state = SSH_AUTH_STATE_NONE; session->pending_call_state = SSH_PENDING_CALL_AUTH_AGENT; - rc = ssh_packet_send(session); + rc = packet_send(session); if (rc == SSH_ERROR) { return SSH_AUTH_ERROR; } @@ -769,7 +764,7 @@ void ssh_agent_state_free(void *data) { * SSH_AUTH_PARTIAL: You've been partially authenticated, you still * have to use another method.\n * SSH_AUTH_SUCCESS: The public key is accepted, you want now to use - * ssh_userauth_publickey().\n + * ssh_userauth_pubkey(). * SSH_AUTH_AGAIN: In nonblocking mode, you've got to call this again * later. * @@ -785,7 +780,7 @@ int ssh_userauth_agent(ssh_session session, return SSH_AUTH_ERROR; } - if (!ssh_agent_is_running(session)) { + if (!agent_is_running(session)) { return SSH_AUTH_DENIED; } if (!session->agent_state){ @@ -900,7 +895,7 @@ struct ssh_auth_auto_state_struct { * SSH_AUTH_PARTIAL: You've been partially authenticated, you still * have to use another method.\n * SSH_AUTH_SUCCESS: The public key is accepted, you want now to use - * ssh_userauth_publickey().\n + * ssh_userauth_pubkey(). * SSH_AUTH_AGAIN: In nonblocking mode, you've got to call this again * later. * @@ -1170,7 +1165,7 @@ int ssh_userauth_password(ssh_session session, session->auth_state = SSH_AUTH_STATE_NONE; session->pending_call_state = SSH_PENDING_CALL_AUTH_OFFER_PUBKEY; - rc = ssh_packet_send(session); + rc = packet_send(session); if (rc == SSH_ERROR) { return SSH_AUTH_ERROR; } @@ -1339,7 +1334,7 @@ static int ssh_userauth_kbdint_init(ssh_session session, SSH_LOG(SSH_LOG_DEBUG, "Sending keyboard-interactive init request"); - rc = ssh_packet_send(session); + rc = packet_send(session); if (rc == SSH_ERROR) { return SSH_AUTH_ERROR; } @@ -1400,7 +1395,7 @@ static int ssh_userauth_kbdint_send(ssh_session session) SSH_LOG(SSH_LOG_DEBUG, "Sending keyboard-interactive response packet"); - rc = ssh_packet_send(session); + rc = packet_send(session); if (rc == SSH_ERROR) { return SSH_AUTH_ERROR; } diff --git a/external/libssh-win-static/src/auth1.c b/external/libssh-win-static/src/auth1.c index a9fe58e..9d21b42 100644 --- a/external/libssh-win-static/src/auth1.c +++ b/external/libssh-win-static/src/auth1.c @@ -104,18 +104,18 @@ static int send_username(ssh_session session, const char *username) { return SSH_AUTH_ERROR; } - if (ssh_buffer_add_u8(session->out_buffer, SSH_CMSG_USER) < 0) { + if (buffer_add_u8(session->out_buffer, SSH_CMSG_USER) < 0) { ssh_string_free(user); return SSH_AUTH_ERROR; } - if (ssh_buffer_add_ssh_string(session->out_buffer, user) < 0) { + if (buffer_add_ssh_string(session->out_buffer, user) < 0) { ssh_string_free(user); return SSH_AUTH_ERROR; } ssh_string_free(user); session->auth_state=SSH_AUTH_STATE_NONE; session->auth_service_state = SSH_AUTH_SERVICE_SENT; - if (ssh_packet_send(session) == SSH_ERROR) { + if (packet_send(session) == SSH_ERROR) { return SSH_AUTH_ERROR; } return SSH_AUTH_AGAIN; @@ -201,13 +201,13 @@ int ssh_userauth1_password(ssh_session session, const char *username, ssh_string_fill(pwd, buf, sizeof(buf)); } - if (ssh_buffer_add_u8(session->out_buffer, SSH_CMSG_AUTH_PASSWORD) < 0) { + if (buffer_add_u8(session->out_buffer, SSH_CMSG_AUTH_PASSWORD) < 0) { ssh_string_burn(pwd); ssh_string_free(pwd); return SSH_AUTH_ERROR; } - if (ssh_buffer_add_ssh_string(session->out_buffer, pwd) < 0) { + if (buffer_add_ssh_string(session->out_buffer, pwd) < 0) { ssh_string_burn(pwd); ssh_string_free(pwd); @@ -218,7 +218,7 @@ int ssh_userauth1_password(ssh_session session, const char *username, ssh_string_free(pwd); session->auth_state=SSH_AUTH_STATE_NONE; session->pending_call_state = SSH_PENDING_CALL_AUTH_PASSWORD; - if (ssh_packet_send(session) == SSH_ERROR) { + if (packet_send(session) == SSH_ERROR) { return SSH_AUTH_ERROR; } pending: diff --git a/external/libssh-win-static/src/bignum.c b/external/libssh-win-static/src/bignum.c index de21d6b..e9c16dd 100644 --- a/external/libssh-win-static/src/bignum.c +++ b/external/libssh-win-static/src/bignum.c @@ -25,7 +25,7 @@ #include "libssh/bignum.h" #include "libssh/string.h" -ssh_string ssh_make_bignum_string(bignum num) { +ssh_string make_bignum_string(bignum num) { ssh_string ptr = NULL; int pad = 0; unsigned int len = bignum_num_bytes(num); @@ -63,7 +63,7 @@ ssh_string ssh_make_bignum_string(bignum num) { return ptr; } -bignum ssh_make_string_bn(ssh_string string){ +bignum make_string_bn(ssh_string string){ bignum bn = NULL; unsigned int len = ssh_string_len(string); @@ -81,7 +81,7 @@ bignum ssh_make_string_bn(ssh_string string){ return bn; } -void ssh_make_string_bn_inplace(ssh_string string, bignum bnout) { +void make_string_bn_inplace(ssh_string string, bignum bnout) { unsigned int len = ssh_string_len(string); #ifdef HAVE_LIBGCRYPT /* XXX: FIXME as needed for LIBGCRYPT ECDSA codepaths. */ diff --git a/external/libssh-win-static/src/buffer.c b/external/libssh-win-static/src/buffer.c index 9897f39..0bffdfd 100644 --- a/external/libssh-win-static/src/buffer.c +++ b/external/libssh-win-static/src/buffer.c @@ -184,6 +184,8 @@ static void buffer_shift(ssh_buffer buffer){ } /** + * @internal + * * @brief Reinitialize a SSH buffer. * * @param[in] buffer The buffer to reinitialize. @@ -206,6 +208,8 @@ int ssh_buffer_reinit(struct ssh_buffer_struct *buffer) } /** + * @internal + * * @brief Add data at the tail of a buffer. * * @param[in] buffer The buffer to add the data. @@ -253,7 +257,7 @@ int ssh_buffer_add_data(struct ssh_buffer_struct *buffer, const void *data, uint * * @return 0 on success, < 0 on error. */ -int ssh_buffer_add_ssh_string(struct ssh_buffer_struct *buffer, +int buffer_add_ssh_string(struct ssh_buffer_struct *buffer, struct ssh_string_struct *string) { uint32_t len = 0; @@ -280,7 +284,7 @@ int ssh_buffer_add_ssh_string(struct ssh_buffer_struct *buffer, * * @return 0 on success, -1 on error. */ -int ssh_buffer_add_u32(struct ssh_buffer_struct *buffer,uint32_t data) +int buffer_add_u32(struct ssh_buffer_struct *buffer,uint32_t data) { int rc; @@ -303,7 +307,7 @@ int ssh_buffer_add_u32(struct ssh_buffer_struct *buffer,uint32_t data) * * @return 0 on success, -1 on error. */ -int ssh_buffer_add_u16(struct ssh_buffer_struct *buffer,uint16_t data) +int buffer_add_u16(struct ssh_buffer_struct *buffer,uint16_t data) { int rc; @@ -326,7 +330,7 @@ int ssh_buffer_add_u16(struct ssh_buffer_struct *buffer,uint16_t data) * * @return 0 on success, -1 on error. */ -int ssh_buffer_add_u64(struct ssh_buffer_struct *buffer, uint64_t data) +int buffer_add_u64(struct ssh_buffer_struct *buffer, uint64_t data) { int rc; @@ -349,7 +353,7 @@ int ssh_buffer_add_u64(struct ssh_buffer_struct *buffer, uint64_t data) * * @return 0 on success, -1 on error. */ -int ssh_buffer_add_u8(struct ssh_buffer_struct *buffer,uint8_t data) +int buffer_add_u8(struct ssh_buffer_struct *buffer,uint8_t data) { int rc; @@ -374,7 +378,7 @@ int ssh_buffer_add_u8(struct ssh_buffer_struct *buffer,uint8_t data) * * @return 0 on success, -1 on error. */ -int ssh_buffer_prepend_data(struct ssh_buffer_struct *buffer, const void *data, +int buffer_prepend_data(struct ssh_buffer_struct *buffer, const void *data, uint32_t len) { buffer_verify(buffer); @@ -415,14 +419,14 @@ int ssh_buffer_prepend_data(struct ssh_buffer_struct *buffer, const void *data, * * @return 0 on success, -1 on error. */ -int ssh_buffer_add_buffer(struct ssh_buffer_struct *buffer, +int buffer_add_buffer(struct ssh_buffer_struct *buffer, struct ssh_buffer_struct *source) { int rc; rc = ssh_buffer_add_data(buffer, - ssh_buffer_get(source), - ssh_buffer_get_len(source)); + buffer_get_rest(source), + buffer_get_rest_len(source)); if (rc < 0) { return -1; } @@ -431,28 +435,63 @@ int ssh_buffer_add_buffer(struct ssh_buffer_struct *buffer, } /** + * @brief Get a pointer on the head of a buffer. + * + * @param[in] buffer The buffer to get the head pointer. + * + * @return A data pointer on the head. It doesn't take the position + * into account. + * + * @warning Don't expect data to be nul-terminated. + * + * @see buffer_get_rest() + * @see buffer_get_len() + */ +void *ssh_buffer_get_begin(struct ssh_buffer_struct *buffer){ + return buffer->data; +} + +/** + * @internal + * * @brief Get a pointer to the head of a buffer at the current position. * * @param[in] buffer The buffer to get the head pointer. * * @return A pointer to the data from current position. * - * @see ssh_buffer_get_len() + * @see buffer_get_rest_len() + * @see buffer_get() */ -void *ssh_buffer_get(struct ssh_buffer_struct *buffer){ +void *buffer_get_rest(struct ssh_buffer_struct *buffer){ return buffer->data + buffer->pos; } /** + * @brief Get the length of the buffer, not counting position. + * + * @param[in] buffer The buffer to get the length from. + * + * @return The length of the buffer. + * + * @see buffer_get() + */ +uint32_t ssh_buffer_get_len(struct ssh_buffer_struct *buffer){ + return buffer->used; +} + +/** + * @internal + * * @brief Get the length of the buffer from the current position. * * @param[in] buffer The buffer to get the length from. * * @return The length of the buffer. * - * @see ssh_buffer_get() + * @see buffer_get_rest() */ -uint32_t ssh_buffer_get_len(struct ssh_buffer_struct *buffer){ +uint32_t buffer_get_rest_len(struct ssh_buffer_struct *buffer){ buffer_verify(buffer); return buffer->used - buffer->pos; } @@ -470,7 +509,7 @@ uint32_t ssh_buffer_get_len(struct ssh_buffer_struct *buffer){ * * @return The new size of the buffer. */ -uint32_t ssh_buffer_pass_bytes(struct ssh_buffer_struct *buffer, uint32_t len){ +uint32_t buffer_pass_bytes(struct ssh_buffer_struct *buffer, uint32_t len){ buffer_verify(buffer); if (buffer->pos + len < len || buffer->used < buffer->pos + len) { @@ -498,7 +537,7 @@ uint32_t ssh_buffer_pass_bytes(struct ssh_buffer_struct *buffer, uint32_t len){ * * @return The new size of the buffer. */ -uint32_t ssh_buffer_pass_bytes_end(struct ssh_buffer_struct *buffer, uint32_t len){ +uint32_t buffer_pass_bytes_end(struct ssh_buffer_struct *buffer, uint32_t len){ buffer_verify(buffer); if (buffer->used < len) { @@ -511,6 +550,8 @@ uint32_t ssh_buffer_pass_bytes_end(struct ssh_buffer_struct *buffer, uint32_t le } /** + * @internal + * * @brief Get the remaining data out of the buffer and adjust the read pointer. * * @param[in] buffer The buffer to read. @@ -521,7 +562,7 @@ uint32_t ssh_buffer_pass_bytes_end(struct ssh_buffer_struct *buffer, uint32_t le * * @returns 0 if there is not enough data in buffer, len otherwise. */ -uint32_t ssh_buffer_get_data(struct ssh_buffer_struct *buffer, void *data, uint32_t len){ +uint32_t buffer_get_data(struct ssh_buffer_struct *buffer, void *data, uint32_t len){ /* * Check for a integer overflow first, then check if not enough data is in * the buffer. @@ -542,27 +583,23 @@ uint32_t ssh_buffer_get_data(struct ssh_buffer_struct *buffer, void *data, uint3 * * @param[in] buffer The buffer to read. * - * @param[in] data A pointer to a uint8_t where to store the data. + * @param[in] data A pointer to a uint8_t where to store the data. * * @returns 0 if there is not enough data in buffer, 1 otherwise. */ -int ssh_buffer_get_u8(struct ssh_buffer_struct *buffer, uint8_t *data){ - return ssh_buffer_get_data(buffer,data,sizeof(uint8_t)); +int buffer_get_u8(struct ssh_buffer_struct *buffer, uint8_t *data){ + return buffer_get_data(buffer,data,sizeof(uint8_t)); } -/** - * @internal - * - * @brief gets a 32 bits unsigned int out of the buffer. Adjusts the read pointer. - * - * @param[in] buffer The buffer to read. - * - * @param[in] data A pointer to a uint32_t where to store the data. - * - * @returns 0 if there is not enough data in buffer, 4 otherwise. +/** \internal + * \brief gets a 32 bits unsigned int out of the buffer. Adjusts the read pointer. + * \param buffer Buffer to read + * \param data pointer to a uint32_t where to store the data + * \returns 0 if there is not enough data in buffer + * \returns 4 otherwise. */ -int ssh_buffer_get_u32(struct ssh_buffer_struct *buffer, uint32_t *data){ - return ssh_buffer_get_data(buffer,data,sizeof(uint32_t)); +int buffer_get_u32(struct ssh_buffer_struct *buffer, uint32_t *data){ + return buffer_get_data(buffer,data,sizeof(uint32_t)); } /** * @internal @@ -576,8 +613,8 @@ int ssh_buffer_get_u32(struct ssh_buffer_struct *buffer, uint32_t *data){ * * @returns 0 if there is not enough data in buffer, 8 otherwise. */ -int ssh_buffer_get_u64(struct ssh_buffer_struct *buffer, uint64_t *data){ - return ssh_buffer_get_data(buffer,data,sizeof(uint64_t)); +int buffer_get_u64(struct ssh_buffer_struct *buffer, uint64_t *data){ + return buffer_get_data(buffer,data,sizeof(uint64_t)); } /** @@ -589,12 +626,12 @@ int ssh_buffer_get_u64(struct ssh_buffer_struct *buffer, uint64_t *data){ * * @returns The SSH String, NULL on error. */ -struct ssh_string_struct *ssh_buffer_get_ssh_string(struct ssh_buffer_struct *buffer) { +struct ssh_string_struct *buffer_get_ssh_string(struct ssh_buffer_struct *buffer) { uint32_t stringlen; uint32_t hostlen; struct ssh_string_struct *str = NULL; - if (ssh_buffer_get_u32(buffer, &stringlen) == 0) { + if (buffer_get_u32(buffer, &stringlen) == 0) { return NULL; } hostlen = ntohl(stringlen); @@ -606,7 +643,7 @@ struct ssh_string_struct *ssh_buffer_get_ssh_string(struct ssh_buffer_struct *bu if (str == NULL) { return NULL; } - if (ssh_buffer_get_data(buffer, ssh_string_data(str), hostlen) != hostlen) { + if (buffer_get_data(buffer, ssh_string_data(str), hostlen) != hostlen) { /* should never happen */ SAFE_FREE(str); return NULL; @@ -626,12 +663,12 @@ struct ssh_string_struct *ssh_buffer_get_ssh_string(struct ssh_buffer_struct *bu * * @returns The SSH String containing the mpint, NULL on error. */ -struct ssh_string_struct *ssh_buffer_get_mpint(struct ssh_buffer_struct *buffer) { +struct ssh_string_struct *buffer_get_mpint(struct ssh_buffer_struct *buffer) { uint16_t bits; uint32_t len; struct ssh_string_struct *str = NULL; - if (ssh_buffer_get_data(buffer, &bits, sizeof(uint16_t)) != sizeof(uint16_t)) { + if (buffer_get_data(buffer, &bits, sizeof(uint16_t)) != sizeof(uint16_t)) { return NULL; } bits = ntohs(bits); @@ -643,7 +680,7 @@ struct ssh_string_struct *ssh_buffer_get_mpint(struct ssh_buffer_struct *buffer) if (str == NULL) { return NULL; } - if (ssh_buffer_get_data(buffer, ssh_string_data(str), len) != len) { + if (buffer_get_data(buffer, ssh_string_data(str), len) != len) { SAFE_FREE(str); return NULL; } @@ -688,32 +725,32 @@ int ssh_buffer_pack_va(struct ssh_buffer_struct *buffer, switch(*p) { case 'b': o.byte = (uint8_t)va_arg(ap, unsigned int); - rc = ssh_buffer_add_u8(buffer, o.byte); + rc = buffer_add_u8(buffer, o.byte); break; case 'w': o.word = (uint16_t)va_arg(ap, unsigned int); o.word = htons(o.word); - rc = ssh_buffer_add_u16(buffer, o.word); + rc = buffer_add_u16(buffer, o.word); break; case 'd': o.dword = va_arg(ap, uint32_t); o.dword = htonl(o.dword); - rc = ssh_buffer_add_u32(buffer, o.dword); + rc = buffer_add_u32(buffer, o.dword); break; case 'q': o.qword = va_arg(ap, uint64_t); o.qword = htonll(o.qword); - rc = ssh_buffer_add_u64(buffer, o.qword); + rc = buffer_add_u64(buffer, o.qword); break; case 'S': o.string = va_arg(ap, ssh_string); - rc = ssh_buffer_add_ssh_string(buffer, o.string); + rc = buffer_add_ssh_string(buffer, o.string); o.string = NULL; break; case 's': cstring = va_arg(ap, char *); len = strlen(cstring); - rc = ssh_buffer_add_u32(buffer, htonl(len)); + rc = buffer_add_u32(buffer, htonl(len)); if (rc == SSH_OK){ rc = ssh_buffer_add_data(buffer, cstring, len); } @@ -730,12 +767,12 @@ int ssh_buffer_pack_va(struct ssh_buffer_struct *buffer, break; case 'B': b = va_arg(ap, bignum); - o.string = ssh_make_bignum_string(b); + o.string = make_bignum_string(b); if(o.string == NULL){ rc = SSH_ERROR; break; } - rc = ssh_buffer_add_ssh_string(buffer, o.string); + rc = buffer_add_ssh_string(buffer, o.string); SAFE_FREE(o.string); break; case 't': @@ -831,6 +868,7 @@ int ssh_buffer_unpack_va(struct ssh_buffer_struct *buffer, void **data; } o; size_t len, rlen; + uint32_t u32len; va_list ap_copy; int count; @@ -847,39 +885,37 @@ int ssh_buffer_unpack_va(struct ssh_buffer_struct *buffer, switch (*p) { case 'b': o.byte = va_arg(ap, uint8_t *); - rlen = ssh_buffer_get_u8(buffer, o.byte); + rlen = buffer_get_u8(buffer, o.byte); rc = rlen==1 ? SSH_OK : SSH_ERROR; break; case 'w': o.word = va_arg(ap, uint16_t *); - rlen = ssh_buffer_get_data(buffer, o.word, sizeof(uint16_t)); + rlen = buffer_get_data(buffer, o.word, sizeof(uint16_t)); *o.word = ntohs(*o.word); rc = rlen==2 ? SSH_OK : SSH_ERROR; break; case 'd': o.dword = va_arg(ap, uint32_t *); - rlen = ssh_buffer_get_u32(buffer, o.dword); + rlen = buffer_get_u32(buffer, o.dword); *o.dword = ntohl(*o.dword); rc = rlen==4 ? SSH_OK : SSH_ERROR; break; case 'q': o.qword = va_arg(ap, uint64_t*); - rlen = ssh_buffer_get_u64(buffer, o.qword); + rlen = buffer_get_u64(buffer, o.qword); *o.qword = ntohll(*o.qword); rc = rlen==8 ? SSH_OK : SSH_ERROR; break; case 'S': o.string = va_arg(ap, ssh_string *); - *o.string = ssh_buffer_get_ssh_string(buffer); + *o.string = buffer_get_ssh_string(buffer); rc = *o.string != NULL ? SSH_OK : SSH_ERROR; o.string = NULL; break; - case 's': { - uint32_t u32len = 0; - + case 's': o.cstring = va_arg(ap, char **); *o.cstring = NULL; - rc = ssh_buffer_get_u32(buffer, &u32len); + rc = buffer_get_u32(buffer, &u32len); if (rc != 4){ rc = SSH_ERROR; break; @@ -894,7 +930,7 @@ int ssh_buffer_unpack_va(struct ssh_buffer_struct *buffer, rc = SSH_ERROR; break; } - rlen = ssh_buffer_get_data(buffer, *o.cstring, len); + rlen = buffer_get_data(buffer, *o.cstring, len); if (rlen != len){ SAFE_FREE(*o.cstring); rc = SSH_ERROR; @@ -904,7 +940,6 @@ int ssh_buffer_unpack_va(struct ssh_buffer_struct *buffer, o.cstring = NULL; rc = SSH_OK; break; - } case 'P': len = va_arg(ap, size_t); @@ -916,7 +951,7 @@ int ssh_buffer_unpack_va(struct ssh_buffer_struct *buffer, rc = SSH_ERROR; break; } - rlen = ssh_buffer_get_data(buffer, *o.data, len); + rlen = buffer_get_data(buffer, *o.data, len); if (rlen != len){ SAFE_FREE(*o.data); rc = SSH_ERROR; diff --git a/external/libssh-win-static/src/callbacks.c b/external/libssh-win-static/src/callbacks.c index 3ed2f11..6f0373d 100644 --- a/external/libssh-win-static/src/callbacks.c +++ b/external/libssh-win-static/src/callbacks.c @@ -25,10 +25,7 @@ #include "libssh/callbacks.h" #include "libssh/session.h" -#include "libssh/misc.h" -#define is_callback_valid(session, cb) \ - (cb->size <= 0 || cb->size > 1024 * sizeof(void *)) /* LEGACY */ static void ssh_legacy_log_callback(int priority, @@ -50,12 +47,12 @@ int ssh_set_callbacks(ssh_session session, ssh_callbacks cb) { return SSH_ERROR; } - if (is_callback_valid(session, cb)) { - ssh_set_error(session, - SSH_FATAL, - "Invalid callback passed in (badly initialized)"); - return SSH_ERROR; - }; + if(cb->size <= 0 || cb->size > 1024 * sizeof(void *)){ + ssh_set_error(session,SSH_FATAL, + "Invalid callback passed in (badly initialized)"); + + return SSH_ERROR; + } session->common.callbacks = cb; /* LEGACY */ @@ -67,80 +64,35 @@ int ssh_set_callbacks(ssh_session session, ssh_callbacks cb) { return 0; } -static int ssh_add_set_channel_callbacks(ssh_channel channel, - ssh_channel_callbacks cb, - int prepend) -{ - ssh_session session = NULL; - int rc; +int ssh_set_channel_callbacks(ssh_channel channel, ssh_channel_callbacks cb) { + ssh_session session = NULL; + if (channel == NULL || cb == NULL) { + return SSH_ERROR; + } + session = channel->session; - if (channel == NULL || cb == NULL) { - return SSH_ERROR; - } - session = channel->session; + if(cb->size <= 0 || cb->size > 1024 * sizeof(void *)){ + ssh_set_error(session,SSH_FATAL, + "Invalid channel callback passed in (badly initialized)"); - if (is_callback_valid(session, cb)) { - ssh_set_error(session, - SSH_FATAL, - "Invalid callback passed in (badly initialized)"); - return SSH_ERROR; - }; - if (channel->callbacks == NULL) { - channel->callbacks = ssh_list_new(); - if (channel->callbacks == NULL){ - ssh_set_error_oom(session); - return SSH_ERROR; - } - } - if (prepend) { - rc = ssh_list_prepend(channel->callbacks, cb); - } else { - rc = ssh_list_append(channel->callbacks, cb); - } + return SSH_ERROR; + } + channel->callbacks = cb; - return rc; + return 0; } -int ssh_set_channel_callbacks(ssh_channel channel, ssh_channel_callbacks cb) -{ - return ssh_add_set_channel_callbacks(channel, cb, 1); -} - -int ssh_add_channel_callbacks(ssh_channel channel, ssh_channel_callbacks cb) -{ - return ssh_add_set_channel_callbacks(channel, cb, 0); -} - -int ssh_remove_channel_callbacks(ssh_channel channel, ssh_channel_callbacks cb) -{ - struct ssh_iterator *it; - - if (channel == NULL || channel->callbacks == NULL){ - return SSH_ERROR; - } - - it = ssh_list_find(channel->callbacks, cb); - if (it == NULL){ - return SSH_ERROR; - } - - ssh_list_remove(channel->callbacks, it); - - return SSH_OK; -} - - int ssh_set_server_callbacks(ssh_session session, ssh_server_callbacks cb){ if (session == NULL || cb == NULL) { return SSH_ERROR; } - if (is_callback_valid(session, cb)) { - ssh_set_error(session, - SSH_FATAL, - "Invalid callback passed in (badly initialized)"); - return SSH_ERROR; - }; + if(cb->size <= 0 || cb->size > 1024 * sizeof(void *)){ + ssh_set_error(session,SSH_FATAL, + "Invalid callback passed in (badly initialized)"); + + return SSH_ERROR; + } session->server_callbacks = cb; return 0; diff --git a/external/libssh-win-static/src/channels.c b/external/libssh-win-static/src/channels.c index 3bb9659..30c3146 100644 --- a/external/libssh-win-static/src/channels.c +++ b/external/libssh-win-static/src/channels.c @@ -286,14 +286,14 @@ static int channel_open(ssh_channel channel, const char *type, int window, } if (payload != NULL) { - if (ssh_buffer_add_buffer(session->out_buffer, payload) < 0) { + if (buffer_add_buffer(session->out_buffer, payload) < 0) { ssh_set_error_oom(session); return err; } } channel->state = SSH_CHANNEL_STATE_OPENING; - if (ssh_packet_send(session) == SSH_ERROR) { + if (packet_send(session) == SSH_ERROR) { return err; } @@ -374,7 +374,7 @@ static int grow_window(ssh_session session, ssh_channel channel, int minimumsize goto error; } - if (ssh_packet_send(session) == SSH_ERROR) { + if (packet_send(session) == SSH_ERROR) { goto error; } @@ -492,10 +492,10 @@ SSH_PACKET_CALLBACK(channel_rcv_data){ if (is_stderr) { uint32_t ignore; /* uint32 data type code. we can ignore it */ - ssh_buffer_get_u32(packet, &ignore); + buffer_get_u32(packet, &ignore); } - str = ssh_buffer_get_ssh_string(packet); + str = buffer_get_ssh_string(packet); if (str == NULL) { SSH_LOG(SSH_LOG_PACKET, "Invalid data packet!"); @@ -538,38 +538,31 @@ SSH_PACKET_CALLBACK(channel_rcv_data){ ssh_string_free(str); - if (is_stderr) { - buf = channel->stderr_buffer; - } else { - buf = channel->stdout_buffer; - } - - ssh_callbacks_iterate(channel->callbacks, - ssh_channel_callbacks, - ssh_channel_data_callback, - channel_data_function) { - if (ssh_buffer_get(buf) == 0) { - break; + if(ssh_callbacks_exists(channel->callbacks, channel_data_function)) { + if(is_stderr) { + buf = channel->stderr_buffer; + } else { + buf = channel->stdout_buffer; } - rest = ssh_callbacks_iterate_exec(channel->session, - channel, - ssh_buffer_get(buf), - ssh_buffer_get_len(buf), - is_stderr); - if (rest > 0) { - if (channel->counter != NULL) { - channel->counter->in_bytes += rest; - } - ssh_buffer_pass_bytes(buf, rest); + rest = channel->callbacks->channel_data_function(channel->session, + channel, + buffer_get_rest(buf), + buffer_get_rest_len(buf), + is_stderr, + channel->callbacks->userdata); + if(rest > 0) { + if (channel->counter != NULL) { + channel->counter->in_bytes += rest; + } + buffer_pass_bytes(buf, rest); } - } - ssh_callbacks_iterate_end(); - - if (channel->local_window + ssh_buffer_get_len(buf) < WINDOWLIMIT) { - if (grow_window(session, channel, 0) < 0) { + if (channel->local_window + buffer_get_rest_len(buf) < WINDOWLIMIT) { + if (grow_window(session, channel, 0) < 0) { return -1; + } } } + return SSH_PACKET_USED; } @@ -592,11 +585,11 @@ SSH_PACKET_CALLBACK(channel_rcv_eof) { /* channel->remote_window = 0; */ channel->remote_eof = 1; - ssh_callbacks_execute_list(channel->callbacks, - ssh_channel_callbacks, - channel_eof_function, - channel->session, - channel); + if(ssh_callbacks_exists(channel->callbacks, channel_eof_function)) { + channel->callbacks->channel_eof_function(channel->session, + channel, + channel->callbacks->userdata); + } return SSH_PACKET_USED; } @@ -619,9 +612,9 @@ SSH_PACKET_CALLBACK(channel_rcv_close) { channel->remote_channel); if ((channel->stdout_buffer && - ssh_buffer_get_len(channel->stdout_buffer) > 0) || + buffer_get_rest_len(channel->stdout_buffer) > 0) || (channel->stderr_buffer && - ssh_buffer_get_len(channel->stderr_buffer) > 0)) { + buffer_get_rest_len(channel->stderr_buffer) > 0)) { channel->delayed_close = 1; } else { channel->state = SSH_CHANNEL_STATE_CLOSED; @@ -636,12 +629,11 @@ SSH_PACKET_CALLBACK(channel_rcv_close) { * buffer because the eof is ignored until the buffer is empty. */ - ssh_callbacks_execute_list(channel->callbacks, - ssh_channel_callbacks, - channel_close_function, - channel->session, - channel); - + if(ssh_callbacks_exists(channel->callbacks, channel_close_function)) { + channel->callbacks->channel_close_function(channel->session, + channel, + channel->callbacks->userdata); + } channel->flags |= SSH_CHANNEL_FLAG_CLOSED_REMOTE; if(channel->flags & SSH_CHANNEL_FLAG_FREED_LOCAL) ssh_channel_do_free(channel); @@ -676,12 +668,12 @@ SSH_PACKET_CALLBACK(channel_rcv_request) { rc = ssh_buffer_unpack(packet, "d", &channel->exit_status); SSH_LOG(SSH_LOG_PACKET, "received exit-status %d", channel->exit_status); - ssh_callbacks_execute_list(channel->callbacks, - ssh_channel_callbacks, - channel_exit_status_function, - channel->session, - channel, - channel->exit_status); + if(ssh_callbacks_exists(channel->callbacks, channel_exit_status_function)) { + channel->callbacks->channel_exit_status_function(channel->session, + channel, + channel->exit_status, + channel->callbacks->userdata); + } return SSH_PACKET_USED; } @@ -700,13 +692,13 @@ SSH_PACKET_CALLBACK(channel_rcv_request) { SSH_LOG(SSH_LOG_PACKET, "Remote connection sent a signal SIG %s", sig); - ssh_callbacks_execute_list(channel->callbacks, - ssh_channel_callbacks, - channel_signal_function, - channel->session, - channel, - sig); - SAFE_FREE(sig); + if(ssh_callbacks_exists(channel->callbacks, channel_signal_function)) { + channel->callbacks->channel_signal_function(channel->session, + channel, + sig, + channel->callbacks->userdata); + } + SAFE_FREE(sig); return SSH_PACKET_USED; } @@ -736,15 +728,12 @@ SSH_PACKET_CALLBACK(channel_rcv_request) { SSH_LOG(SSH_LOG_PACKET, "Remote connection closed by signal SIG %s %s", sig, core); - ssh_callbacks_execute_list(channel->callbacks, - ssh_channel_callbacks, - channel_exit_signal_function, - channel->session, - channel, - sig, - core_dumped, - errmsg, - lang); + if(ssh_callbacks_exists(channel->callbacks, channel_exit_signal_function)) { + channel->callbacks->channel_exit_signal_function(channel->session, + channel, + sig, core_dumped, errmsg, lang, + channel->callbacks->userdata); + } SAFE_FREE(lang); SAFE_FREE(errmsg); @@ -763,7 +752,7 @@ SSH_PACKET_CALLBACK(channel_rcv_request) { if (rc != SSH_OK) { return SSH_PACKET_USED; } - ssh_packet_send(session); + packet_send(session); return SSH_PACKET_USED; } @@ -771,11 +760,10 @@ SSH_PACKET_CALLBACK(channel_rcv_request) { if (strcmp(request, "auth-agent-req@openssh.com") == 0) { SAFE_FREE(request); SSH_LOG(SSH_LOG_PROTOCOL, "Received an auth-agent-req request"); - ssh_callbacks_execute_list(channel->callbacks, - ssh_channel_callbacks, - channel_auth_agent_req_function, - channel->session, - channel); + if(ssh_callbacks_exists(channel->callbacks, channel_auth_agent_req_function)) { + channel->callbacks->channel_auth_agent_req_function(channel->session, channel, + channel->callbacks->userdata); + } return SSH_PACKET_USED; } @@ -876,7 +864,7 @@ int ssh_channel_open_session(ssh_channel channel) { #ifdef WITH_SSH1 if (channel->session->version == 1) { - return ssh_channel_open_session1(channel); + return channel_open_session1(channel); } #endif @@ -1040,9 +1028,6 @@ void ssh_channel_do_free(ssh_channel channel){ } ssh_buffer_free(channel->stdout_buffer); ssh_buffer_free(channel->stderr_buffer); - if (channel->callbacks != NULL){ - ssh_list_free(channel->callbacks); - } /* debug trick to catch use after frees */ memset(channel, 'X', sizeof(struct ssh_channel_struct)); @@ -1097,7 +1082,7 @@ int ssh_channel_send_eof(ssh_channel channel){ goto error; } - rc = ssh_packet_send(session); + rc = packet_send(session); SSH_LOG(SSH_LOG_PACKET, "Sent a EOF on client channel (%d:%d)", channel->local_channel, @@ -1156,7 +1141,7 @@ int ssh_channel_close(ssh_channel channel){ goto error; } - rc = ssh_packet_send(session); + rc = packet_send(session); SSH_LOG(SSH_LOG_PACKET, "Sent a close on client channel (%d:%d)", channel->local_channel, @@ -1265,7 +1250,7 @@ static int channel_write_common(ssh_channel channel, } #ifdef WITH_SSH1 if (channel->version == 1) { - rc = ssh_channel_write1(channel, data, len); + rc = channel_write1(channel, data, len); return rc; } @@ -1333,7 +1318,7 @@ static int channel_write_common(ssh_channel channel, goto error; } - rc = ssh_packet_send(session); + rc = packet_send(session); if (rc == SSH_ERROR) { return SSH_ERROR; } @@ -1364,23 +1349,6 @@ error: return SSH_ERROR; } -/** - * @brief Get the remote window size. - * - * This is the maximum amounts of bytes the remote side expects us to send - * before growing the window again. - * - * @param[in] channel The channel to query. - * - * @return The remote window size - * - * @warning A nonzero return value does not guarantee the socket is ready - * to send that much data. Buffering may happen in the local SSH - * packet buffer, so beware of really big window sizes. - * - * @warning A zero return value means ssh_channel_write (default settings) - * will block until the window grows back. - */ uint32_t ssh_channel_window_size(ssh_channel channel) { return channel->remote_window; } @@ -1446,9 +1414,9 @@ int ssh_channel_is_eof(ssh_channel channel) { return SSH_ERROR; } if ((channel->stdout_buffer && - ssh_buffer_get_len(channel->stdout_buffer) > 0) || + buffer_get_rest_len(channel->stdout_buffer) > 0) || (channel->stderr_buffer && - ssh_buffer_get_len(channel->stderr_buffer) > 0)) { + buffer_get_rest_len(channel->stderr_buffer) > 0)) { return 0; } @@ -1572,14 +1540,14 @@ static int channel_request(ssh_channel channel, const char *request, } if (buffer != NULL) { - if (ssh_buffer_add_data(session->out_buffer, ssh_buffer_get(buffer), - ssh_buffer_get_len(buffer)) < 0) { + if (ssh_buffer_add_data(session->out_buffer, buffer_get_rest(buffer), + buffer_get_rest_len(buffer)) < 0) { ssh_set_error_oom(session); goto error; } } channel->request_state = SSH_CHANNEL_REQ_STATE_PENDING; - if (ssh_packet_send(session) == SSH_ERROR) { + if (packet_send(session) == SSH_ERROR) { return rc; } @@ -1665,7 +1633,7 @@ int ssh_channel_request_pty_size(ssh_channel channel, const char *terminal, #ifdef WITH_SSH1 if (channel->version==1) { - rc = ssh_channel_request_pty_size1(channel,terminal, col, row); + rc = channel_request_pty_size1(channel,terminal, col, row); return rc; } @@ -1743,7 +1711,7 @@ int ssh_channel_change_pty_size(ssh_channel channel, int cols, int rows) { #ifdef WITH_SSH1 if (channel->version == 1) { - rc = ssh_channel_change_pty_size1(channel,cols,rows); + rc = channel_change_pty_size1(channel,cols,rows); return rc; } @@ -1789,7 +1757,7 @@ int ssh_channel_request_shell(ssh_channel channel) { } #ifdef WITH_SSH1 if (channel->version == 1) { - return ssh_channel_request_shell1(channel); + return channel_request_shell1(channel); } #endif return channel_request(channel, "shell", NULL, 1); @@ -2013,25 +1981,6 @@ ssh_channel ssh_channel_accept_x11(ssh_channel channel, int timeout_ms) { return ssh_channel_accept(channel->session, SSH_CHANNEL_X11, timeout_ms, NULL); } -/** - * @brief Send an "auth-agent-req" channel request over an existing session channel. - * - * This client-side request will enable forwarding the agent over an secure tunnel. - * When the server is ready to open one authentication agent channel, an - * ssh_channel_open_request_auth_agent_callback event will be generated. - * - * @param[in] channel The channel to send signal. - * - * @return SSH_OK on success, SSH_ERROR if an error occurred - */ -int ssh_channel_request_auth_agent(ssh_channel channel) { - if (channel == NULL) { - return SSH_ERROR; - } - - return channel_request(channel, "auth-agent-req@openssh.com", NULL, 0); -} - /** * @internal * @@ -2131,8 +2080,8 @@ static int global_request(ssh_session session, const char *request, if (buffer != NULL) { rc = ssh_buffer_add_data(session->out_buffer, - ssh_buffer_get(buffer), - ssh_buffer_get_len(buffer)); + buffer_get_rest(buffer), + buffer_get_rest_len(buffer)); if (rc < 0) { ssh_set_error_oom(session); rc = SSH_ERROR; @@ -2141,7 +2090,7 @@ static int global_request(ssh_session session, const char *request, } session->global_req_state = SSH_CHANNEL_REQ_STATE_PENDING; - rc = ssh_packet_send(session); + rc = packet_send(session); if (rc == SSH_ERROR) { return rc; } @@ -2430,7 +2379,7 @@ int ssh_channel_request_exec(ssh_channel channel, const char *cmd) { #ifdef WITH_SSH1 if (channel->version == 1) { - return ssh_channel_request_exec1(channel, cmd); + return channel_request_exec1(channel, cmd); } #endif switch(channel->request_state){ @@ -2616,7 +2565,7 @@ struct ssh_channel_read_termination_struct { static int ssh_channel_read_termination(void *s){ struct ssh_channel_read_termination_struct *ctx = s; - if (ssh_buffer_get_len(ctx->buffer) >= ctx->count || + if (buffer_get_rest_len(ctx->buffer) >= ctx->count || ctx->channel->remote_eof || ctx->channel->session->session_state == SSH_SESSION_STATE_ERROR) return 1; @@ -2713,11 +2662,11 @@ int ssh_channel_read_timeout(ssh_channel channel, SSH_LOG(SSH_LOG_PACKET, "Read (%d) buffered : %d bytes. Window: %d", count, - ssh_buffer_get_len(stdbuf), + buffer_get_rest_len(stdbuf), channel->local_window); - if (count > ssh_buffer_get_len(stdbuf) + channel->local_window) { - if (grow_window(session, channel, count - ssh_buffer_get_len(stdbuf)) < 0) { + if (count > buffer_get_rest_len(stdbuf) + channel->local_window) { + if (grow_window(session, channel, count - buffer_get_rest_len(stdbuf)) < 0) { return -1; } } @@ -2743,14 +2692,14 @@ int ssh_channel_read_timeout(ssh_channel channel, if (session->session_state == SSH_SESSION_STATE_ERROR){ return SSH_ERROR; } - if (channel->remote_eof && ssh_buffer_get_len(stdbuf) == 0) { + if (channel->remote_eof && buffer_get_rest_len(stdbuf) == 0) { return 0; } - len = ssh_buffer_get_len(stdbuf); + len = buffer_get_rest_len(stdbuf); /* Read count bytes if len is greater, everything otherwise */ len = (len > count ? count : len); - memcpy(dest, ssh_buffer_get(stdbuf), len); - ssh_buffer_pass_bytes(stdbuf,len); + memcpy(dest, buffer_get_rest(stdbuf), len); + buffer_pass_bytes(stdbuf,len); if (channel->counter != NULL) { channel->counter->in_bytes += len; } @@ -2850,7 +2799,7 @@ int ssh_channel_poll(ssh_channel channel, int is_stderr){ stdbuf = channel->stderr_buffer; } - if (ssh_buffer_get_len(stdbuf) == 0 && channel->remote_eof == 0) { + if (buffer_get_rest_len(stdbuf) == 0 && channel->remote_eof == 0) { if (channel->session->session_state == SSH_SESSION_STATE_ERROR){ return SSH_ERROR; } @@ -2859,15 +2808,15 @@ int ssh_channel_poll(ssh_channel channel, int is_stderr){ } } - if (ssh_buffer_get_len(stdbuf) > 0){ - return ssh_buffer_get_len(stdbuf); + if (buffer_get_rest_len(stdbuf) > 0){ + return buffer_get_rest_len(stdbuf); } if (channel->remote_eof) { return SSH_EOF; } - return ssh_buffer_get_len(stdbuf); + return buffer_get_rest_len(stdbuf); } /** @@ -2914,7 +2863,7 @@ int ssh_channel_poll_timeout(ssh_channel channel, int timeout, int is_stderr){ rc = SSH_ERROR; goto end; } - rc = ssh_buffer_get_len(stdbuf); + rc = buffer_get_rest_len(stdbuf); if(rc > 0) goto end; if (channel->remote_eof) @@ -3003,8 +2952,8 @@ static int channel_protocol_select(ssh_channel *rchans, ssh_channel *wchans, ssh_handle_packets(chan->session, SSH_TIMEOUT_NONBLOCKING); } - if ((chan->stdout_buffer && ssh_buffer_get_len(chan->stdout_buffer) > 0) || - (chan->stderr_buffer && ssh_buffer_get_len(chan->stderr_buffer) > 0) || + if ((chan->stdout_buffer && buffer_get_rest_len(chan->stdout_buffer) > 0) || + (chan->stderr_buffer && buffer_get_rest_len(chan->stderr_buffer) > 0) || chan->remote_eof) { rout[j] = chan; j++; @@ -3210,6 +3159,7 @@ void ssh_channel_set_counter(ssh_channel channel, } } +#if WITH_SERVER /** * @brief Blocking write on a channel stderr. * @@ -3227,8 +3177,6 @@ int ssh_channel_write_stderr(ssh_channel channel, const void *data, uint32_t len return channel_write_common(channel, data, len, 1); } -#if WITH_SERVER - /** * @brief Open a TCP/IP reverse forwarding channel. * diff --git a/external/libssh-win-static/src/channels1.c b/external/libssh-win-static/src/channels1.c index 2ad087e..4b7d268 100644 --- a/external/libssh-win-static/src/channels1.c +++ b/external/libssh-win-static/src/channels1.c @@ -51,7 +51,7 @@ * protocol. */ -int ssh_channel_open_session1(ssh_channel chan) { +int channel_open_session1(ssh_channel chan) { ssh_session session; if (chan == NULL) { @@ -91,7 +91,7 @@ int ssh_channel_open_session1(ssh_channel chan) { * much simplier under ssh2. I just hope the defaults values are ok ... */ -int ssh_channel_request_pty_size1(ssh_channel channel, const char *terminal, int col, +int channel_request_pty_size1(ssh_channel channel, const char *terminal, int col, int row) { ssh_session session; ssh_string str = NULL; @@ -112,24 +112,24 @@ int ssh_channel_request_pty_size1(ssh_channel channel, const char *terminal, int return -1; } - if (ssh_buffer_add_u8(session->out_buffer, SSH_CMSG_REQUEST_PTY) < 0 || - ssh_buffer_add_ssh_string(session->out_buffer, str) < 0) { + if (buffer_add_u8(session->out_buffer, SSH_CMSG_REQUEST_PTY) < 0 || + buffer_add_ssh_string(session->out_buffer, str) < 0) { ssh_string_free(str); return -1; } ssh_string_free(str); - if (ssh_buffer_add_u32(session->out_buffer, ntohl(row)) < 0 || - ssh_buffer_add_u32(session->out_buffer, ntohl(col)) < 0 || - ssh_buffer_add_u32(session->out_buffer, 0) < 0 || /* x */ - ssh_buffer_add_u32(session->out_buffer, 0) < 0 || /* y */ - ssh_buffer_add_u8(session->out_buffer, 0) < 0) { /* tty things */ + if (buffer_add_u32(session->out_buffer, ntohl(row)) < 0 || + buffer_add_u32(session->out_buffer, ntohl(col)) < 0 || + buffer_add_u32(session->out_buffer, 0) < 0 || /* x */ + buffer_add_u32(session->out_buffer, 0) < 0 || /* y */ + buffer_add_u8(session->out_buffer, 0) < 0) { /* tty things */ return -1; } SSH_LOG(SSH_LOG_FUNCTIONS, "Opening a ssh1 pty"); channel->request_state = SSH_CHANNEL_REQ_STATE_PENDING; - if (ssh_packet_send(session) == SSH_ERROR) { + if (packet_send(session) == SSH_ERROR) { return -1; } @@ -158,7 +158,7 @@ int ssh_channel_request_pty_size1(ssh_channel channel, const char *terminal, int return SSH_ERROR; } -int ssh_channel_change_pty_size1(ssh_channel channel, int cols, int rows) { +int channel_change_pty_size1(ssh_channel channel, int cols, int rows) { ssh_session session; if (channel == NULL) { @@ -170,15 +170,15 @@ int ssh_channel_change_pty_size1(ssh_channel channel, int cols, int rows) { ssh_set_error(session,SSH_REQUEST_DENIED,"Wrong request state"); return SSH_ERROR; } - if (ssh_buffer_add_u8(session->out_buffer, SSH_CMSG_WINDOW_SIZE) < 0 || - ssh_buffer_add_u32(session->out_buffer, ntohl(rows)) < 0 || - ssh_buffer_add_u32(session->out_buffer, ntohl(cols)) < 0 || - ssh_buffer_add_u32(session->out_buffer, 0) < 0 || - ssh_buffer_add_u32(session->out_buffer, 0) < 0) { + if (buffer_add_u8(session->out_buffer, SSH_CMSG_WINDOW_SIZE) < 0 || + buffer_add_u32(session->out_buffer, ntohl(rows)) < 0 || + buffer_add_u32(session->out_buffer, ntohl(cols)) < 0 || + buffer_add_u32(session->out_buffer, 0) < 0 || + buffer_add_u32(session->out_buffer, 0) < 0) { return SSH_ERROR; } channel->request_state=SSH_CHANNEL_REQ_STATE_PENDING; - if (ssh_packet_send(session) == SSH_ERROR) { + if (packet_send(session) == SSH_ERROR) { return SSH_ERROR; } @@ -207,7 +207,7 @@ int ssh_channel_change_pty_size1(ssh_channel channel, int cols, int rows) { } -int ssh_channel_request_shell1(ssh_channel channel) { +int channel_request_shell1(ssh_channel channel) { ssh_session session; if (channel == NULL) { @@ -215,11 +215,11 @@ int ssh_channel_request_shell1(ssh_channel channel) { } session = channel->session; - if (ssh_buffer_add_u8(session->out_buffer,SSH_CMSG_EXEC_SHELL) < 0) { + if (buffer_add_u8(session->out_buffer,SSH_CMSG_EXEC_SHELL) < 0) { return -1; } - if (ssh_packet_send(session) == SSH_ERROR) { + if (packet_send(session) == SSH_ERROR) { return -1; } @@ -228,7 +228,7 @@ int ssh_channel_request_shell1(ssh_channel channel) { return 0; } -int ssh_channel_request_exec1(ssh_channel channel, const char *cmd) { +int channel_request_exec1(ssh_channel channel, const char *cmd) { ssh_session session; ssh_string command = NULL; @@ -242,14 +242,14 @@ int ssh_channel_request_exec1(ssh_channel channel, const char *cmd) { return -1; } - if (ssh_buffer_add_u8(session->out_buffer, SSH_CMSG_EXEC_CMD) < 0 || - ssh_buffer_add_ssh_string(session->out_buffer, command) < 0) { + if (buffer_add_u8(session->out_buffer, SSH_CMSG_EXEC_CMD) < 0 || + buffer_add_ssh_string(session->out_buffer, command) < 0) { ssh_string_free(command); return -1; } ssh_string_free(command); - if(ssh_packet_send(session) == SSH_ERROR) { + if(packet_send(session) == SSH_ERROR) { return -1; } @@ -268,7 +268,7 @@ SSH_PACKET_CALLBACK(ssh_packet_data1){ return SSH_PACKET_NOT_USED; } - str = ssh_buffer_get_ssh_string(packet); + str = buffer_get_ssh_string(packet); if (str == NULL) { SSH_LOG(SSH_LOG_FUNCTIONS, "Invalid data packet !\n"); return SSH_PACKET_USED; @@ -300,7 +300,7 @@ SSH_PACKET_CALLBACK(ssh_packet_close1){ return SSH_PACKET_NOT_USED; } - ssh_buffer_get_u32(packet, &status); + buffer_get_u32(packet, &status); /* * It's much more than a channel closing. spec says it's the last * message sent by server (strange) @@ -310,11 +310,11 @@ SSH_PACKET_CALLBACK(ssh_packet_close1){ channel->state = SSH_CHANNEL_STATE_CLOSED; channel->remote_eof = 1; - rc = ssh_buffer_add_u8(session->out_buffer, SSH_CMSG_EXIT_CONFIRMATION); + rc = buffer_add_u8(session->out_buffer, SSH_CMSG_EXIT_CONFIRMATION); if (rc < 0) { return SSH_PACKET_NOT_USED; } - ssh_packet_send(session); + packet_send(session); return SSH_PACKET_USED; } @@ -329,7 +329,7 @@ SSH_PACKET_CALLBACK(ssh_packet_exist_status1){ return SSH_PACKET_NOT_USED; } - ssh_buffer_get_u32(packet, &status); + buffer_get_u32(packet, &status); channel->state = SSH_CHANNEL_STATE_CLOSED; channel->remote_eof = 1; channel->exit_status = ntohl(status); @@ -338,7 +338,7 @@ SSH_PACKET_CALLBACK(ssh_packet_exist_status1){ } -int ssh_channel_write1(ssh_channel channel, const void *data, int len) { +int channel_write1(ssh_channel channel, const void *data, int len) { ssh_session session; int origlen = len; int effectivelen; @@ -350,13 +350,13 @@ int ssh_channel_write1(ssh_channel channel, const void *data, int len) { session = channel->session; while (len > 0) { - if (ssh_buffer_add_u8(session->out_buffer, SSH_CMSG_STDIN_DATA) < 0) { + if (buffer_add_u8(session->out_buffer, SSH_CMSG_STDIN_DATA) < 0) { return -1; } effectivelen = len > 32000 ? 32000 : len; - if (ssh_buffer_add_u32(session->out_buffer, htonl(effectivelen)) < 0 || + if (buffer_add_u32(session->out_buffer, htonl(effectivelen)) < 0 || ssh_buffer_add_data(session->out_buffer, ptr, effectivelen) < 0) { return -1; } @@ -364,7 +364,7 @@ int ssh_channel_write1(ssh_channel channel, const void *data, int len) { ptr += effectivelen; len -= effectivelen; - if (ssh_packet_send(session) == SSH_ERROR) { + if (packet_send(session) == SSH_ERROR) { return -1; } ssh_handle_packets(session, SSH_TIMEOUT_NONBLOCKING); diff --git a/external/libssh-win-static/src/client.c b/external/libssh-win-static/src/client.c index 3b120bb..3eb7c61 100644 --- a/external/libssh-win-static/src/client.c +++ b/external/libssh-win-static/src/client.c @@ -334,7 +334,7 @@ int ssh_service_request(ssh_session session, const char *service) { return SSH_ERROR; } session->auth_service_state=SSH_AUTH_SERVICE_SENT; - if (ssh_packet_send(session) == SSH_ERROR) { + if (packet_send(session) == SSH_ERROR) { ssh_set_error(session, SSH_FATAL, "Sending SSH2_MSG_SERVICE_REQUEST failed."); return SSH_ERROR; @@ -430,9 +430,8 @@ static void ssh_client_connection_callback(ssh_session session){ goto error; } /* from now, the packet layer is handling incoming packets */ - if (session->version == 2) { - ssh_packet_register_socket_callback(session, session->socket); - } + if(session->version==2) + session->socket_callbacks.data=ssh_packet_socket_callback; #ifdef WITH_SSH1 else session->socket_callbacks.data=ssh_packet_socket_callback1; @@ -459,7 +458,7 @@ static void ssh_client_connection_callback(ssh_session session){ case SSH_SESSION_STATE_KEXINIT_RECEIVED: set_status(session,0.6f); ssh_list_kex(&session->next_crypto->server_kex); - if (ssh_set_client_kex(session) < 0) { + if (set_client_kex(session) < 0) { goto error; } if (ssh_kex_select_methods(session) == SSH_ERROR) @@ -703,7 +702,7 @@ void ssh_disconnect(ssh_session session) { goto error; } - ssh_packet_send(session); + packet_send(session); ssh_socket_close(session->socket); } error: diff --git a/external/libssh-win-static/src/connector.c b/external/libssh-win-static/src/connector.c deleted file mode 100644 index 6f05008..0000000 --- a/external/libssh-win-static/src/connector.c +++ /dev/null @@ -1,619 +0,0 @@ -/* - * This file is part of the SSH Library - * - * Copyright (c) 2015 by Aris Adamantiadis - * - * The SSH Library is free software; you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License as published by - * the Free Software Foundation; either version 2.1 of the License, or (at your - * option) any later version. - * - * The SSH Library is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public - * License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with the SSH Library; see the file COPYING. If not, write to - * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, - * MA 02111-1307, USA. - */ - -#include "libssh/priv.h" -#include "libssh/poll.h" -#include "libssh/callbacks.h" -#include "libssh/session.h" -#include -#define CHUNKSIZE 4096 - -struct ssh_connector_struct { - ssh_session session; - - ssh_channel in_channel; - ssh_channel out_channel; - - socket_t in_fd; - socket_t out_fd; - - ssh_poll_handle in_poll; - ssh_poll_handle out_poll; - - ssh_event event; - - int in_available; - int out_wontblock; - - struct ssh_channel_callbacks_struct in_channel_cb; - struct ssh_channel_callbacks_struct out_channel_cb; - - enum ssh_connector_flags_e in_flags; - enum ssh_connector_flags_e out_flags; -}; - -static int ssh_connector_channel_data_cb(ssh_session session, - ssh_channel channel, - void *data, - uint32_t len, - int is_stderr, - void *userdata); -static int ssh_connector_channel_write_wontblock_cb(ssh_session session, - ssh_channel channel, - size_t bytes, - void *userdata); - -ssh_connector ssh_connector_new(ssh_session session) -{ - ssh_connector connector; - - connector = calloc(1, sizeof(struct ssh_connector_struct)); - if (connector == NULL){ - ssh_set_error_oom(session); - return NULL; - } - - connector->session = session; - connector->in_fd = SSH_INVALID_SOCKET; - connector->out_fd = SSH_INVALID_SOCKET; - - ssh_callbacks_init(&connector->in_channel_cb); - ssh_callbacks_init(&connector->out_channel_cb); - - connector->in_channel_cb.userdata = connector; - connector->in_channel_cb.channel_data_function = ssh_connector_channel_data_cb; - - connector->out_channel_cb.userdata = connector; - connector->out_channel_cb.channel_write_wontblock_function = - ssh_connector_channel_write_wontblock_cb; - - return connector; -} - -void ssh_connector_free (ssh_connector connector) -{ - if (connector->event != NULL){ - ssh_connector_remove_event(connector); - } - - if (connector->in_poll != NULL) { - ssh_poll_free(connector->in_poll); - connector->in_poll = NULL; - } - - if (connector->out_poll != NULL) { - ssh_poll_free(connector->out_poll); - connector->out_poll = NULL; - } - - if (connector->in_channel != NULL) { - ssh_remove_channel_callbacks(connector->in_channel, - &connector->in_channel_cb); - } - if (connector->out_channel != NULL) { - ssh_remove_channel_callbacks(connector->out_channel, - &connector->out_channel_cb); - } - - free(connector); -} - -int ssh_connector_set_in_channel(ssh_connector connector, - ssh_channel channel, - enum ssh_connector_flags_e flags) -{ - connector->in_channel = channel; - connector->in_fd = SSH_INVALID_SOCKET; - connector->in_flags = flags; - - /* Fallback to default value for invalid flags */ - if (!(flags & SSH_CONNECTOR_STDOUT) && !(flags & SSH_CONNECTOR_STDERR)) { - connector->in_flags = SSH_CONNECTOR_STDOUT; - } - - return ssh_add_channel_callbacks(channel, &connector->in_channel_cb); -} - -int ssh_connector_set_out_channel(ssh_connector connector, - ssh_channel channel, - enum ssh_connector_flags_e flags) -{ - connector->out_channel = channel; - connector->out_fd = SSH_INVALID_SOCKET; - connector->out_flags = flags; - - /* Fallback to default value for invalid flags */ - if (!(flags & SSH_CONNECTOR_STDOUT) && !(flags & SSH_CONNECTOR_STDERR)) { - connector->in_flags = SSH_CONNECTOR_STDOUT; - } - - return ssh_add_channel_callbacks(channel, &connector->out_channel_cb); -} - -void ssh_connector_set_in_fd(ssh_connector connector, socket_t fd) -{ - connector->in_fd = fd; - connector->in_channel = NULL; -} - -void ssh_connector_set_out_fd(ssh_connector connector, socket_t fd) -{ - connector->out_fd = fd; - connector->out_channel = NULL; -} - -/* TODO */ -static void ssh_connector_except(ssh_connector connector, socket_t fd) -{ - (void) connector; - (void) fd; -} - -/* TODO */ -static void ssh_connector_except_channel(ssh_connector connector, - ssh_channel channel) -{ - (void) connector; - (void) channel; -} - -/** - * @internal - * - * @brief Reset the poll events to be followed for each file descriptors. - */ -static void ssh_connector_reset_pollevents(ssh_connector connector) -{ - if (connector->in_fd != SSH_INVALID_SOCKET) { - if (connector->in_available) { - ssh_poll_remove_events(connector->in_poll, POLLIN); - } else { - ssh_poll_add_events(connector->in_poll, POLLIN); - } - } - - if (connector->out_fd != SSH_INVALID_SOCKET) { - if (connector->out_wontblock) { - ssh_poll_remove_events(connector->out_poll, POLLOUT); - } else { - ssh_poll_add_events(connector->out_poll, POLLOUT); - } - } -} - -/** - * @internal - * - * @brief Callback called when a poll event is received on an input fd. - */ -static void ssh_connector_fd_in_cb(ssh_connector connector) -{ - unsigned char buffer[CHUNKSIZE]; - int r; - int toread = CHUNKSIZE; - int w; - int total = 0; - int rc; - - SSH_LOG(SSH_LOG_TRACE, "connector POLLIN event for fd %d", connector->in_fd); - - if (connector->out_wontblock) { - if (connector->out_channel != NULL) { - size_t size = ssh_channel_window_size(connector->out_channel); - - /* Don't attempt reading more than the window */ - toread = MIN(size, CHUNKSIZE); - } - - r = read(connector->in_fd, buffer, toread); - if (r < 0) { - ssh_connector_except(connector, connector->in_fd); - return; - } - - if (connector->out_channel != NULL) { - if (r == 0) { - rc = ssh_channel_send_eof(connector->out_channel); - (void)rc; /* TODO Handle rc? */ - } else if (r> 0) { - /* loop around ssh_channel_write in case our window reduced due to a race */ - while (total != r){ - if (connector->out_flags & SSH_CONNECTOR_STDOUT) { - w = ssh_channel_write(connector->out_channel, - buffer + total, - r - total); - } else { - w = ssh_channel_write_stderr(connector->out_channel, - buffer + total, - r - total); - } - if (w == SSH_ERROR) { - return; - } - total += w; - } - } - } else if (connector->out_fd != SSH_INVALID_SOCKET) { - if (r == 0){ - close (connector->out_fd); - connector->out_fd = SSH_INVALID_SOCKET; - } else { - /* - * Loop around write in case the write blocks even for CHUNKSIZE - * bytes - */ - while (total != r) { - w = write(connector->out_fd, buffer + total, r - total); - if (w < 0){ - ssh_connector_except(connector, connector->out_fd); - return; - } - total += w; - } - } - } else { - ssh_set_error(connector->session, SSH_FATAL, "output socket or channel closed"); - return; - } - connector->out_wontblock = 0; - connector->in_available = 0; - } else { - connector->in_available = 1; - } -} - -/** @internal - * @brief Callback called when a poll event is received on an output fd - */ -static void ssh_connector_fd_out_cb(ssh_connector connector){ - unsigned char buffer[CHUNKSIZE]; - int r; - int w; - int total = 0; - SSH_LOG(SSH_LOG_TRACE, "connector POLLOUT event for fd %d", connector->out_fd); - - if(connector->in_available){ - if (connector->in_channel != NULL){ - r = ssh_channel_read_nonblocking(connector->in_channel, buffer, CHUNKSIZE, 0); - if(r == SSH_ERROR){ - ssh_connector_except_channel(connector, connector->in_channel); - return; - } else if(r == 0 && ssh_channel_is_eof(connector->in_channel)){ - close(connector->out_fd); - connector->out_fd = SSH_INVALID_SOCKET; - return; - } else if(r>0) { - /* loop around write in case the write blocks even for CHUNKSIZE bytes */ - while (total != r){ - w = write(connector->out_fd, buffer + total, r - total); - if (w < 0){ - ssh_connector_except(connector, connector->out_fd); - return; - } - total += w; - } - } - } else if (connector->in_fd != SSH_INVALID_SOCKET){ - /* fallback on the socket input callback */ - connector->out_wontblock = 1; - ssh_connector_fd_in_cb(connector); - } else { - ssh_set_error(connector->session, - SSH_FATAL, - "Output socket or channel closed"); - return; - } - connector->in_available = 0; - connector->out_wontblock = 0; - } else { - connector->out_wontblock = 1; - } -} - -/** - * @internal - * - * @brief Callback called when a poll event is received on a file descriptor. - * - * This is for (input or output. - * - * @param[in] fd file descriptor receiving the event - * - * @param[in] revents received Poll(2) events - * - * @param[in] userdata connector - * - * @returns 0 - */ -static int ssh_connector_fd_cb(ssh_poll_handle p, - socket_t fd, - int revents, - void *userdata) -{ - ssh_connector connector = userdata; - - (void)p; - - if (revents & POLLERR) { - ssh_connector_except(connector, fd); - } else if((revents & POLLIN) && fd == connector->in_fd) { - ssh_connector_fd_in_cb(connector); - } else if((revents & POLLOUT) && fd == connector->out_fd) { - ssh_connector_fd_out_cb(connector); - } - ssh_connector_reset_pollevents(connector); - - return 0; -} - -/** - * @internal - * - * @brief Callback called when data is received on channel. - * - * @param[in] data Pointer to the data - * - * @param[in] len Length of data - * - * @param[in] is_stderr Set to 1 if the data are out of band - * - * @param[in] userdata The ssh connector - * - * @returns Amount of data bytes consumed - */ -static int ssh_connector_channel_data_cb(ssh_session session, - ssh_channel channel, - void *data, - uint32_t len, - int is_stderr, - void *userdata) -{ - ssh_connector connector = userdata; - int w; - size_t window; - - (void) session; - (void) channel; - (void) is_stderr; - - SSH_LOG(SSH_LOG_TRACE,"connector data on channel"); - - if (is_stderr && !(connector->in_flags & SSH_CONNECTOR_STDERR)) { - /* ignore stderr */ - return 0; - } else if (!is_stderr && !(connector->in_flags & SSH_CONNECTOR_STDOUT)) { - /* ignore stdout */ - return 0; - } - - if (connector->out_wontblock) { - if (connector->out_channel != NULL) { - int window_len; - - window = ssh_channel_window_size(connector->out_channel); - window_len = MIN(window, len); - - /* Route the data to the right exception channel */ - if (is_stderr && (connector->out_flags & SSH_CONNECTOR_STDERR)) { - w = ssh_channel_write_stderr(connector->out_channel, - data, - window_len); - } else if (!is_stderr && - (connector->out_flags & SSH_CONNECTOR_STDOUT)) { - w = ssh_channel_write(connector->out_channel, - data, - window_len); - } else if (connector->out_flags & SSH_CONNECTOR_STDOUT) { - w = ssh_channel_write(connector->out_channel, - data, - window_len); - } else { - w = ssh_channel_write_stderr(connector->out_channel, - data, - window_len); - } - if (w == SSH_ERROR) { - ssh_connector_except_channel(connector, connector->out_channel); - } - } else if (connector->out_fd != SSH_INVALID_SOCKET) { - w = write(connector->out_fd, data, len); - if (w < 0) - ssh_connector_except(connector, connector->out_fd); - } else { - ssh_set_error(session, SSH_FATAL, "output socket or channel closed"); - return SSH_ERROR; - } - - connector->out_wontblock = 0; - connector->in_available = 0; - if ((unsigned int)w < len) { - connector->in_available = 1; - } - ssh_connector_reset_pollevents(connector); - - return w; - } else { - connector->in_available = 1; - - return 0; - } -} - -/** - * @internal - * - * @brief Callback called when the channel is free to write. - * - * @param[in] bytes Amount of bytes that can be written without blocking - * - * @param[in] userdata The ssh connector - * - * @returns Amount of data bytes consumed - */ -static int ssh_connector_channel_write_wontblock_cb(ssh_session session, - ssh_channel channel, - size_t bytes, - void *userdata) -{ - ssh_connector connector = userdata; - uint8_t buffer[CHUNKSIZE]; - int r, w; - - (void) channel; - - SSH_LOG(SSH_LOG_TRACE, "Channel write won't block"); - if (connector->in_available) { - if (connector->in_channel != NULL) { - size_t len = MIN(CHUNKSIZE, bytes); - - r = ssh_channel_read_nonblocking(connector->in_channel, - buffer, - len, - 0); - if (r == SSH_ERROR) { - ssh_connector_except_channel(connector, connector->in_channel); - } else if(r == 0 && ssh_channel_is_eof(connector->in_channel)){ - ssh_channel_send_eof(connector->out_channel); - } else if (r > 0) { - w = ssh_channel_write(connector->out_channel, buffer, r); - if (w == SSH_ERROR) { - ssh_connector_except_channel(connector, - connector->out_channel); - } - } - } else if (connector->in_fd != SSH_INVALID_SOCKET) { - /* fallback on on the socket input callback */ - connector->out_wontblock = 1; - ssh_connector_fd_in_cb(connector); - ssh_connector_reset_pollevents(connector); - } else { - ssh_set_error(session, - SSH_FATAL, - "Output socket or channel closed"); - - return 0; - } - connector->in_available = 0; - connector->out_wontblock = 0; - } else { - connector->out_wontblock = 1; - } - - return 0; -} - -int ssh_connector_set_event(ssh_connector connector, ssh_event event) -{ - int rc = SSH_OK; - - if ((connector->in_fd == SSH_INVALID_SOCKET && - connector->in_channel == NULL) - || (connector->out_fd == SSH_INVALID_SOCKET && - connector->out_channel == NULL)) { - rc = SSH_ERROR; - ssh_set_error(connector->session,SSH_FATAL,"Connector not complete"); - goto error; - } - - connector->event = event; - if (connector->in_fd != SSH_INVALID_SOCKET) { - if (connector->in_poll == NULL) { - connector->in_poll = ssh_poll_new(connector->in_fd, - POLLIN|POLLERR, - ssh_connector_fd_cb, - connector); - } - rc = ssh_event_add_poll(event, connector->in_poll); - if (rc != SSH_OK) { - goto error; - } - } - - if (connector->out_fd != SSH_INVALID_SOCKET) { - if (connector->out_poll == NULL) { - connector->out_poll = ssh_poll_new(connector->out_fd, - POLLOUT|POLLERR, - ssh_connector_fd_cb, - connector); - } - - rc = ssh_event_add_poll(event, connector->out_poll); - if (rc != SSH_OK) { - goto error; - } - } - if (connector->in_channel != NULL) { - rc = ssh_event_add_session(event, - ssh_channel_get_session(connector->in_channel)); - if (rc != SSH_OK) - goto error; - if (ssh_channel_poll_timeout(connector->in_channel, 0, 0) > 0){ - connector->in_available = 1; - } - } - if(connector->out_channel != NULL) { - ssh_session session = ssh_channel_get_session(connector->out_channel); - - rc = ssh_event_add_session(event, session); - if (rc != SSH_OK) { - goto error; - } - if (ssh_channel_window_size(connector->out_channel) > 0) { - connector->out_wontblock = 1; - } - } - -error: - return rc; -} - -int ssh_connector_remove_event(ssh_connector connector) { - ssh_session session; - - if (connector->in_poll != NULL) { - ssh_event_remove_poll(connector->event, connector->in_poll); - ssh_poll_free(connector->in_poll); - connector->in_poll = NULL; - } - - if (connector->out_poll != NULL) { - ssh_event_remove_poll(connector->event, connector->out_poll); - ssh_poll_free(connector->out_poll); - connector->out_poll = NULL; - } - - if (connector->in_channel != NULL) { - session = ssh_channel_get_session(connector->in_channel); - - ssh_event_remove_session(connector->event, session); - connector->in_channel = NULL; - } - - if (connector->out_channel != NULL) { - session = ssh_channel_get_session(connector->out_channel); - - ssh_event_remove_session(connector->event, session); - connector->out_channel = NULL; - } - connector->event = NULL; - - return SSH_OK; -} diff --git a/external/libssh-win-static/src/curve25519.c b/external/libssh-win-static/src/curve25519.c index 43783e8..99d7145 100644 --- a/external/libssh-win-static/src/curve25519.c +++ b/external/libssh-win-static/src/curve25519.c @@ -64,7 +64,7 @@ int ssh_client_curve25519_init(ssh_session session){ return SSH_ERROR; } - rc = ssh_packet_send(session); + rc = packet_send(session); return rc; } @@ -106,7 +106,7 @@ int ssh_client_curve25519_reply(ssh_session session, ssh_buffer packet){ ssh_string pubkey = NULL; ssh_string signature = NULL; int rc; - pubkey = ssh_buffer_get_ssh_string(packet); + pubkey = buffer_get_ssh_string(packet); if (pubkey == NULL){ ssh_set_error(session,SSH_FATAL, "No public key in packet"); goto error; @@ -115,7 +115,7 @@ int ssh_client_curve25519_reply(ssh_session session, ssh_buffer packet){ session->next_crypto->server_pubkey = pubkey; pubkey = NULL; - q_s_string = ssh_buffer_get_ssh_string(packet); + q_s_string = buffer_get_ssh_string(packet); if (q_s_string == NULL) { ssh_set_error(session,SSH_FATAL, "No Q_S ECC point in packet"); goto error; @@ -129,7 +129,7 @@ int ssh_client_curve25519_reply(ssh_session session, ssh_buffer packet){ memcpy(session->next_crypto->curve25519_server_pubkey, ssh_string_data(q_s_string), CURVE25519_PUBKEY_SIZE); ssh_string_free(q_s_string); - signature = ssh_buffer_get_ssh_string(packet); + signature = buffer_get_ssh_string(packet); if (signature == NULL) { ssh_set_error(session, SSH_FATAL, "No signature in packet"); goto error; @@ -143,11 +143,11 @@ int ssh_client_curve25519_reply(ssh_session session, ssh_buffer packet){ } /* Send the MSG_NEWKEYS */ - if (ssh_buffer_add_u8(session->out_buffer, SSH2_MSG_NEWKEYS) < 0) { + if (buffer_add_u8(session->out_buffer, SSH2_MSG_NEWKEYS) < 0) { goto error; } - rc=ssh_packet_send(session); + rc=packet_send(session); SSH_LOG(SSH_LOG_PROTOCOL, "SSH_MSG_NEWKEYS sent"); return rc; error: @@ -170,7 +170,7 @@ int ssh_server_curve25519_init(ssh_session session, ssh_buffer packet){ int rc; /* Extract the client pubkey from the init packet */ - q_c_string = ssh_buffer_get_ssh_string(packet); + q_c_string = buffer_get_ssh_string(packet); if (q_c_string == NULL) { ssh_set_error(session,SSH_FATAL, "No Q_C ECC point in packet"); return SSH_ERROR; @@ -196,7 +196,7 @@ int ssh_server_curve25519_init(ssh_session session, ssh_buffer packet){ crypto_scalarmult_base(session->next_crypto->curve25519_server_pubkey, session->next_crypto->curve25519_privkey); - rc = ssh_buffer_add_u8(session->out_buffer, SSH2_MSG_KEX_ECDH_REPLY); + rc = buffer_add_u8(session->out_buffer, SSH2_MSG_KEX_ECDH_REPLY); if (rc < 0) { ssh_set_error_oom(session); goto error; @@ -215,14 +215,14 @@ int ssh_server_curve25519_init(ssh_session session, ssh_buffer packet){ goto error; } - rc = ssh_make_sessionid(session); + rc = make_sessionid(session); if (rc != SSH_OK) { ssh_set_error(session, SSH_FATAL, "Could not create a session id"); goto error; } /* add host's public key */ - rc = ssh_buffer_add_ssh_string(session->out_buffer, + rc = buffer_add_ssh_string(session->out_buffer, session->next_crypto->server_pubkey); if (rc < 0) { ssh_set_error_oom(session); @@ -239,7 +239,7 @@ int ssh_server_curve25519_init(ssh_session session, ssh_buffer packet){ session->next_crypto->curve25519_server_pubkey, CURVE25519_PUBKEY_SIZE); - rc = ssh_buffer_add_ssh_string(session->out_buffer, q_s_string); + rc = buffer_add_ssh_string(session->out_buffer, q_s_string); ssh_string_free(q_s_string); if (rc < 0) { ssh_set_error_oom(session); @@ -252,7 +252,7 @@ int ssh_server_curve25519_init(ssh_session session, ssh_buffer packet){ goto error; } - rc = ssh_buffer_add_ssh_string(session->out_buffer, sig_blob); + rc = buffer_add_ssh_string(session->out_buffer, sig_blob); ssh_string_free(sig_blob); if (rc < 0) { ssh_set_error_oom(session); @@ -260,19 +260,19 @@ int ssh_server_curve25519_init(ssh_session session, ssh_buffer packet){ } SSH_LOG(SSH_LOG_PROTOCOL, "SSH_MSG_KEX_ECDH_REPLY sent"); - rc = ssh_packet_send(session); + rc = packet_send(session); if (rc == SSH_ERROR) { return SSH_ERROR; } /* Send the MSG_NEWKEYS */ - rc = ssh_buffer_add_u8(session->out_buffer, SSH2_MSG_NEWKEYS); + rc = buffer_add_u8(session->out_buffer, SSH2_MSG_NEWKEYS); if (rc < 0) { goto error; } session->dh_handshake_state = DH_STATE_NEWKEYS_SENT; - rc = ssh_packet_send(session); + rc = packet_send(session); SSH_LOG(SSH_LOG_PROTOCOL, "SSH_MSG_NEWKEYS sent"); return rc; diff --git a/external/libssh-win-static/src/dh.c b/external/libssh-win-static/src/dh.c index c54bb9f..d27b66e 100644 --- a/external/libssh-win-static/src/dh.c +++ b/external/libssh-win-static/src/dh.c @@ -226,7 +226,7 @@ void ssh_crypto_finalize(void) { } } -int ssh_dh_generate_x(ssh_session session) { +int dh_generate_x(ssh_session session) { int keysize; if (session->next_crypto->kex_type == SSH_KEX_DH_GROUP1_SHA1) { keysize = 1023; @@ -253,7 +253,7 @@ int ssh_dh_generate_x(ssh_session session) { } /* used by server */ -int ssh_dh_generate_y(ssh_session session) { +int dh_generate_y(ssh_session session) { int keysize; if (session->next_crypto->kex_type == SSH_KEX_DH_GROUP1_SHA1) { keysize = 1023; @@ -280,7 +280,7 @@ int ssh_dh_generate_y(ssh_session session) { } /* used by server */ -int ssh_dh_generate_e(ssh_session session) { +int dh_generate_e(ssh_session session) { #ifdef HAVE_LIBCRYPTO bignum_CTX ctx = bignum_ctx_new(); if (ctx == NULL) { @@ -315,7 +315,7 @@ int ssh_dh_generate_e(ssh_session session) { return 0; } -int ssh_dh_generate_f(ssh_session session) { +int dh_generate_f(ssh_session session) { #ifdef HAVE_LIBCRYPTO bignum_CTX ctx = bignum_ctx_new(); if (ctx == NULL) { @@ -350,21 +350,21 @@ int ssh_dh_generate_f(ssh_session session) { return 0; } -ssh_string ssh_dh_get_e(ssh_session session) { - return ssh_make_bignum_string(session->next_crypto->e); +ssh_string dh_get_e(ssh_session session) { + return make_bignum_string(session->next_crypto->e); } /* used by server */ -ssh_string ssh_dh_get_f(ssh_session session) { - return ssh_make_bignum_string(session->next_crypto->f); +ssh_string dh_get_f(ssh_session session) { + return make_bignum_string(session->next_crypto->f); } -void ssh_dh_import_pubkey(ssh_session session, ssh_string pubkey_string) { +void dh_import_pubkey(ssh_session session, ssh_string pubkey_string) { session->next_crypto->server_pubkey = pubkey_string; } -int ssh_dh_import_f(ssh_session session, ssh_string f_string) { - session->next_crypto->f = ssh_make_string_bn(f_string); +int dh_import_f(ssh_session session, ssh_string f_string) { + session->next_crypto->f = make_string_bn(f_string); if (session->next_crypto->f == NULL) { return -1; } @@ -377,8 +377,8 @@ int ssh_dh_import_f(ssh_session session, ssh_string f_string) { } /* used by the server implementation */ -int ssh_dh_import_e(ssh_session session, ssh_string e_string) { - session->next_crypto->e = ssh_make_string_bn(e_string); +int dh_import_e(ssh_session session, ssh_string e_string) { + session->next_crypto->e = make_string_bn(e_string); if (session->next_crypto->e == NULL) { return -1; } @@ -390,7 +390,7 @@ int ssh_dh_import_e(ssh_session session, ssh_string e_string) { return 0; } -int ssh_dh_build_k(ssh_session session) { +int dh_build_k(ssh_session session) { #ifdef HAVE_LIBCRYPTO bignum_CTX ctx = bignum_ctx_new(); if (ctx == NULL) { @@ -447,14 +447,14 @@ int ssh_client_dh_init(ssh_session session){ ssh_string e = NULL; int rc; - if (ssh_dh_generate_x(session) < 0) { + if (dh_generate_x(session) < 0) { goto error; } - if (ssh_dh_generate_e(session) < 0) { + if (dh_generate_e(session) < 0) { goto error; } - e = ssh_dh_get_e(session); + e = dh_get_e(session); if (e == NULL) { goto error; } @@ -468,7 +468,7 @@ int ssh_client_dh_init(ssh_session session){ ssh_string_free(e); e=NULL; - rc = ssh_packet_send(session); + rc = packet_send(session); return rc; error: if(e != NULL){ @@ -484,19 +484,19 @@ int ssh_client_dh_reply(ssh_session session, ssh_buffer packet){ ssh_string pubkey = NULL; ssh_string signature = NULL; int rc; - pubkey = ssh_buffer_get_ssh_string(packet); + pubkey = buffer_get_ssh_string(packet); if (pubkey == NULL){ ssh_set_error(session,SSH_FATAL, "No public key in packet"); goto error; } - ssh_dh_import_pubkey(session, pubkey); + dh_import_pubkey(session, pubkey); - f = ssh_buffer_get_ssh_string(packet); + f = buffer_get_ssh_string(packet); if (f == NULL) { ssh_set_error(session,SSH_FATAL, "No F number in packet"); goto error; } - rc = ssh_dh_import_f(session, f); + rc = dh_import_f(session, f); ssh_string_burn(f); ssh_string_free(f); if (rc < 0) { @@ -504,31 +504,31 @@ int ssh_client_dh_reply(ssh_session session, ssh_buffer packet){ goto error; } - signature = ssh_buffer_get_ssh_string(packet); + signature = buffer_get_ssh_string(packet); if (signature == NULL) { ssh_set_error(session, SSH_FATAL, "No signature in packet"); goto error; } session->next_crypto->dh_server_signature = signature; signature=NULL; /* ownership changed */ - if (ssh_dh_build_k(session) < 0) { + if (dh_build_k(session) < 0) { ssh_set_error(session, SSH_FATAL, "Cannot build k number"); goto error; } /* Send the MSG_NEWKEYS */ - if (ssh_buffer_add_u8(session->out_buffer, SSH2_MSG_NEWKEYS) < 0) { + if (buffer_add_u8(session->out_buffer, SSH2_MSG_NEWKEYS) < 0) { goto error; } - rc=ssh_packet_send(session); + rc=packet_send(session); SSH_LOG(SSH_LOG_PROTOCOL, "SSH_MSG_NEWKEYS sent"); return rc; error: return SSH_ERROR; } -int ssh_make_sessionid(ssh_session session) { +int make_sessionid(ssh_session session) { ssh_string num = NULL; ssh_buffer server_hash = NULL; ssh_buffer client_hash = NULL; @@ -562,22 +562,22 @@ int ssh_make_sessionid(ssh_session session) { * boolean first_kex_packet_follows * uint32 0 (reserved for future extension) */ - rc = ssh_buffer_add_u8(server_hash, 0); + rc = buffer_add_u8(server_hash, 0); if (rc < 0) { goto error; } - rc = ssh_buffer_add_u32(server_hash, 0); + rc = buffer_add_u32(server_hash, 0); if (rc < 0) { goto error; } /* These fields are handled for the server case in ssh_packet_kexinit. */ if (session->client) { - rc = ssh_buffer_add_u8(client_hash, 0); + rc = buffer_add_u8(client_hash, 0); if (rc < 0) { goto error; } - rc = ssh_buffer_add_u32(client_hash, 0); + rc = buffer_add_u32(client_hash, 0); if (rc < 0) { goto error; } @@ -585,12 +585,12 @@ int ssh_make_sessionid(ssh_session session) { rc = ssh_buffer_pack(buf, "dPdPS", - ssh_buffer_get_len(client_hash), - ssh_buffer_get_len(client_hash), - ssh_buffer_get(client_hash), - ssh_buffer_get_len(server_hash), - ssh_buffer_get_len(server_hash), - ssh_buffer_get(server_hash), + buffer_get_rest_len(client_hash), + buffer_get_rest_len(client_hash), + buffer_get_rest(client_hash), + buffer_get_rest_len(server_hash), + buffer_get_rest_len(server_hash), + buffer_get_rest(server_hash), session->next_crypto->server_pubkey); if(rc != SSH_OK){ @@ -642,7 +642,7 @@ int ssh_make_sessionid(ssh_session session) { } #ifdef DEBUG_CRYPTO - ssh_print_hexa("hash buffer", ssh_buffer_get(buf), ssh_buffer_get_len(buf)); + ssh_print_hexa("hash buffer", ssh_buffer_get_begin(buf), ssh_buffer_get_len(buf)); #endif switch (session->next_crypto->kex_type) { @@ -655,7 +655,7 @@ int ssh_make_sessionid(ssh_session session) { ssh_set_error_oom(session); goto error; } - sha1(ssh_buffer_get(buf), ssh_buffer_get_len(buf), + sha1(buffer_get_rest(buf), buffer_get_rest_len(buf), session->next_crypto->secret_hash); break; case SSH_KEX_ECDH_SHA2_NISTP256: @@ -667,7 +667,7 @@ int ssh_make_sessionid(ssh_session session) { ssh_set_error_oom(session); goto error; } - sha256(ssh_buffer_get(buf), ssh_buffer_get_len(buf), + sha256(buffer_get_rest(buf), buffer_get_rest_len(buf), session->next_crypto->secret_hash); break; } @@ -704,13 +704,13 @@ error: return rc; } -int ssh_hashbufout_add_cookie(ssh_session session) { +int hashbufout_add_cookie(ssh_session session) { session->out_hashbuf = ssh_buffer_new(); if (session->out_hashbuf == NULL) { return -1; } - if (ssh_buffer_add_u8(session->out_hashbuf, 20) < 0) { + if (buffer_add_u8(session->out_hashbuf, 20) < 0) { ssh_buffer_reinit(session->out_hashbuf); return -1; } @@ -732,13 +732,13 @@ int ssh_hashbufout_add_cookie(ssh_session session) { return 0; } -int ssh_hashbufin_add_cookie(ssh_session session, unsigned char *cookie) { +int hashbufin_add_cookie(ssh_session session, unsigned char *cookie) { session->in_hashbuf = ssh_buffer_new(); if (session->in_hashbuf == NULL) { return -1; } - if (ssh_buffer_add_u8(session->in_hashbuf, 20) < 0) { + if (buffer_add_u8(session->in_hashbuf, 20) < 0) { ssh_buffer_reinit(session->in_hashbuf); return -1; } @@ -789,12 +789,12 @@ static int generate_one_key(ssh_string k, return 0; } -int ssh_generate_session_keys(ssh_session session) { +int generate_session_keys(ssh_session session) { ssh_string k_string = NULL; struct ssh_crypto_struct *crypto = session->next_crypto; int rc = -1; - k_string = ssh_make_bignum_string(crypto->k); + k_string = make_bignum_string(crypto->k); if (k_string == NULL) { ssh_set_error_oom(session); goto error; @@ -961,7 +961,7 @@ void ssh_clean_pubkey_hash(unsigned char **hash) { * * @see ssh_key_free() */ -int ssh_get_server_publickey(ssh_session session, ssh_key *key) +int ssh_get_publickey(ssh_session session, ssh_key *key) { if (session==NULL || session->current_crypto ==NULL || @@ -973,14 +973,6 @@ int ssh_get_server_publickey(ssh_session session, ssh_key *key) key); } -/** - * @deprecated Use ssh_get_server_publickey() - */ -int ssh_get_publickey(ssh_session session, ssh_key *key) -{ - return ssh_get_server_publickey(session, key); -} - /** * @brief Allocates a buffer with the hash of the public key. * @@ -1134,7 +1126,7 @@ void ssh_print_hexa(const char *descr, const unsigned char *what, size_t len) { if (hexa == NULL) { return; } - fprintf(stderr, "%s: %s\n", descr, hexa); + printf("%s: %s\n", descr, hexa); free(hexa); } diff --git a/external/libssh-win-static/src/ecdh.c b/external/libssh-win-static/src/ecdh.c index 4dbb7b5..e6310b4 100644 --- a/external/libssh-win-static/src/ecdh.c +++ b/external/libssh-win-static/src/ecdh.c @@ -47,7 +47,7 @@ int ssh_client_ecdh_init(ssh_session session){ int rc; bignum_CTX ctx = BN_CTX_new(); - rc = ssh_buffer_add_u8(session->out_buffer, SSH2_MSG_KEX_ECDH_INIT); + rc = buffer_add_u8(session->out_buffer, SSH2_MSG_KEX_ECDH_INIT); if (rc < 0) { BN_CTX_free(ctx); return SSH_ERROR; @@ -77,7 +77,7 @@ int ssh_client_ecdh_init(ssh_session session){ ssh_string_data(client_pubkey),len,ctx); BN_CTX_free(ctx); - rc = ssh_buffer_add_ssh_string(session->out_buffer,client_pubkey); + rc = buffer_add_ssh_string(session->out_buffer,client_pubkey); if (rc < 0) { EC_KEY_free(key); ssh_string_free(client_pubkey); @@ -87,7 +87,7 @@ int ssh_client_ecdh_init(ssh_session session){ session->next_crypto->ecdh_privkey = key; session->next_crypto->ecdh_client_pubkey = client_pubkey; - rc = ssh_packet_send(session); + rc = packet_send(session); return rc; } @@ -181,20 +181,20 @@ int ssh_client_ecdh_reply(ssh_session session, ssh_buffer packet){ ssh_string pubkey = NULL; ssh_string signature = NULL; int rc; - pubkey = ssh_buffer_get_ssh_string(packet); + pubkey = buffer_get_ssh_string(packet); if (pubkey == NULL){ ssh_set_error(session,SSH_FATAL, "No public key in packet"); goto error; } ecdh_import_pubkey(session, pubkey); - q_s_string = ssh_buffer_get_ssh_string(packet); + q_s_string = buffer_get_ssh_string(packet); if (q_s_string == NULL) { ssh_set_error(session,SSH_FATAL, "No Q_S ECC point in packet"); goto error; } session->next_crypto->ecdh_server_pubkey = q_s_string; - signature = ssh_buffer_get_ssh_string(packet); + signature = buffer_get_ssh_string(packet); if (signature == NULL) { ssh_set_error(session, SSH_FATAL, "No signature in packet"); goto error; @@ -208,11 +208,11 @@ int ssh_client_ecdh_reply(ssh_session session, ssh_buffer packet){ } /* Send the MSG_NEWKEYS */ - if (ssh_buffer_add_u8(session->out_buffer, SSH2_MSG_NEWKEYS) < 0) { + if (buffer_add_u8(session->out_buffer, SSH2_MSG_NEWKEYS) < 0) { goto error; } - rc=ssh_packet_send(session); + rc=packet_send(session); SSH_LOG(SSH_LOG_PROTOCOL, "SSH_MSG_NEWKEYS sent"); return rc; error: @@ -240,7 +240,7 @@ int ssh_server_ecdh_init(ssh_session session, ssh_buffer packet){ int rc; /* Extract the client pubkey from the init packet */ - q_c_string = ssh_buffer_get_ssh_string(packet); + q_c_string = buffer_get_ssh_string(packet); if (q_c_string == NULL) { ssh_set_error(session,SSH_FATAL, "No Q_C ECC point in packet"); return SSH_ERROR; @@ -299,7 +299,7 @@ int ssh_server_ecdh_init(ssh_session session, ssh_buffer packet){ return SSH_ERROR; } - rc = ssh_make_sessionid(session); + rc = make_sessionid(session); if (rc != SSH_OK) { ssh_set_error(session, SSH_FATAL, "Could not create a session id"); return SSH_ERROR; @@ -326,19 +326,19 @@ int ssh_server_ecdh_init(ssh_session session, ssh_buffer packet){ } SSH_LOG(SSH_LOG_PROTOCOL, "SSH_MSG_KEXDH_REPLY sent"); - rc = ssh_packet_send(session); + rc = packet_send(session); if (rc == SSH_ERROR) { return SSH_ERROR; } /* Send the MSG_NEWKEYS */ - rc = ssh_buffer_add_u8(session->out_buffer, SSH2_MSG_NEWKEYS); + rc = buffer_add_u8(session->out_buffer, SSH2_MSG_NEWKEYS); if (rc < 0) { return SSH_ERROR;; } session->dh_handshake_state = DH_STATE_NEWKEYS_SENT; - rc = ssh_packet_send(session); + rc = packet_send(session); SSH_LOG(SSH_LOG_PROTOCOL, "SSH_MSG_NEWKEYS sent"); return rc; diff --git a/external/libssh-win-static/src/external/bcrypt_pbkdf.c b/external/libssh-win-static/src/external/bcrypt_pbkdf.c index 00314c2..4cca9d8 100644 --- a/external/libssh-win-static/src/external/bcrypt_pbkdf.c +++ b/external/libssh-win-static/src/external/bcrypt_pbkdf.c @@ -63,7 +63,7 @@ static void bcrypt_hash(uint8_t *sha2pass, uint8_t *sha2salt, uint8_t *out) { - ssh_blf_ctx state; + blf_ctx state; uint8_t ciphertext[BCRYPT_HASHSIZE] = "OxychromaticBlowfishSwatDynamite"; uint32_t cdata[BCRYPT_BLOCKS]; @@ -85,7 +85,7 @@ bcrypt_hash(uint8_t *sha2pass, uint8_t *sha2salt, uint8_t *out) cdata[i] = Blowfish_stream2word(ciphertext, sizeof(ciphertext), &j); for (i = 0; i < 64; i++) - ssh_blf_enc(&state, cdata, sizeof(cdata) / sizeof(uint64_t)); + blf_enc(&state, cdata, sizeof(cdata) / sizeof(uint64_t)); /* copy out */ for (i = 0; i < BCRYPT_BLOCKS; i++) { diff --git a/external/libssh-win-static/src/external/blowfish.c b/external/libssh-win-static/src/external/blowfish.c index 4008a9c..99f9cc3 100644 --- a/external/libssh-win-static/src/external/blowfish.c +++ b/external/libssh-win-static/src/external/blowfish.c @@ -70,7 +70,7 @@ #define BLFRND(s,p,i,j,n) (i ^= F(s,j) ^ (p)[n]) void -Blowfish_encipher(ssh_blf_ctx *c, uint32_t *xl, uint32_t *xr) +Blowfish_encipher(blf_ctx *c, uint32_t *xl, uint32_t *xr) { uint32_t Xl; uint32_t Xr; @@ -95,7 +95,7 @@ Blowfish_encipher(ssh_blf_ctx *c, uint32_t *xl, uint32_t *xr) } void -Blowfish_decipher(ssh_blf_ctx *c, uint32_t *xl, uint32_t *xr) +Blowfish_decipher(blf_ctx *c, uint32_t *xl, uint32_t *xr) { uint32_t Xl; uint32_t Xr; @@ -120,11 +120,11 @@ Blowfish_decipher(ssh_blf_ctx *c, uint32_t *xl, uint32_t *xr) } void -Blowfish_initstate(ssh_blf_ctx *c) +Blowfish_initstate(blf_ctx *c) { /* P-box and S-box tables initialized with digits of Pi */ - static const ssh_blf_ctx initstate = + static const blf_ctx initstate = { { { 0xd1310ba6, 0x98dfb5ac, 0x2ffd72db, 0xd01adfb7, @@ -420,7 +420,7 @@ Blowfish_stream2word(const uint8_t *data, uint16_t databytes, } void -Blowfish_expand0state(ssh_blf_ctx *c, const uint8_t *key, uint16_t keybytes) +Blowfish_expand0state(blf_ctx *c, const uint8_t *key, uint16_t keybytes) { uint16_t i; uint16_t j; @@ -458,7 +458,7 @@ Blowfish_expand0state(ssh_blf_ctx *c, const uint8_t *key, uint16_t keybytes) void -Blowfish_expandstate(ssh_blf_ctx *c, const uint8_t *data, uint16_t databytes, +Blowfish_expandstate(blf_ctx *c, const uint8_t *data, uint16_t databytes, const uint8_t *key, uint16_t keybytes) { uint16_t i; @@ -501,7 +501,7 @@ Blowfish_expandstate(ssh_blf_ctx *c, const uint8_t *data, uint16_t databytes, } void -ssh_blf_key(ssh_blf_ctx *c, const uint8_t *k, uint16_t len) +blf_key(blf_ctx *c, const uint8_t *k, uint16_t len) { /* Initialize S-boxes and subkeys with Pi */ Blowfish_initstate(c); @@ -511,7 +511,7 @@ ssh_blf_key(ssh_blf_ctx *c, const uint8_t *k, uint16_t len) } void -ssh_blf_enc(ssh_blf_ctx *c, uint32_t *data, uint16_t blocks) +blf_enc(blf_ctx *c, uint32_t *data, uint16_t blocks) { uint32_t *d; uint16_t i; @@ -524,7 +524,7 @@ ssh_blf_enc(ssh_blf_ctx *c, uint32_t *data, uint16_t blocks) } void -ssh_blf_dec(ssh_blf_ctx *c, uint32_t *data, uint16_t blocks) +blf_dec(blf_ctx *c, uint32_t *data, uint16_t blocks) { uint32_t *d; uint16_t i; @@ -537,7 +537,7 @@ ssh_blf_dec(ssh_blf_ctx *c, uint32_t *data, uint16_t blocks) } void -ssh_blf_ecb_encrypt(ssh_blf_ctx *c, uint8_t *data, uint32_t len) +blf_ecb_encrypt(blf_ctx *c, uint8_t *data, uint32_t len) { uint32_t l, r; uint32_t i; @@ -559,7 +559,7 @@ ssh_blf_ecb_encrypt(ssh_blf_ctx *c, uint8_t *data, uint32_t len) } void -ssh_blf_ecb_decrypt(ssh_blf_ctx *c, uint8_t *data, uint32_t len) +blf_ecb_decrypt(blf_ctx *c, uint8_t *data, uint32_t len) { uint32_t l, r; uint32_t i; @@ -581,7 +581,7 @@ ssh_blf_ecb_decrypt(ssh_blf_ctx *c, uint8_t *data, uint32_t len) } void -ssh_blf_cbc_encrypt(ssh_blf_ctx *c, uint8_t *iv, uint8_t *data, uint32_t len) +blf_cbc_encrypt(blf_ctx *c, uint8_t *iv, uint8_t *data, uint32_t len) { uint32_t l, r; uint32_t i, j; @@ -606,7 +606,7 @@ ssh_blf_cbc_encrypt(ssh_blf_ctx *c, uint8_t *iv, uint8_t *data, uint32_t len) } void -ssh_blf_cbc_decrypt(ssh_blf_ctx *c, uint8_t *iva, uint8_t *data, uint32_t len) +blf_cbc_decrypt(blf_ctx *c, uint8_t *iva, uint8_t *data, uint32_t len) { uint32_t l, r; uint8_t *iv; @@ -659,7 +659,7 @@ void main(void) { - ssh_blf_ctx c; + blf_ctx c; char key[] = "AAAAA"; char key2[] = "abcdefghijklmnopqrstuvwxyz"; @@ -673,19 +673,19 @@ main(void) for (i = 0; i < 10; i++) data[i] = i; - ssh_blf_key(&c, (uint8_t *) key, 5); - ssh_blf_enc(&c, data, 5); - ssh_blf_dec(&c, data, 1); - ssh_blf_dec(&c, data + 2, 4); + blf_key(&c, (uint8_t *) key, 5); + blf_enc(&c, data, 5); + blf_dec(&c, data, 1); + blf_dec(&c, data + 2, 4); printf("Should read as 0 - 9.\n"); report(data, 10); /* Second test */ - ssh_blf_key(&c, (uint8_t *) key2, strlen(key2)); - ssh_blf_enc(&c, data2, 1); + blf_key(&c, (uint8_t *) key2, strlen(key2)); + blf_enc(&c, data2, 1); printf("\nShould read as: 0x324ed0fe 0xf413a203.\n"); report(data2, 2); - ssh_blf_dec(&c, data2, 1); + blf_dec(&c, data2, 1); report(data2, 2); } #endif diff --git a/external/libssh-win-static/src/external/curve25519_ref.c b/external/libssh-win-static/src/external/curve25519_ref.c index 2849560..6ffb14a 100644 --- a/external/libssh-win-static/src/external/curve25519_ref.c +++ b/external/libssh-win-static/src/external/curve25519_ref.c @@ -5,10 +5,6 @@ Public domain. Derived from public domain code by D. J. Bernstein. */ -#ifdef _MSC_VER -#pragma warning(disable:4146) -#endif - #include "libssh/curve25519.h" static const unsigned char base[32] = {9}; diff --git a/external/libssh-win-static/src/external/fe25519.c b/external/libssh-win-static/src/external/fe25519.c index e63df74..db31f65 100644 --- a/external/libssh-win-static/src/external/fe25519.c +++ b/external/libssh-win-static/src/external/fe25519.c @@ -4,11 +4,6 @@ * Copied from supercop-20130419/crypto_sign/ed25519/ref/fe25519.c */ -#ifdef _MSC_VER -#pragma warning(disable:4146) -#endif - - #define WINDOWSIZE 1 /* Should be 1,2, or 4 */ #define WINDOWMASK ((1<out_buffer, SSH2_MSG_USERAUTH_GSSAPI_RESPONSE) < 0 || - ssh_buffer_add_ssh_string(session->out_buffer,oid) < 0) { + if (buffer_add_u8(session->out_buffer, SSH2_MSG_USERAUTH_GSSAPI_RESPONSE) < 0 || + buffer_add_ssh_string(session->out_buffer,oid) < 0) { ssh_set_error_oom(session); return SSH_ERROR; } - ssh_packet_send(session); + packet_send(session); SSH_LOG(SSH_LOG_PACKET, "Sent SSH_MSG_USERAUTH_GSSAPI_RESPONSE"); return SSH_OK; @@ -129,11 +129,53 @@ static int ssh_gssapi_send_response(ssh_session session, ssh_string oid){ #endif /* WITH_SERVER */ -static void ssh_gssapi_log_error(int verb, const char *msg, int maj_stat){ - gss_buffer_desc buffer; - OM_uint32 dummy, message_context; - gss_display_status(&dummy,maj_stat,GSS_C_GSS_CODE, GSS_C_NO_OID, &message_context, &buffer); - SSH_LOG(verb, "GSSAPI(%s): %s", msg, (const char *)buffer.value); +static void ssh_gssapi_log_error(int verb, + const char *msg, + int maj_stat, + int min_stat) +{ + gss_buffer_desc msg_maj = { + .length = 0, + }; + gss_buffer_desc msg_min = { + .length = 0, + }; + OM_uint32 dummy_maj, dummy_min; + OM_uint32 message_context = 0; + + dummy_maj = gss_display_status(&dummy_min, + maj_stat, + GSS_C_GSS_CODE, + GSS_C_NO_OID, + &message_context, + &msg_maj); + if (dummy_maj != 0) { + goto out; + } + + dummy_maj = gss_display_status(&dummy_min, + min_stat, + GSS_C_MECH_CODE, + GSS_C_NO_OID, + &message_context, + &msg_min); + if (dummy_maj != 0) { + goto out; + } + + SSH_LOG(verb, + "GSSAPI(%s): %s - %s", + msg, + (const char *)msg_maj.value, + (const char *)msg_min.value); + +out: + if (msg_maj.value) { + dummy_maj = gss_release_buffer(&dummy_min, &msg_maj); + } + if (msg_min.value) { + dummy_maj = gss_release_buffer(&dummy_min, &msg_min); + } } #ifdef WITH_SERVER @@ -212,7 +254,10 @@ int ssh_gssapi_handle_userauth(ssh_session session, const char *user, uint32_t n (gss_OID) GSS_C_NT_HOSTBASED_SERVICE, &server_name); if (maj_stat != GSS_S_COMPLETE) { SSH_LOG(SSH_LOG_WARNING, "importing name %d, %d", maj_stat, min_stat); - ssh_gssapi_log_error(SSH_LOG_WARNING, "importing name", maj_stat); + ssh_gssapi_log_error(SSH_LOG_WARNING, + "importing name", + maj_stat, + min_stat); return -1; } @@ -224,7 +269,10 @@ int ssh_gssapi_handle_userauth(ssh_session session, const char *user, uint32_t n if (maj_stat != GSS_S_COMPLETE) { SSH_LOG(SSH_LOG_WARNING, "error acquiring credentials %d, %d", maj_stat, min_stat); - ssh_gssapi_log_error(SSH_LOG_WARNING, "acquiring creds", maj_stat); + ssh_gssapi_log_error(SSH_LOG_WARNING, + "acquiring creds", + maj_stat, + min_stat); ssh_auth_reply_default(session,0); return SSH_ERROR; } @@ -266,7 +314,10 @@ static char *ssh_gssapi_name_to_char(gss_name_t name){ OM_uint32 maj_stat, min_stat; char *ptr; maj_stat = gss_display_name(&min_stat, name, &buffer, NULL); - ssh_gssapi_log_error(SSH_LOG_WARNING, "converting name", maj_stat); + ssh_gssapi_log_error(SSH_LOG_WARNING, + "converting name", + maj_stat, + min_stat); ptr=malloc(buffer.length + 1); memcpy(ptr, buffer.value, buffer.length); ptr[buffer.length] = '\0'; @@ -293,7 +344,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_token_server){ ssh_set_error(session, SSH_FATAL, "Received SSH_MSG_USERAUTH_GSSAPI_TOKEN in invalid state"); return SSH_PACKET_USED; } - token = ssh_buffer_get_ssh_string(packet); + token = buffer_get_ssh_string(packet); if (token == NULL){ ssh_set_error(session, SSH_REQUEST_DENIED, "ssh_packet_userauth_gssapi_token: invalid packet"); @@ -319,7 +370,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_token_server){ ssh_set_error_oom(session); return SSH_PACKET_USED; } - ssh_packet_send(session); + packet_send(session); ssh_string_free(out_token); } else { session->gssapi->state = SSH_GSSAPI_STATE_RCV_MIC; @@ -335,14 +386,20 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_token_server){ maj_stat = gss_accept_sec_context(&min_stat, &session->gssapi->ctx, session->gssapi->server_creds, &input_token, input_bindings, &client_name, NULL /*mech_oid*/, &output_token, &ret_flags, NULL /*time*/, &session->gssapi->client_creds); - ssh_gssapi_log_error(SSH_LOG_PROTOCOL, "accepting token", maj_stat); + ssh_gssapi_log_error(SSH_LOG_PROTOCOL, + "accepting token", + maj_stat, + min_stat); ssh_string_free(token); if (client_name != GSS_C_NO_NAME){ session->gssapi->client_name = client_name; session->gssapi->canonic_user = ssh_gssapi_name_to_char(client_name); } if (GSS_ERROR(maj_stat)){ - ssh_gssapi_log_error(SSH_LOG_WARNING, "Gssapi error", maj_stat); + ssh_gssapi_log_error(SSH_LOG_WARNING, + "Gssapi error", + maj_stat, + min_stat); ssh_auth_reply_default(session,0); ssh_gssapi_free(session); session->gssapi=NULL; @@ -358,7 +415,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_token_server){ SSH2_MSG_USERAUTH_GSSAPI_TOKEN, output_token.length, (size_t)output_token.length, output_token.value); - ssh_packet_send(session); + packet_send(session); } if(maj_stat == GSS_S_COMPLETE){ session->gssapi->state = SSH_GSSAPI_STATE_RCV_MIC; @@ -409,7 +466,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_mic) (void)type; SSH_LOG(SSH_LOG_PACKET,"Received SSH_MSG_USERAUTH_GSSAPI_MIC"); - mic_token = ssh_buffer_get_ssh_string(packet); + mic_token = buffer_get_ssh_string(packet); if (mic_token == NULL) { ssh_set_error(session, SSH_FATAL, "Missing MIC in packet"); goto error; @@ -427,20 +484,22 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_mic) } if (ssh_callbacks_exists(session->server_callbacks, gssapi_verify_mic_function)){ int rc = session->server_callbacks->gssapi_verify_mic_function(session, mic_token, - ssh_buffer_get(mic_buffer), ssh_buffer_get_len(mic_buffer), + ssh_buffer_get_begin(mic_buffer), ssh_buffer_get_len(mic_buffer), session->server_callbacks->userdata); if (rc != SSH_OK) { goto error; } } else { mic_buf.length = ssh_buffer_get_len(mic_buffer); - mic_buf.value = ssh_buffer_get(mic_buffer); + mic_buf.value = ssh_buffer_get_begin(mic_buffer); mic_token_buf.length = ssh_string_len(mic_token); mic_token_buf.value = ssh_string_data(mic_token); maj_stat = gss_verify_mic(&min_stat, session->gssapi->ctx, &mic_buf, &mic_token_buf, NULL); - ssh_gssapi_log_error(SSH_LOG_PROTOCOL, "verifying MIC", maj_stat); - ssh_gssapi_log_error(SSH_LOG_PROTOCOL, "verifying MIC (min stat)", min_stat); + ssh_gssapi_log_error(SSH_LOG_PROTOCOL, + "verifying MIC", + maj_stat, + min_stat); if (maj_stat == GSS_S_DEFECTIVE_TOKEN || GSS_ERROR(maj_stat)) { goto error; } @@ -533,14 +592,14 @@ static int ssh_gssapi_send_auth_mic(ssh_session session, ssh_string *oid_set, in } for (i=0; iout_buffer, oid_set[i]); + rc = buffer_add_ssh_string(session->out_buffer, oid_set[i]); if (rc < 0) { goto fail; } } session->auth_state = SSH_AUTH_STATE_GSSAPI_REQUEST_SENT; - return ssh_packet_send(session); + return packet_send(session); fail: ssh_buffer_reinit(session->out_buffer); return SSH_ERROR; @@ -653,8 +712,11 @@ int ssh_gssapi_auth_mic(ssh_session session){ &session->gssapi->client.server_name); if (maj_stat != GSS_S_COMPLETE) { SSH_LOG(SSH_LOG_WARNING, "importing name %d, %d", maj_stat, min_stat); - ssh_gssapi_log_error(SSH_LOG_WARNING, "importing name", maj_stat); - return SSH_PACKET_USED; + ssh_gssapi_log_error(SSH_LOG_WARNING, + "importing name", + maj_stat, + min_stat); + return SSH_AUTH_DENIED; } /* copy username */ @@ -732,7 +794,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_response){ ssh_set_error(session, SSH_FATAL, "Invalid state in ssh_packet_userauth_gssapi_response"); return SSH_PACKET_USED; } - oid_s = ssh_buffer_get_ssh_string(packet); + oid_s = buffer_get_ssh_string(packet); if (!oid_s){ ssh_set_error(session, SSH_FATAL, "Missing OID"); return SSH_PACKET_USED; @@ -759,7 +821,10 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_response){ 0, NULL, &input_token, NULL, &output_token, NULL, NULL); if(GSS_ERROR(maj_stat)){ - ssh_gssapi_log_error(SSH_LOG_WARNING, "Initializing gssapi context", maj_stat); + ssh_gssapi_log_error(SSH_LOG_WARNING, + "Initializing gssapi context", + maj_stat, + min_stat); return SSH_PACKET_USED; } if (output_token.length != 0){ @@ -771,7 +836,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_response){ SSH2_MSG_USERAUTH_GSSAPI_TOKEN, output_token.length, (size_t)output_token.length, output_token.value); - ssh_packet_send(session); + packet_send(session); session->auth_state = SSH_AUTH_STATE_GSSAPI_TOKEN; } return SSH_PACKET_USED; @@ -792,12 +857,15 @@ static int ssh_gssapi_send_mic(ssh_session session){ return SSH_ERROR; } mic_buf.length = ssh_buffer_get_len(mic_buffer); - mic_buf.value = ssh_buffer_get(mic_buffer); + mic_buf.value = ssh_buffer_get_begin(mic_buffer); maj_stat = gss_get_mic(&min_stat,session->gssapi->ctx, GSS_C_QOP_DEFAULT, &mic_buf, &mic_token_buf); if (GSS_ERROR(maj_stat)){ ssh_buffer_free(mic_buffer); - ssh_gssapi_log_error(SSH_LOG_PROTOCOL, "generating MIC", maj_stat); + ssh_gssapi_log_error(SSH_LOG_PROTOCOL, + "generating MIC", + maj_stat, + min_stat); return SSH_ERROR; } @@ -812,7 +880,7 @@ static int ssh_gssapi_send_mic(ssh_session session){ return SSH_ERROR; } - return ssh_packet_send(session); + return packet_send(session); } SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_token_client){ @@ -828,7 +896,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_token_client){ ssh_set_error(session, SSH_FATAL, "Received SSH_MSG_USERAUTH_GSSAPI_TOKEN in invalid state"); return SSH_PACKET_USED; } - token = ssh_buffer_get_ssh_string(packet); + token = buffer_get_ssh_string(packet); if (token == NULL){ ssh_set_error(session, SSH_REQUEST_DENIED, "ssh_packet_userauth_gssapi_token: invalid packet"); @@ -848,10 +916,16 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_token_client){ 0, NULL, &input_token, NULL, &output_token, NULL, NULL); - ssh_gssapi_log_error(SSH_LOG_PROTOCOL, "accepting token", maj_stat); + ssh_gssapi_log_error(SSH_LOG_PROTOCOL, + "accepting token", + maj_stat, + min_stat); ssh_string_free(token); if (GSS_ERROR(maj_stat)){ - ssh_gssapi_log_error(SSH_LOG_PROTOCOL, "Gssapi error", maj_stat); + ssh_gssapi_log_error(SSH_LOG_PROTOCOL, + "Gssapi error", + maj_stat, + min_stat); ssh_gssapi_free(session); session->gssapi=NULL; return SSH_PACKET_USED; @@ -866,7 +940,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_token_client){ SSH2_MSG_USERAUTH_GSSAPI_TOKEN, output_token.length, (size_t)output_token.length, output_token.value); - ssh_packet_send(session); + packet_send(session); } if(maj_stat == GSS_S_COMPLETE){ session->auth_state = SSH_AUTH_STATE_NONE; diff --git a/external/libssh-win-static/src/gzip.c b/external/libssh-win-static/src/gzip.c index 73cc331..ca190bc 100644 --- a/external/libssh-win-static/src/gzip.c +++ b/external/libssh-win-static/src/gzip.c @@ -58,8 +58,8 @@ static z_stream *initcompress(ssh_session session, int level) { static ssh_buffer gzip_compress(ssh_session session,ssh_buffer source,int level){ z_stream *zout = session->current_crypto->compress_out_ctx; - void *in_ptr = ssh_buffer_get(source); - unsigned long in_size = ssh_buffer_get_len(source); + void *in_ptr = buffer_get_rest(source); + unsigned long in_size = buffer_get_rest_len(source); ssh_buffer dest = NULL; unsigned char out_buf[BLOCKSIZE] = {0}; unsigned long len; @@ -113,7 +113,7 @@ int compress_buffer(ssh_session session, ssh_buffer buf) { return -1; } - if (ssh_buffer_add_data(buf, ssh_buffer_get(dest), ssh_buffer_get_len(dest)) < 0) { + if (ssh_buffer_add_data(buf, buffer_get_rest(dest), buffer_get_rest_len(dest)) < 0) { ssh_buffer_free(dest); return -1; } @@ -147,8 +147,8 @@ static z_stream *initdecompress(ssh_session session) { static ssh_buffer gzip_decompress(ssh_session session, ssh_buffer source, size_t maxlen) { z_stream *zin = session->current_crypto->compress_in_ctx; - void *in_ptr = ssh_buffer_get(source); - unsigned long in_size = ssh_buffer_get_len(source); + void *in_ptr = buffer_get_rest(source); + unsigned long in_size = buffer_get_rest_len(source); unsigned char out_buf[BLOCKSIZE] = {0}; ssh_buffer dest = NULL; unsigned long len; @@ -185,7 +185,7 @@ static ssh_buffer gzip_decompress(ssh_session session, ssh_buffer source, size_t ssh_buffer_free(dest); return NULL; } - if (ssh_buffer_get_len(dest) > maxlen){ + if (buffer_get_rest_len(dest) > maxlen){ /* Size of packet exceeded, avoid a denial of service attack */ ssh_buffer_free(dest); return NULL; @@ -209,7 +209,7 @@ int decompress_buffer(ssh_session session,ssh_buffer buf, size_t maxlen){ return -1; } - if (ssh_buffer_add_data(buf, ssh_buffer_get(dest), ssh_buffer_get_len(dest)) < 0) { + if (ssh_buffer_add_data(buf, buffer_get_rest(dest), buffer_get_rest_len(dest)) < 0) { ssh_buffer_free(dest); return -1; } diff --git a/external/libssh-win-static/src/kex.c b/external/libssh-win-static/src/kex.c index f34728c..519d79c 100644 --- a/external/libssh-win-static/src/kex.c +++ b/external/libssh-win-static/src/kex.c @@ -172,7 +172,7 @@ static char **tokenize(const char *chain){ /* same as tokenize(), but with spaces instead of ',' */ /* TODO FIXME rewrite me! */ -char **ssh_space_tokenize(const char *chain){ +char **space_tokenize(const char *chain){ char **tokens; int n=1; int i=0; @@ -346,25 +346,25 @@ SSH_PACKET_CALLBACK(ssh_packet_kexinit){ } if (server_kex) { - rc = ssh_buffer_get_data(packet,session->next_crypto->client_kex.cookie, 16); + rc = buffer_get_data(packet,session->next_crypto->client_kex.cookie, 16); if (rc != 16) { ssh_set_error(session, SSH_FATAL, "ssh_packet_kexinit: no cookie in packet"); goto error; } - rc = ssh_hashbufin_add_cookie(session, session->next_crypto->client_kex.cookie); + rc = hashbufin_add_cookie(session, session->next_crypto->client_kex.cookie); if (rc < 0) { ssh_set_error(session, SSH_FATAL, "ssh_packet_kexinit: adding cookie failed"); goto error; } } else { - rc = ssh_buffer_get_data(packet,session->next_crypto->server_kex.cookie, 16); + rc = buffer_get_data(packet,session->next_crypto->server_kex.cookie, 16); if (rc != 16) { ssh_set_error(session, SSH_FATAL, "ssh_packet_kexinit: no cookie in packet"); goto error; } - rc = ssh_hashbufin_add_cookie(session, session->next_crypto->server_kex.cookie); + rc = hashbufin_add_cookie(session, session->next_crypto->server_kex.cookie); if (rc < 0) { ssh_set_error(session, SSH_FATAL, "ssh_packet_kexinit: adding cookie failed"); goto error; @@ -372,12 +372,12 @@ SSH_PACKET_CALLBACK(ssh_packet_kexinit){ } for (i = 0; i < KEX_METHODS_SIZE; i++) { - str = ssh_buffer_get_ssh_string(packet); + str = buffer_get_ssh_string(packet); if (str == NULL) { goto error; } - rc = ssh_buffer_add_ssh_string(session->in_hashbuf, str); + rc = buffer_add_ssh_string(session->in_hashbuf, str); if (rc < 0) { ssh_set_error(session, SSH_FATAL, "Error adding string in hash buffer"); goto error; @@ -414,17 +414,17 @@ SSH_PACKET_CALLBACK(ssh_packet_kexinit){ * 'make_sessionid'). */ if (server_kex) { - rc = ssh_buffer_get_u8(packet, &first_kex_packet_follows); + rc = buffer_get_u8(packet, &first_kex_packet_follows); if (rc != 1) { goto error; } - rc = ssh_buffer_add_u8(session->in_hashbuf, first_kex_packet_follows); + rc = buffer_add_u8(session->in_hashbuf, first_kex_packet_follows); if (rc < 0) { goto error; } - rc = ssh_buffer_add_u32(session->in_hashbuf, kexinit_reserved); + rc = buffer_add_u32(session->in_hashbuf, kexinit_reserved); if (rc < 0) { goto error; } @@ -512,7 +512,7 @@ static char *ssh_client_select_hostkeys(ssh_session session){ for (i=0;preferred_hostkeys[i] != NULL; ++i){ for (j=0; methods[j] != NULL; ++j){ if(strcmp(preferred_hostkeys[i], methods[j]) == 0){ - if (ssh_verify_existing_algo(SSH_HOSTKEYS, methods[j])){ + if (verify_existing_algo(SSH_HOSTKEYS, methods[j])){ if(needcoma) strncat(methods_buffer,",",sizeof(methods_buffer)-strlen(methods_buffer)-1); strncat(methods_buffer, methods[j], sizeof(methods_buffer)-strlen(methods_buffer)-1); @@ -539,7 +539,7 @@ static char *ssh_client_select_hostkeys(ssh_session session){ * @brief sets the key exchange parameters to be sent to the server, * in function of the options and available methods. */ -int ssh_set_client_kex(ssh_session session){ +int set_client_kex(ssh_session session){ struct ssh_kex_struct *client= &session->next_crypto->client_kex; const char *wanted; int i; @@ -612,7 +612,7 @@ int ssh_send_kex(ssh_session session, int server_kex) { kex->cookie); /* cookie */ if (rc != SSH_OK) goto error; - if (ssh_hashbufout_add_cookie(session) < 0) { + if (hashbufout_add_cookie(session) < 0) { goto error; } @@ -624,10 +624,10 @@ int ssh_send_kex(ssh_session session, int server_kex) { goto error; } - if (ssh_buffer_add_ssh_string(session->out_hashbuf, str) < 0) { + if (buffer_add_ssh_string(session->out_hashbuf, str) < 0) { goto error; } - if (ssh_buffer_add_ssh_string(session->out_buffer, str) < 0) { + if (buffer_add_ssh_string(session->out_buffer, str) < 0) { goto error; } ssh_string_free(str); @@ -642,7 +642,7 @@ int ssh_send_kex(ssh_session session, int server_kex) { goto error; } - if (ssh_packet_send(session) == SSH_ERROR) { + if (packet_send(session) == SSH_ERROR) { return -1; } @@ -656,7 +656,7 @@ error: } /* returns 1 if at least one of the name algos is in the default algorithms table */ -int ssh_verify_existing_algo(int algo, const char *name){ +int verify_existing_algo(int algo, const char *name){ char *ptr; if(algo>9 || algo <0) return -1; diff --git a/external/libssh-win-static/src/kex1.c b/external/libssh-win-static/src/kex1.c index 1691984..758054f 100644 --- a/external/libssh-win-static/src/kex1.c +++ b/external/libssh-win-static/src/kex1.c @@ -51,13 +51,13 @@ static ssh_string make_rsa1_string(ssh_string e, ssh_string n){ goto error; } - if (ssh_buffer_add_ssh_string(buffer, rsa) < 0) { + if (buffer_add_ssh_string(buffer, rsa) < 0) { goto error; } - if (ssh_buffer_add_ssh_string(buffer, e) < 0) { + if (buffer_add_ssh_string(buffer, e) < 0) { goto error; } - if (ssh_buffer_add_ssh_string(buffer, n) < 0) { + if (buffer_add_ssh_string(buffer, n) < 0) { goto error; } @@ -66,7 +66,7 @@ static ssh_string make_rsa1_string(ssh_string e, ssh_string n){ goto error; } - ssh_string_fill(ret, ssh_buffer_get(buffer), ssh_buffer_get_len(buffer)); + ssh_string_fill(ret, ssh_buffer_get_begin(buffer), ssh_buffer_get_len(buffer)); error: ssh_buffer_free(buffer); ssh_string_free(rsa); @@ -325,32 +325,32 @@ SSH_PACKET_CALLBACK(ssh_packet_publickey1){ ssh_set_error(session,SSH_FATAL,"SSH_KEXINIT received in wrong state"); goto error; } - if (ssh_buffer_get_data(packet, session->next_crypto->server_kex.cookie, 8) != 8) { + if (buffer_get_data(packet, session->next_crypto->server_kex.cookie, 8) != 8) { ssh_set_error(session, SSH_FATAL, "Can't get cookie in buffer"); goto error; } - ssh_buffer_get_u32(packet, &server_bits); - server_exp = ssh_buffer_get_mpint(packet); + buffer_get_u32(packet, &server_bits); + server_exp = buffer_get_mpint(packet); if (server_exp == NULL) { goto error; } - server_mod = ssh_buffer_get_mpint(packet); + server_mod = buffer_get_mpint(packet); if (server_mod == NULL) { goto error; } - ssh_buffer_get_u32(packet, &host_bits); - host_exp = ssh_buffer_get_mpint(packet); + buffer_get_u32(packet, &host_bits); + host_exp = buffer_get_mpint(packet); if (host_exp == NULL) { goto error; } - host_mod = ssh_buffer_get_mpint(packet); + host_mod = buffer_get_mpint(packet); if (host_mod == NULL) { goto error; } - ssh_buffer_get_u32(packet, &protocol_flags); - ssh_buffer_get_u32(packet, &supported_ciphers_mask); - ko = ssh_buffer_get_u32(packet, &supported_authentications_mask); + buffer_get_u32(packet, &protocol_flags); + buffer_get_u32(packet, &supported_ciphers_mask); + ko = buffer_get_u32(packet, &supported_authentications_mask); if ((ko != sizeof(uint32_t)) || !host_mod || !host_exp || !server_mod || !server_exp) { @@ -411,10 +411,10 @@ SSH_PACKET_CALLBACK(ssh_packet_publickey1){ } SSH_LOG(SSH_LOG_PROTOCOL, "Sending SSH_CMSG_SESSION_KEY"); - if (ssh_buffer_add_u8(session->out_buffer, SSH_CMSG_SESSION_KEY) < 0) { + if (buffer_add_u8(session->out_buffer, SSH_CMSG_SESSION_KEY) < 0) { goto error; } - if (ssh_buffer_add_u8(session->out_buffer, support_3DES ? SSH_CIPHER_3DES : SSH_CIPHER_DES) < 0) { + if (buffer_add_u8(session->out_buffer, support_3DES ? SSH_CIPHER_3DES : SSH_CIPHER_DES) < 0) { goto error; } if (ssh_buffer_add_data(session->out_buffer, session->next_crypto->server_kex.cookie, 8) < 0) { @@ -439,11 +439,11 @@ SSH_PACKET_CALLBACK(ssh_packet_publickey1){ goto error; } /* the protocol flags */ - if (ssh_buffer_add_u32(session->out_buffer, 0) < 0) { + if (buffer_add_u32(session->out_buffer, 0) < 0) { goto error; } session->session_state=SSH_SESSION_STATE_KEXINIT_RECEIVED; - if (ssh_packet_send(session) == SSH_ERROR) { + if (packet_send(session) == SSH_ERROR) { goto error; } diff --git a/external/libssh-win-static/src/known_hosts.c b/external/libssh-win-static/src/known_hosts.c index ab8a3dc..f7828d5 100644 --- a/external/libssh-win-static/src/known_hosts.c +++ b/external/libssh-win-static/src/known_hosts.c @@ -134,7 +134,7 @@ static char **ssh_get_knownhost_line(FILE **file, const char *filename, continue; /* skip empty lines */ } - tokens = ssh_space_tokenize(buffer); + tokens = space_tokenize(buffer); if (tokens == NULL) { fclose(*file); *file = NULL; @@ -211,7 +211,7 @@ static int check_public_key(ssh_session session, char **tokens) { return -1; } - if (ssh_buffer_add_ssh_string(pubkey_buffer, tmpstring) < 0) { + if (buffer_add_ssh_string(pubkey_buffer, tmpstring) < 0) { ssh_buffer_free(pubkey_buffer); ssh_string_free(tmpstring); return -1; @@ -225,9 +225,9 @@ static int check_public_key(ssh_session session, char **tokens) { ssh_buffer_free(pubkey_buffer); return -1; } - /* for some reason, ssh_make_bignum_string does not work + /* for some reason, make_bignum_string does not work because of the padding which it does --kv */ - /* tmpstring = ssh_make_bignum_string(tmpbn); */ + /* tmpstring = make_bignum_string(tmpbn); */ /* do it manually instead */ len = bignum_num_bytes(tmpbn); tmpstring = malloc(4 + len); @@ -244,7 +244,7 @@ static int check_public_key(ssh_session session, char **tokens) { bignum_bn2bin(tmpbn, ssh_string_data(tmpstring)); #endif bignum_free(tmpbn); - if (ssh_buffer_add_ssh_string(pubkey_buffer, tmpstring) < 0) { + if (buffer_add_ssh_string(pubkey_buffer, tmpstring) < 0) { ssh_buffer_free(pubkey_buffer); ssh_string_free(tmpstring); bignum_free(tmpbn); @@ -264,14 +264,14 @@ static int check_public_key(ssh_session session, char **tokens) { return -1; } - if (ssh_buffer_get_len(pubkey_buffer) != ssh_string_len(pubkey)) { + if (buffer_get_rest_len(pubkey_buffer) != ssh_string_len(pubkey)) { ssh_buffer_free(pubkey_buffer); return 0; } /* now test that they are identical */ - if (memcmp(ssh_buffer_get(pubkey_buffer), ssh_string_data(pubkey), - ssh_buffer_get_len(pubkey_buffer)) != 0) { + if (memcmp(buffer_get_rest(pubkey_buffer), ssh_string_data(pubkey), + buffer_get_rest_len(pubkey_buffer)) != 0) { ssh_buffer_free(pubkey_buffer); return 0; } @@ -340,7 +340,7 @@ static int match_hashed_host(const char *host, const char *sourcehash) return 0; } - mac = hmac_init(ssh_buffer_get(salt), ssh_buffer_get_len(salt), SSH_HMAC_SHA1); + mac = hmac_init(buffer_get_rest(salt), buffer_get_rest_len(salt), SSH_HMAC_SHA1); if (mac == NULL) { ssh_buffer_free(salt); ssh_buffer_free(hash); @@ -351,8 +351,8 @@ static int match_hashed_host(const char *host, const char *sourcehash) hmac_update(mac, host, strlen(host)); hmac_final(mac, buffer, &size); - if (size == ssh_buffer_get_len(hash) && - memcmp(buffer, ssh_buffer_get(hash), size) == 0) { + if (size == buffer_get_rest_len(hash) && + memcmp(buffer, buffer_get_rest(hash), size) == 0) { match = 1; } else { match = 0; diff --git a/external/libssh-win-static/src/legacy.c b/external/libssh-win-static/src/legacy.c index 3f09992..15f287a 100644 --- a/external/libssh-win-static/src/legacy.c +++ b/external/libssh-win-static/src/legacy.c @@ -145,7 +145,7 @@ void buffer_free(ssh_buffer buffer){ ssh_buffer_free(buffer); } void *buffer_get(ssh_buffer buffer){ - return ssh_buffer_get(buffer); + return ssh_buffer_get_begin(buffer); } uint32_t buffer_get_len(ssh_buffer buffer){ return ssh_buffer_get_len(buffer); diff --git a/external/libssh-win-static/src/libcrypto.c b/external/libssh-win-static/src/libcrypto.c index ac95010..00f107f 100644 --- a/external/libssh-win-static/src/libcrypto.c +++ b/external/libssh-win-static/src/libcrypto.c @@ -48,6 +48,10 @@ #define HAS_AES #include #endif +#ifdef HAVE_OPENSSL_BLOWFISH_H +#define HAS_BLOWFISH +#include +#endif #ifdef HAVE_OPENSSL_DES_H #define HAS_DES #include @@ -69,6 +73,15 @@ struct ssh_mac_ctx_struct { } ctx; }; +static int alloc_key(struct ssh_cipher_struct *cipher) { + cipher->key = malloc(cipher->keylen); + if (cipher->key == NULL) { + return -1; + } + + return 0; +} + void ssh_reseed(void){ #ifndef _WIN32 struct timeval tv; @@ -77,42 +90,27 @@ void ssh_reseed(void){ #endif } -SHACTX sha1_init(void) -{ - int rc; - SHACTX c = EVP_MD_CTX_create(); - if (c == NULL) { - return NULL; - } - EVP_MD_CTX_init(c); - rc = EVP_DigestInit_ex(c, EVP_sha1(), NULL); - if (rc == 0) { - EVP_MD_CTX_destroy(c); - c = NULL; - } - return c; +SHACTX sha1_init(void) { + SHACTX c = malloc(sizeof(*c)); + if (c == NULL) { + return NULL; + } + SHA1_Init(c); + + return c; } -void sha1_update(SHACTX c, const void *data, unsigned long len) -{ - EVP_DigestUpdate(c, data, len); +void sha1_update(SHACTX c, const void *data, unsigned long len) { + SHA1_Update(c,data,len); } -void sha1_final(unsigned char *md, SHACTX c) -{ - unsigned int mdlen = 0; - - EVP_DigestFinal(c, md, &mdlen); - EVP_MD_CTX_destroy(c); +void sha1_final(unsigned char *md, SHACTX c) { + SHA1_Final(md, c); + SAFE_FREE(c); } -void sha1(unsigned char *digest, int len, unsigned char *hash) -{ - SHACTX c = sha1_init(); - if (c != NULL) { - sha1_update(c, digest, len); - sha1_final(hash, c); - } +void sha1(unsigned char *digest, int len, unsigned char *hash) { + SHA1(digest, len, hash); } #ifdef HAVE_OPENSSL_ECC @@ -167,147 +165,93 @@ void evp_final(EVPCTX ctx, unsigned char *md, unsigned int *mdlen) } #endif -SHA256CTX sha256_init(void) -{ - int rc; - SHA256CTX c = EVP_MD_CTX_create(); - if (c == NULL) { - return NULL; - } - EVP_MD_CTX_init(c); - rc = EVP_DigestInit_ex(c, EVP_sha256(), NULL); - if (rc == 0) { - EVP_MD_CTX_destroy(c); - c = NULL; - } - return c; +SHA256CTX sha256_init(void){ + SHA256CTX c = malloc(sizeof(*c)); + if (c == NULL) { + return NULL; + } + SHA256_Init(c); + + return c; } -void sha256_update(SHA256CTX c, const void *data, unsigned long len) -{ - EVP_DigestUpdate(c, data, len); +void sha256_update(SHA256CTX c, const void *data, unsigned long len){ + SHA256_Update(c,data,len); } -void sha256_final(unsigned char *md, SHA256CTX c) -{ - unsigned int mdlen = 0; - - EVP_DigestFinal(c, md, &mdlen); - EVP_MD_CTX_destroy(c); +void sha256_final(unsigned char *md, SHA256CTX c) { + SHA256_Final(md, c); + SAFE_FREE(c); } -void sha256(unsigned char *digest, int len, unsigned char *hash) -{ - SHA256CTX c = sha256_init(); - if (c != NULL) { - sha256_update(c, digest, len); - sha256_final(hash, c); - } +void sha256(unsigned char *digest, int len, unsigned char *hash) { + SHA256(digest, len, hash); } -SHA384CTX sha384_init(void) -{ - int rc; - SHA384CTX c = EVP_MD_CTX_create(); - if (c == NULL) { - return NULL; - } - EVP_MD_CTX_init(c); - rc = EVP_DigestInit_ex(c, EVP_sha384(), NULL); - if (rc == 0) { - EVP_MD_CTX_destroy(c); - c = NULL; - } - return c; +SHA384CTX sha384_init(void){ + SHA384CTX c = malloc(sizeof(*c)); + if (c == NULL) { + return NULL; + } + SHA384_Init(c); + + return c; } -void sha384_update(SHA384CTX c, const void *data, unsigned long len) -{ - EVP_DigestUpdate(c, data, len); +void sha384_update(SHA384CTX c, const void *data, unsigned long len){ + SHA384_Update(c,data,len); } -void sha384_final(unsigned char *md, SHA384CTX c) -{ - unsigned int mdlen = 0; - - EVP_DigestFinal(c, md, &mdlen); - EVP_MD_CTX_destroy(c); +void sha384_final(unsigned char *md, SHA384CTX c) { + SHA384_Final(md, c); + SAFE_FREE(c); } -void sha384(unsigned char *digest, int len, unsigned char *hash) -{ - SHA384CTX c = sha384_init(); - if (c != NULL) { - sha384_update(c, digest, len); - sha384_final(hash, c); - } +void sha384(unsigned char *digest, int len, unsigned char *hash) { + SHA384(digest, len, hash); } -SHA512CTX sha512_init(void) -{ - int rc = 0; - SHA512CTX c = EVP_MD_CTX_create(); - if (c == NULL) { - return NULL; - } - EVP_MD_CTX_init(c); - rc = EVP_DigestInit_ex(c, EVP_sha512(), NULL); - if (rc == 0) { - EVP_MD_CTX_destroy(c); - c = NULL; - } - return c; +SHA512CTX sha512_init(void){ + SHA512CTX c = malloc(sizeof(*c)); + if (c == NULL) { + return NULL; + } + SHA512_Init(c); + + return c; } -void sha512_update(SHA512CTX c, const void *data, unsigned long len) -{ - EVP_DigestUpdate(c, data, len); +void sha512_update(SHA512CTX c, const void *data, unsigned long len){ + SHA512_Update(c,data,len); } -void sha512_final(unsigned char *md, SHA512CTX c) -{ - unsigned int mdlen = 0; - - EVP_DigestFinal(c, md, &mdlen); - EVP_MD_CTX_destroy(c); +void sha512_final(unsigned char *md, SHA512CTX c) { + SHA512_Final(md, c); + SAFE_FREE(c); } -void sha512(unsigned char *digest, int len, unsigned char *hash) -{ - SHA512CTX c = sha512_init(); - if (c != NULL) { - sha512_update(c, digest, len); - sha512_final(hash, c); - } +void sha512(unsigned char *digest, int len, unsigned char *hash) { + SHA512(digest, len, hash); } -MD5CTX md5_init(void) -{ - int rc; - MD5CTX c = EVP_MD_CTX_create(); - if (c == NULL) { - return NULL; - } - EVP_MD_CTX_init(c); - rc = EVP_DigestInit_ex(c, EVP_md5(), NULL); - if(rc == 0) { - EVP_MD_CTX_destroy(c); - c = NULL; - } - return c; +MD5CTX md5_init(void) { + MD5CTX c = malloc(sizeof(*c)); + if (c == NULL) { + return NULL; + } + + MD5_Init(c); + + return c; } -void md5_update(MD5CTX c, const void *data, unsigned long len) -{ - EVP_DigestUpdate(c, data, len); +void md5_update(MD5CTX c, const void *data, unsigned long len) { + MD5_Update(c, data, len); } -void md5_final(unsigned char *md, MD5CTX c) -{ - unsigned int mdlen = 0; - - EVP_DigestFinal(c, md, &mdlen); - EVP_MD_CTX_destroy(c); +void md5_final(unsigned char *md, MD5CTX c) { + MD5_Final(md,c); + SAFE_FREE(c); } ssh_mac_ctx ssh_mac_ctx_init(enum ssh_mac_e type){ @@ -427,159 +371,83 @@ void hmac_final(HMACCTX ctx, unsigned char *hashmacbuf, unsigned int *len) { SAFE_FREE(ctx); } -static void evp_cipher_init(struct ssh_cipher_struct *cipher) { - switch(cipher->ciphertype){ - case SSH_AES128_CBC: - cipher->cipher = EVP_aes_128_cbc(); - break; - case SSH_AES192_CBC: - cipher->cipher = EVP_aes_192_cbc(); - break; - case SSH_AES256_CBC: - cipher->cipher = EVP_aes_256_cbc(); - break; -#ifdef HAVE_OPENSSL_EVP_AES_CTR - case SSH_AES128_CTR: - cipher->cipher = EVP_aes_128_ctr(); - break; - case SSH_AES192_CTR: - cipher->cipher = EVP_aes_192_ctr(); - break; - case SSH_AES256_CTR: - cipher->cipher = EVP_aes_256_ctr(); - break; -#else - case SSH_AES128_CTR: - case SSH_AES192_CTR: - case SSH_AES256_CTR: - SSH_LOG(SSH_LOG_WARNING, "This cipher is not available in evp_cipher_init"); - break; -#endif - case SSH_3DES_CBC: - cipher->cipher = EVP_des_ede3_cbc(); - break; - case SSH_BLOWFISH_CBC: - cipher->cipher = EVP_bf_cbc(); - break; - /* ciphers not using EVP */ - case SSH_3DES_CBC_SSH1: - case SSH_DES_CBC_SSH1: - SSH_LOG(SSH_LOG_WARNING, "This cipher should not use evp_cipher_init"); - break; - case SSH_NO_CIPHER: - SSH_LOG(SSH_LOG_WARNING, "No valid ciphertype found"); - break; +#ifdef HAS_BLOWFISH +/* the wrapper functions for blowfish */ +static int blowfish_set_key(struct ssh_cipher_struct *cipher, void *key, void *IV){ + if (cipher->key == NULL) { + if (alloc_key(cipher) < 0) { + return -1; } + BF_set_key(cipher->key, 16, key); + } + cipher->IV = IV; + return 0; } -static int evp_cipher_set_encrypt_key(struct ssh_cipher_struct *cipher, - void *key, void *IV) -{ - int rc; - - evp_cipher_init(cipher); - EVP_CIPHER_CTX_init(&cipher->ctx); - - rc = EVP_EncryptInit_ex(&cipher->ctx, cipher->cipher, NULL, key, IV); - if (rc != 1){ - SSH_LOG(SSH_LOG_WARNING, "EVP_EncryptInit_ex failed"); - return SSH_ERROR; - } - EVP_CIPHER_CTX_set_padding(&cipher->ctx, 0); - - return SSH_OK; +static void blowfish_encrypt(struct ssh_cipher_struct *cipher, void *in, + void *out, unsigned long len) { + BF_cbc_encrypt(in, out, len, cipher->key, cipher->IV, BF_ENCRYPT); } -static int evp_cipher_set_decrypt_key(struct ssh_cipher_struct *cipher, - void *key, void *IV) { - int rc; - - evp_cipher_init(cipher); - EVP_CIPHER_CTX_init(&cipher->ctx); - - rc = EVP_DecryptInit_ex(&cipher->ctx, cipher->cipher, NULL, key, IV); - if (rc != 1){ - SSH_LOG(SSH_LOG_WARNING, "EVP_DecryptInit_ex failed"); - return SSH_ERROR; - } - EVP_CIPHER_CTX_set_padding(&cipher->ctx, 0); - - return SSH_OK; +static void blowfish_decrypt(struct ssh_cipher_struct *cipher, void *in, + void *out, unsigned long len) { + BF_cbc_encrypt(in, out, len, cipher->key, cipher->IV, BF_DECRYPT); } +#endif /* HAS_BLOWFISH */ -/* EVP wrapper function for encrypt/decrypt */ -static void evp_cipher_encrypt(struct ssh_cipher_struct *cipher, - void *in, - void *out, - unsigned long len) { - int outlen = 0; - int rc = 0; - - rc = EVP_EncryptUpdate(&cipher->ctx, (unsigned char *)out, &outlen, (unsigned char *)in, len); - if (rc != 1){ - SSH_LOG(SSH_LOG_WARNING, "EVP_EncryptUpdate failed"); - return; - } - if (outlen != (int)len){ - SSH_LOG(SSH_LOG_WARNING, "EVP_EncryptUpdate: output size %d for %zu in", outlen, len); - return; - } -} - -static void evp_cipher_decrypt(struct ssh_cipher_struct *cipher, - void *in, - void *out, - unsigned long len) { - int outlen = 0; - int rc = 0; - - rc = EVP_DecryptUpdate(&cipher->ctx, (unsigned char *)out, &outlen, (unsigned char *)in, len); - if (rc != 1){ - SSH_LOG(SSH_LOG_WARNING, "EVP_DecryptUpdate failed"); - return; - } - if (outlen != (int)len){ - SSH_LOG(SSH_LOG_WARNING, "EVP_DecryptUpdate: output size %d for %zu in", outlen, len); - return; - } -} - -static void evp_cipher_cleanup(struct ssh_cipher_struct *cipher) { - EVP_CIPHER_CTX_cleanup(&cipher->ctx); -} - -#ifndef HAVE_OPENSSL_EVP_AES_CTR -/* Some OS (osx, OpenIndiana, ...) have no support for CTR ciphers in EVP_aes */ - -struct ssh_aes_key_schedule { - AES_KEY key; - uint8_t IV[AES_BLOCK_SIZE]; -}; - -static int aes_ctr_set_key(struct ssh_cipher_struct *cipher, void *key, +#ifdef HAS_AES +static int aes_set_encrypt_key(struct ssh_cipher_struct *cipher, void *key, void *IV) { - int rc; - - if (cipher->aes_key == NULL) { - cipher->aes_key = malloc(sizeof (struct ssh_aes_key_schedule)); + if (cipher->key == NULL) { + if (alloc_key(cipher) < 0) { + return -1; } - if (cipher->aes_key == NULL) { - return SSH_ERROR; + if (AES_set_encrypt_key(key,cipher->keysize,cipher->key) < 0) { + SAFE_FREE(cipher->key); + return -1; } - ZERO_STRUCTP(cipher->aes_key); - /* CTR doesn't need a decryption key */ - rc = AES_set_encrypt_key(key, cipher->keysize, &cipher->aes_key->key); - if (rc < 0) { - SAFE_FREE(cipher->aes_key); - return SSH_ERROR; + } + cipher->IV=IV; + return 0; +} +static int aes_set_decrypt_key(struct ssh_cipher_struct *cipher, void *key, + void *IV) { + if (cipher->key == NULL) { + if (alloc_key(cipher) < 0) { + return -1; } - memcpy(cipher->aes_key->IV, IV, AES_BLOCK_SIZE); - return SSH_OK; + if (AES_set_decrypt_key(key,cipher->keysize,cipher->key) < 0) { + SAFE_FREE(cipher->key); + return -1; + } + } + cipher->IV=IV; + return 0; } -static void aes_ctr_encrypt(struct ssh_cipher_struct *cipher, void *in, void *out, +static void aes_encrypt(struct ssh_cipher_struct *cipher, void *in, void *out, unsigned long len) { - unsigned char tmp_buffer[AES_BLOCK_SIZE]; + AES_cbc_encrypt(in, out, len, cipher->key, cipher->IV, AES_ENCRYPT); +} + +static void aes_decrypt(struct ssh_cipher_struct *cipher, void *in, void *out, + unsigned long len) { + AES_cbc_encrypt(in, out, len, cipher->key, cipher->IV, AES_DECRYPT); +} + +#ifndef BROKEN_AES_CTR +/* OpenSSL until 0.9.7c has a broken AES_ctr128_encrypt implementation which + * increments the counter from 2^64 instead of 1. It's better not to use it + */ + +/** @internal + * @brief encrypts/decrypts data with stream cipher AES_ctr128. 128 bits is actually + * the size of the CTR counter and incidentally the blocksize, but not the keysize. + * @param len[in] must be a multiple of AES128 block size. + */ +static void aes_ctr128_encrypt(struct ssh_cipher_struct *cipher, void *in, void *out, + unsigned long len) { + unsigned char tmp_buffer[128/8]; unsigned int num=0; /* Some things are special with ctr128 : * In this case, tmp_buffer is not being used, because it is used to store temporary data @@ -587,266 +455,249 @@ static void aes_ctr_encrypt(struct ssh_cipher_struct *cipher, void *in, void *ou * Same for num, which is being used to store the current offset in blocksize in CTR * function. */ - AES_ctr128_encrypt(in, out, len, &cipher->aes_key->key, cipher->aes_key->IV, tmp_buffer, &num); + AES_ctr128_encrypt(in, out, len, cipher->key, cipher->IV, tmp_buffer, &num); } +#endif /* BROKEN_AES_CTR */ +#endif /* HAS_AES */ -static void aes_ctr_cleanup(struct ssh_cipher_struct *cipher){ - BURN_BUFFER(cipher->aes_key, sizeof(*cipher->aes_key)); - SAFE_FREE(cipher->aes_key); -} - -#endif /* HAVE_OPENSSL_EVP_AES_CTR */ #ifdef HAS_DES - -typedef uint8_t des_iv_t[8]; - -struct ssh_3des_key_schedule { - DES_key_schedule keys[3]; - union { - des_iv_t v[3]; - uint8_t *c; - } ivs; -}; - -/* 3des cbc for SSH-1 has no suitable EVP construct and requires - * a custom key setup - */ -static int des3_set_key(struct ssh_cipher_struct *cipher, void *key, void *IV){ - DES_cblock *keys = key; - - DES_set_odd_parity(&keys[0]); - DES_set_odd_parity(&keys[1]); - DES_set_odd_parity(&keys[2]); - - cipher->des3_key = malloc(sizeof (struct ssh_3des_key_schedule)); - if (cipher->des3_key == NULL){ - return SSH_ERROR; +static int des3_set_key(struct ssh_cipher_struct *cipher, void *key,void *IV) { + if (cipher->key == NULL) { + if (alloc_key(cipher) < 0) { + return -1; } - DES_set_key_unchecked(&keys[0], &cipher->des3_key->keys[0]); - DES_set_key_unchecked(&keys[1], &cipher->des3_key->keys[1]); - DES_set_key_unchecked(&keys[2], &cipher->des3_key->keys[2]); - memcpy(cipher->des3_key->ivs.v, IV, 24); - return SSH_OK; + + DES_set_odd_parity(key); + DES_set_odd_parity((void*)((uint8_t*)key + 8)); + DES_set_odd_parity((void*)((uint8_t*)key + 16)); + DES_set_key_unchecked(key, cipher->key); + DES_set_key_unchecked((void*)((uint8_t*)key + 8), (void*)((uint8_t*)cipher->key + sizeof(DES_key_schedule))); + DES_set_key_unchecked((void*)((uint8_t*)key + 16), (void*)((uint8_t*)cipher->key + 2 * sizeof(DES_key_schedule))); + } + cipher->IV=IV; + return 0; +} + +static void des3_encrypt(struct ssh_cipher_struct *cipher, void *in, + void *out, unsigned long len) { + DES_ede3_cbc_encrypt(in, out, len, cipher->key, + (void*)((uint8_t*)cipher->key + sizeof(DES_key_schedule)), + (void*)((uint8_t*)cipher->key + 2 * sizeof(DES_key_schedule)), + cipher->IV, 1); +} + +static void des3_decrypt(struct ssh_cipher_struct *cipher, void *in, + void *out, unsigned long len) { + DES_ede3_cbc_encrypt(in, out, len, cipher->key, + (void*)((uint8_t*)cipher->key + sizeof(DES_key_schedule)), + (void*)((uint8_t*)cipher->key + 2 * sizeof(DES_key_schedule)), + cipher->IV, 0); } static void des3_1_encrypt(struct ssh_cipher_struct *cipher, void *in, void *out, unsigned long len) { #ifdef DEBUG_CRYPTO - ssh_print_hexa("Encrypt IV before", cipher->des3_key->ivs.c, 24); + ssh_print_hexa("Encrypt IV before", cipher->IV, 24); #endif - DES_ncbc_encrypt(in, out, len, &cipher->des3_key->keys[0], &cipher->des3_key->ivs.v[0], 1); - DES_ncbc_encrypt(out, in, len, &cipher->des3_key->keys[1], &cipher->des3_key->ivs.v[1], 0); - DES_ncbc_encrypt(in, out, len, &cipher->des3_key->keys[2], &cipher->des3_key->ivs.v[2], 1); + DES_ncbc_encrypt(in, out, len, cipher->key, cipher->IV, 1); + DES_ncbc_encrypt(out, in, len, (void*)((uint8_t*)cipher->key + sizeof(DES_key_schedule)), + (void*)((uint8_t*)cipher->IV + 8), 0); + DES_ncbc_encrypt(in, out, len, (void*)((uint8_t*)cipher->key + 2 * sizeof(DES_key_schedule)), + (void*)((uint8_t*)cipher->IV + 16), 1); #ifdef DEBUG_CRYPTO - ssh_print_hexa("Encrypt IV after", cipher->des3_key->ivs.c, 24); + ssh_print_hexa("Encrypt IV after", cipher->IV, 24); #endif } static void des3_1_decrypt(struct ssh_cipher_struct *cipher, void *in, void *out, unsigned long len) { #ifdef DEBUG_CRYPTO - ssh_print_hexa("Decrypt IV before", cipher->des3_key->ivs.c, 24); + ssh_print_hexa("Decrypt IV before", cipher->IV, 24); #endif - DES_ncbc_encrypt(in, out, len, &cipher->des3_key->keys[2], &cipher->des3_key->ivs.v[0], 0); - DES_ncbc_encrypt(out, in, len, &cipher->des3_key->keys[1], &cipher->des3_key->ivs.v[1], 1); - DES_ncbc_encrypt(in, out, len, &cipher->des3_key->keys[0], &cipher->des3_key->ivs.v[2], 0); + DES_ncbc_encrypt(in, out, len, (void*)((uint8_t*)cipher->key + 2 * sizeof(DES_key_schedule)), + cipher->IV, 0); + DES_ncbc_encrypt(out, in, len, (void*)((uint8_t*)cipher->key + sizeof(DES_key_schedule)), + (void*)((uint8_t*)cipher->IV + 8), 1); + DES_ncbc_encrypt(in, out, len, cipher->key, (void*)((uint8_t*)cipher->IV + 16), 0); #ifdef DEBUG_CRYPTO - ssh_print_hexa("Decrypt IV after", cipher->des3_key->ivs.c, 24); + ssh_print_hexa("Decrypt IV after", cipher->IV, 24); #endif } -static int des1_set_key(struct ssh_cipher_struct *cipher, void *key, void *IV) { - DES_set_odd_parity(key); - - cipher->des3_key = malloc(sizeof (struct ssh_3des_key_schedule)); - if (cipher->des3_key == NULL){ - return SSH_ERROR; +static int des1_set_key(struct ssh_cipher_struct *cipher, void *key, void *IV){ + if(!cipher->key){ + if (alloc_key(cipher) < 0) { + return -1; } - DES_set_key_unchecked(key, &cipher->des3_key->keys[0]); - memcpy(cipher->des3_key->ivs.v, IV, 8); - return SSH_OK; + DES_set_odd_parity(key); + DES_set_key_unchecked(key,cipher->key); + } + cipher->IV=IV; + return 0; } static void des1_1_encrypt(struct ssh_cipher_struct *cipher, void *in, void *out, unsigned long len){ - DES_ncbc_encrypt(in, out, len, &cipher->des3_key->keys[0], &cipher->des3_key->ivs.v[0], 1); + + DES_ncbc_encrypt(in, out, len, cipher->key, cipher->IV, 1); } static void des1_1_decrypt(struct ssh_cipher_struct *cipher, void *in, void *out, - unsigned long len){ - DES_ncbc_encrypt(in,out,len, &cipher->des3_key->keys[0], &cipher->des3_key->ivs.v[0], 0); -} + unsigned long len){ -static void des_cleanup(struct ssh_cipher_struct *cipher){ - BURN_BUFFER(cipher->des3_key, sizeof(*cipher->des3_key)); - SAFE_FREE(cipher->des3_key); + DES_ncbc_encrypt(in,out,len, cipher->key, cipher->IV, 0); } #endif /* HAS_DES */ /* * The table of supported ciphers + * + * WARNING: If you modify ssh_cipher_struct, you must make sure the order is + * correct! */ static struct ssh_cipher_struct ssh_ciphertab[] = { +#ifdef HAS_BLOWFISH { - .name = "blowfish-cbc", - .blocksize = 8, - .ciphertype = SSH_BLOWFISH_CBC, - .keysize = 128, - .set_encrypt_key = evp_cipher_set_encrypt_key, - .set_decrypt_key = evp_cipher_set_decrypt_key, - .encrypt = evp_cipher_encrypt, - .decrypt = evp_cipher_decrypt, - .cleanup = evp_cipher_cleanup + "blowfish-cbc", + 8, + sizeof (BF_KEY), + NULL, + NULL, + 128, + blowfish_set_key, + blowfish_set_key, + blowfish_encrypt, + blowfish_decrypt }, +#endif /* HAS_BLOWFISH */ #ifdef HAS_AES #ifndef BROKEN_AES_CTR -/* OpenSSL until 0.9.7c has a broken AES_ctr128_encrypt implementation which - * increments the counter from 2^64 instead of 1. It's better not to use it - */ -#ifdef HAVE_OPENSSL_EVP_AES_CTR { - .name = "aes128-ctr", - .blocksize = 16, - .ciphertype = SSH_AES128_CTR, - .keysize = 128, - .set_encrypt_key = evp_cipher_set_encrypt_key, - .set_decrypt_key = evp_cipher_set_decrypt_key, - .encrypt = evp_cipher_encrypt, - .decrypt = evp_cipher_decrypt, - .cleanup = evp_cipher_cleanup + "aes128-ctr", + 16, + sizeof(AES_KEY), + NULL, + NULL, + 128, + aes_set_encrypt_key, + aes_set_encrypt_key, + aes_ctr128_encrypt, + aes_ctr128_encrypt }, { - .name = "aes192-ctr", - .blocksize = 16, - .ciphertype = SSH_AES192_CTR, - .keysize = 192, - .set_encrypt_key = evp_cipher_set_encrypt_key, - .set_decrypt_key = evp_cipher_set_decrypt_key, - .encrypt = evp_cipher_encrypt, - .decrypt = evp_cipher_decrypt, - .cleanup = evp_cipher_cleanup + "aes192-ctr", + 16, + sizeof(AES_KEY), + NULL, + NULL, + 192, + aes_set_encrypt_key, + aes_set_encrypt_key, + aes_ctr128_encrypt, + aes_ctr128_encrypt }, { - .name = "aes256-ctr", - .blocksize = 16, - .ciphertype = SSH_AES256_CTR, - .keysize = 256, - .set_encrypt_key = evp_cipher_set_encrypt_key, - .set_decrypt_key = evp_cipher_set_decrypt_key, - .encrypt = evp_cipher_encrypt, - .decrypt = evp_cipher_decrypt, - .cleanup = evp_cipher_cleanup + "aes256-ctr", + 16, + sizeof(AES_KEY), + NULL, + NULL, + 256, + aes_set_encrypt_key, + aes_set_encrypt_key, + aes_ctr128_encrypt, + aes_ctr128_encrypt }, -#else /* HAVE_OPENSSL_EVP_AES_CTR */ - { - .name = "aes128-ctr", - .blocksize = 16, - .ciphertype = SSH_AES128_CTR, - .keysize = 128, - .set_encrypt_key = aes_ctr_set_key, - .set_decrypt_key = aes_ctr_set_key, - .encrypt = aes_ctr_encrypt, - .decrypt = aes_ctr_encrypt, - .cleanup = aes_ctr_cleanup - }, - { - .name = "aes192-ctr", - .blocksize = 16, - .ciphertype = SSH_AES192_CTR, - .keysize = 192, - .set_encrypt_key = aes_ctr_set_key, - .set_decrypt_key = aes_ctr_set_key, - .encrypt = aes_ctr_encrypt, - .decrypt = aes_ctr_encrypt, - .cleanup = aes_ctr_cleanup - }, - { - .name = "aes256-ctr", - .blocksize = 16, - .ciphertype = SSH_AES256_CTR, - .keysize = 256, - .set_encrypt_key = aes_ctr_set_key, - .set_decrypt_key = aes_ctr_set_key, - .encrypt = aes_ctr_encrypt, - .decrypt = aes_ctr_encrypt, - .cleanup = aes_ctr_cleanup - }, -#endif /* HAVE_OPENSSL_EVP_AES_CTR */ #endif /* BROKEN_AES_CTR */ { - .name = "aes128-cbc", - .blocksize = 16, - .ciphertype = SSH_AES128_CBC, - .keysize = 128, - .set_encrypt_key = evp_cipher_set_encrypt_key, - .set_decrypt_key = evp_cipher_set_decrypt_key, - .encrypt = evp_cipher_encrypt, - .decrypt = evp_cipher_decrypt, - .cleanup = evp_cipher_cleanup + "aes128-cbc", + 16, + sizeof(AES_KEY), + NULL, + NULL, + 128, + aes_set_encrypt_key, + aes_set_decrypt_key, + aes_encrypt, + aes_decrypt }, { - .name = "aes192-cbc", - .blocksize = 16, - .ciphertype = SSH_AES192_CBC, - .keysize = 192, - .set_encrypt_key = evp_cipher_set_encrypt_key, - .set_decrypt_key = evp_cipher_set_decrypt_key, - .encrypt = evp_cipher_encrypt, - .decrypt = evp_cipher_decrypt, - .cleanup = evp_cipher_cleanup + "aes192-cbc", + 16, + sizeof(AES_KEY), + NULL, + NULL, + 192, + aes_set_encrypt_key, + aes_set_decrypt_key, + aes_encrypt, + aes_decrypt }, { - .name = "aes256-cbc", - .blocksize = 16, - .ciphertype = SSH_AES256_CBC, - .keysize = 256, - .set_encrypt_key = evp_cipher_set_encrypt_key, - .set_decrypt_key = evp_cipher_set_decrypt_key, - .encrypt = evp_cipher_encrypt, - .decrypt = evp_cipher_decrypt, - .cleanup = evp_cipher_cleanup + "aes256-cbc", + 16, + sizeof(AES_KEY), + NULL, + NULL, + 256, + aes_set_encrypt_key, + aes_set_decrypt_key, + aes_encrypt, + aes_decrypt }, #endif /* HAS_AES */ #ifdef HAS_DES { - .name = "3des-cbc", - .blocksize = 8, - .ciphertype = SSH_3DES_CBC, - .keysize = 192, - .set_encrypt_key = evp_cipher_set_encrypt_key, - .set_decrypt_key = evp_cipher_set_decrypt_key, - .encrypt = evp_cipher_encrypt, - .decrypt = evp_cipher_decrypt, - .cleanup = evp_cipher_cleanup + "3des-cbc", + 8, + sizeof(DES_key_schedule) * 3, + NULL, + NULL, + 192, + des3_set_key, + des3_set_key, + des3_encrypt, + des3_decrypt }, { - .name = "3des-cbc-ssh1", - .blocksize = 8, - .ciphertype = SSH_3DES_CBC_SSH1, - .keysize = 192, - .set_encrypt_key = des3_set_key, - .set_decrypt_key = des3_set_key, - .encrypt = des3_1_encrypt, - .decrypt = des3_1_decrypt, - .cleanup = des_cleanup + "3des-cbc-ssh1", + 8, + sizeof(DES_key_schedule) * 3, + NULL, + NULL, + 192, + des3_set_key, + des3_set_key, + des3_1_encrypt, + des3_1_decrypt }, { - .name = "des-cbc-ssh1", - .blocksize = 8, - .ciphertype = SSH_DES_CBC_SSH1, - .keysize = 64, - .set_encrypt_key = des1_set_key, - .set_decrypt_key = des1_set_key, - .encrypt = des1_1_encrypt, - .decrypt = des1_1_decrypt, - .cleanup = des_cleanup + "des-cbc-ssh1", + 8, + sizeof(DES_key_schedule), + NULL, + NULL, + 64, + des1_set_key, + des1_set_key, + des1_1_encrypt, + des1_1_decrypt }, #endif /* HAS_DES */ { - .name = NULL + NULL, + 0, + 0, + NULL, + NULL, + 0, + NULL, + NULL, + NULL, + NULL } }; diff --git a/external/libssh-win-static/src/libgcrypt.c b/external/libssh-win-static/src/libgcrypt.c index 60f6536..17de68b 100644 --- a/external/libssh-win-static/src/libgcrypt.c +++ b/external/libssh-win-static/src/libgcrypt.c @@ -2,7 +2,6 @@ * This file is part of the SSH Library * * Copyright (c) 2009 by Aris Adamantiadis - * Copyright (C) 2016 g10 Code GmbH * * The SSH Library is free software; you can redistribute it and/or modify * it under the terms of the GNU Lesser General Public License as published by @@ -28,7 +27,6 @@ #include "libssh/session.h" #include "libssh/crypto.h" #include "libssh/wrapper.h" -#include "libssh/string.h" #ifdef HAVE_LIBGCRYPT #include @@ -600,54 +598,4 @@ struct ssh_cipher_struct *ssh_get_ciphertab(void) return ssh_ciphertab; } -/* - * Extract an MPI from the given s-expression SEXP named NAME which is - * encoded using INFORMAT and store it in a newly allocated ssh_string - * encoded using OUTFORMAT. - */ -ssh_string ssh_sexp_extract_mpi(const gcry_sexp_t sexp, - const char *name, - enum gcry_mpi_format informat, - enum gcry_mpi_format outformat) -{ - gpg_error_t err; - ssh_string result = NULL; - gcry_sexp_t fragment = NULL; - gcry_mpi_t mpi = NULL; - size_t size; - - fragment = gcry_sexp_find_token(sexp, name, 0); - if (fragment == NULL) { - goto fail; - } - - mpi = gcry_sexp_nth_mpi(fragment, 1, informat); - if (mpi == NULL) { - goto fail; - } - - err = gcry_mpi_print(outformat, NULL, 0, &size, mpi); - if (err != 0) { - goto fail; - } - - result = ssh_string_new(size); - if (result == NULL) { - goto fail; - } - - err = gcry_mpi_print(outformat, ssh_string_data(result), size, NULL, mpi); - if (err != 0) { - ssh_string_burn(result); - ssh_string_free(result); - result = NULL; - goto fail; - } - -fail: - gcry_sexp_release(fragment); - gcry_mpi_release(mpi); - return result; -} - #endif diff --git a/external/libssh-win-static/src/messages.c b/external/libssh-win-static/src/messages.c index 100c3bc..d906e69 100644 --- a/external/libssh-win-static/src/messages.c +++ b/external/libssh-win-static/src/messages.c @@ -81,12 +81,12 @@ static ssh_message ssh_message_new(ssh_session session){ static int ssh_message_reply_default(ssh_message msg) { SSH_LOG(SSH_LOG_FUNCTIONS, "Reporting unknown packet"); - if (ssh_buffer_add_u8(msg->session->out_buffer, SSH2_MSG_UNIMPLEMENTED) < 0) + if (buffer_add_u8(msg->session->out_buffer, SSH2_MSG_UNIMPLEMENTED) < 0) goto error; - if (ssh_buffer_add_u32(msg->session->out_buffer, + if (buffer_add_u32(msg->session->out_buffer, htonl(msg->session->recv_seq-1)) < 0) goto error; - return ssh_packet_send(msg->session); + return packet_send(msg->session); error: return SSH_ERROR; } @@ -166,120 +166,90 @@ static int ssh_execute_server_request(ssh_session session, ssh_message msg) case SSH_REQUEST_CHANNEL: channel = msg->channel_request.channel; - if (msg->channel_request.type == SSH_CHANNEL_REQUEST_PTY){ - ssh_callbacks_iterate(channel->callbacks, - ssh_channel_callbacks, - ssh_channel_pty_request_callback, - channel_pty_request_function) { - rc = ssh_callbacks_iterate_exec(session, - channel, - msg->channel_request.TERM, - msg->channel_request.width, - msg->channel_request.height, - msg->channel_request.pxwidth, - msg->channel_request.pxheight); - if (rc == 0) { - ssh_message_channel_request_reply_success(msg); - } else { - ssh_message_reply_default(msg); - } - return SSH_OK; - } - ssh_callbacks_iterate_end(); - } else if (msg->channel_request.type == SSH_CHANNEL_REQUEST_SHELL){ - ssh_callbacks_iterate(channel->callbacks, - ssh_channel_callbacks, - ssh_channel_shell_request_callback, - channel_shell_request_function) { - rc = ssh_callbacks_iterate_exec(session, channel); - if (rc == 0) { - ssh_message_channel_request_reply_success(msg); - } else { - ssh_message_reply_default(msg); - } - return SSH_OK; - } - ssh_callbacks_iterate_end(); - } else if (msg->channel_request.type == SSH_CHANNEL_REQUEST_X11){ - ssh_callbacks_iterate(channel->callbacks, - ssh_channel_callbacks, - ssh_channel_x11_req_callback, - channel_x11_req_function) { - ssh_callbacks_iterate_exec(session, - channel, - msg->channel_request.x11_single_connection, - msg->channel_request.x11_auth_protocol, - msg->channel_request.x11_auth_cookie, - msg->channel_request.x11_screen_number); + if (msg->channel_request.type == SSH_CHANNEL_REQUEST_PTY && + ssh_callbacks_exists(channel->callbacks, channel_pty_request_function)) { + rc = channel->callbacks->channel_pty_request_function(session, channel, + msg->channel_request.TERM, + msg->channel_request.width, msg->channel_request.height, + msg->channel_request.pxwidth, msg->channel_request.pxheight, + channel->callbacks->userdata); + if (rc == 0) { ssh_message_channel_request_reply_success(msg); - return SSH_OK; + } else { + ssh_message_reply_default(msg); } - ssh_callbacks_iterate_end(); - } else if (msg->channel_request.type == SSH_CHANNEL_REQUEST_WINDOW_CHANGE){ - ssh_callbacks_iterate(channel->callbacks, - ssh_channel_callbacks, - ssh_channel_pty_window_change_callback, - channel_pty_window_change_function) { - rc = ssh_callbacks_iterate_exec(session, - channel, - msg->channel_request.width, - msg->channel_request.height, - msg->channel_request.pxwidth, - msg->channel_request.pxheight); - return SSH_OK; - } - ssh_callbacks_iterate_end(); - } else if (msg->channel_request.type == SSH_CHANNEL_REQUEST_EXEC){ - ssh_callbacks_iterate(channel->callbacks, - ssh_channel_callbacks, - ssh_channel_exec_request_callback, - channel_exec_request_function) { - rc = ssh_callbacks_iterate_exec(session, - channel, - msg->channel_request.command); - if (rc == 0) { - ssh_message_channel_request_reply_success(msg); - } else { - ssh_message_reply_default(msg); - } - return SSH_OK; + return SSH_OK; + } else if (msg->channel_request.type == SSH_CHANNEL_REQUEST_SHELL && + ssh_callbacks_exists(channel->callbacks, channel_shell_request_function)) { + rc = channel->callbacks->channel_shell_request_function(session, + channel, + channel->callbacks->userdata); + if (rc == 0) { + ssh_message_channel_request_reply_success(msg); + } else { + ssh_message_reply_default(msg); } - ssh_callbacks_iterate_end(); - } else if (msg->channel_request.type == SSH_CHANNEL_REQUEST_ENV){ - ssh_callbacks_iterate(channel->callbacks, - ssh_channel_callbacks, - ssh_channel_env_request_callback, - channel_env_request_function) { - rc = ssh_callbacks_iterate_exec(session, - channel, - msg->channel_request.var_name, - msg->channel_request.var_value); - if (rc == 0) { - ssh_message_channel_request_reply_success(msg); - } else { - ssh_message_reply_default(msg); - } - return SSH_OK; - } - ssh_callbacks_iterate_end(); - } else if (msg->channel_request.type == SSH_CHANNEL_REQUEST_SUBSYSTEM){ - ssh_callbacks_iterate(channel->callbacks, - ssh_channel_callbacks, - ssh_channel_subsystem_request_callback, - channel_subsystem_request_function) { - rc = ssh_callbacks_iterate_exec(session, - channel, - msg->channel_request.subsystem); - if (rc == 0) { - ssh_message_channel_request_reply_success(msg); - } else { - ssh_message_reply_default(msg); - } - return SSH_OK; + return SSH_OK; + } else if (msg->channel_request.type == SSH_CHANNEL_REQUEST_X11 && + ssh_callbacks_exists(channel->callbacks, channel_x11_req_function)) { + channel->callbacks->channel_x11_req_function(session, + channel, + msg->channel_request.x11_single_connection, + msg->channel_request.x11_auth_protocol, + msg->channel_request.x11_auth_cookie, + msg->channel_request.x11_screen_number, + channel->callbacks->userdata); + ssh_message_channel_request_reply_success(msg); + + return SSH_OK; + } else if (msg->channel_request.type == SSH_CHANNEL_REQUEST_WINDOW_CHANGE && + ssh_callbacks_exists(channel->callbacks, channel_pty_window_change_function)) { + rc = channel->callbacks->channel_pty_window_change_function(session, + channel, + msg->channel_request.width, msg->channel_request.height, + msg->channel_request.pxwidth, msg->channel_request.pxheight, + channel->callbacks->userdata); + } else if (msg->channel_request.type == SSH_CHANNEL_REQUEST_EXEC && + ssh_callbacks_exists(channel->callbacks, channel_exec_request_function)) { + rc = channel->callbacks->channel_exec_request_function(session, + channel, + msg->channel_request.command, + channel->callbacks->userdata); + if (rc == 0) { + ssh_message_channel_request_reply_success(msg); + } else { + ssh_message_reply_default(msg); } - ssh_callbacks_iterate_end(); + + return SSH_OK; + } else if (msg->channel_request.type == SSH_CHANNEL_REQUEST_ENV && + ssh_callbacks_exists(channel->callbacks, channel_env_request_function)) { + rc = channel->callbacks->channel_env_request_function(session, + channel, + msg->channel_request.var_name, msg->channel_request.var_value, + channel->callbacks->userdata); + if (rc == 0) { + ssh_message_channel_request_reply_success(msg); + } else { + ssh_message_reply_default(msg); + } + + return SSH_OK; + } else if (msg->channel_request.type == SSH_CHANNEL_REQUEST_SUBSYSTEM && + ssh_callbacks_exists(channel->callbacks, channel_subsystem_request_function)) { + rc = channel->callbacks->channel_subsystem_request_function(session, + channel, + msg->channel_request.subsystem, + channel->callbacks->userdata); + if (rc == 0) { + ssh_message_channel_request_reply_success(msg); + } else { + ssh_message_reply_default(msg); + } + + return SSH_OK; } break; case SSH_REQUEST_SERVICE: @@ -323,21 +293,6 @@ static int ssh_execute_client_request(ssh_session session, ssh_message msg) ssh_message_reply_default(msg); } - return SSH_OK; - } else if (msg->type == SSH_REQUEST_CHANNEL_OPEN - && msg->channel_request_open.type == SSH_CHANNEL_AUTH_AGENT - && ssh_callbacks_exists(session->common.callbacks, channel_open_request_auth_agent_function)) { - channel = session->common.callbacks->channel_open_request_auth_agent_function (session, - session->common.callbacks->userdata); - - if (channel != NULL) { - rc = ssh_message_channel_request_open_reply_accept_channel(msg, channel); - - return rc; - } else { - ssh_message_reply_default(msg); - } - return SSH_OK; } @@ -609,7 +564,7 @@ SSH_PACKET_CALLBACK(ssh_packet_service_request){ (void)type; (void)user; - service = ssh_buffer_get_ssh_string(packet); + service = buffer_get_ssh_string(packet); if (service == NULL) { ssh_set_error(session, SSH_FATAL, "Invalid SSH_MSG_SERVICE_REQUEST packet"); goto error; @@ -742,7 +697,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_request){ ssh_string submethods = NULL; msg->auth_request.method = SSH_AUTH_METHOD_INTERACTIVE; - lang = ssh_buffer_get_ssh_string(packet); + lang = buffer_get_ssh_string(packet); if (lang == NULL) { goto error; } @@ -752,7 +707,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_request){ */ ssh_string_free(lang); - submethods = ssh_buffer_get_ssh_string(packet); + submethods = buffer_get_ssh_string(packet); if (submethods == NULL) { goto error; } @@ -798,7 +753,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_request){ ssh_string sig_blob = NULL; ssh_buffer digest = NULL; - sig_blob = ssh_buffer_get_ssh_string(packet); + sig_blob = buffer_get_ssh_string(packet); if(sig_blob == NULL) { SSH_LOG(SSH_LOG_PACKET, "Invalid signature packet from peer"); msg->auth_request.signature_state = SSH_PUBLICKEY_STATE_ERROR; @@ -816,8 +771,8 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_request){ rc = ssh_pki_signature_verify_blob(session, sig_blob, msg->auth_request.pubkey, - ssh_buffer_get(digest), - ssh_buffer_get_len(digest)); + buffer_get_rest(digest), + buffer_get_rest_len(digest)); ssh_string_free(sig_blob); ssh_buffer_free(digest); if (rc < 0) { @@ -841,7 +796,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_request){ ssh_string oid; char *hexa; int i; - ssh_buffer_get_u32(packet, &n_oid); + buffer_get_u32(packet, &n_oid); n_oid=ntohl(n_oid); if(n_oid > 100){ ssh_set_error(session, SSH_FATAL, "USERAUTH_REQUEST: gssapi-with-mic OID count too big (%d)",n_oid); @@ -854,7 +809,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_request){ goto error; } for (i=0;i<(int) n_oid;++i){ - oid=ssh_buffer_get_ssh_string(packet); + oid=buffer_get_ssh_string(packet); if(oid == NULL){ for(i=i-1;i>=0;--i){ SAFE_FREE(oids[i]); @@ -999,7 +954,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_info_response){ memset(session->kbdint->answers, 0, nanswers * sizeof(char *)); for (i = 0; i < nanswers; i++) { - tmp = ssh_buffer_get_ssh_string(packet); + tmp = buffer_get_ssh_string(packet); if (tmp == NULL) { ssh_set_error(session, SSH_FATAL, "Short INFO_RESPONSE packet"); session->kbdint->nanswers = i; @@ -1115,11 +1070,6 @@ SSH_PACKET_CALLBACK(ssh_packet_channel_open){ goto end; } - if (strcmp(type_c,"auth-agent@openssh.com") == 0) { - msg->channel_request_open.type = SSH_CHANNEL_AUTH_AGENT; - goto end; - } - msg->channel_request_open.type = SSH_CHANNEL_UNKNOWN; goto end; @@ -1168,7 +1118,7 @@ int ssh_message_channel_request_open_reply_accept_channel(ssh_message msg, ssh_c "Accepting a channel request_open for chan %d", chan->remote_channel); - rc = ssh_packet_send(session); + rc = packet_send(session); return rc; } @@ -1349,7 +1299,7 @@ int ssh_message_channel_request_reply_success(ssh_message msg) { return SSH_ERROR; } - return ssh_packet_send(msg->session); + return packet_send(msg->session); } SSH_LOG(SSH_LOG_PACKET, @@ -1426,15 +1376,6 @@ SSH_PACKET_CALLBACK(ssh_packet_global_request){ } else { ssh_message_reply_default(msg); } - } else if(strcmp(request, "keepalive@openssh.com") == 0) { - msg->global_request.type = SSH_GLOBAL_REQUEST_KEEPALIVE; - msg->global_request.want_reply = want_reply; - SSH_LOG(SSH_LOG_PROTOCOL, "Received keepalive@openssh.com %d", want_reply); - if(ssh_callbacks_exists(session->common.callbacks, global_request_function)) { - session->common.callbacks->global_request_function(session, msg, session->common.callbacks->userdata); - } else { - ssh_message_global_request_reply_success(msg, 0); - } } else { SSH_LOG(SSH_LOG_PROTOCOL, "UNKNOWN SSH_MSG_GLOBAL_REQUEST %s %d", request, want_reply); rc = SSH_PACKET_NOT_USED; diff --git a/external/libssh-win-static/src/misc.c b/external/libssh-win-static/src/misc.c index 583c034..ef9b6ff 100644 --- a/external/libssh-win-static/src/misc.c +++ b/external/libssh-win-static/src/misc.c @@ -144,14 +144,14 @@ char *ssh_get_local_username(void) { char *user; /* get the size */ - GetUserNameA(NULL, &size); + GetUserName(NULL, &size); user = (char *) malloc(size); if (user == NULL) { return NULL; } - if (GetUserNameA(user, &size)) { + if (GetUserName(user, &size)) { return user; } @@ -290,23 +290,6 @@ int ssh_is_ipaddr(const char *str) { #endif /* _WIN32 */ -#ifndef HAVE_NTOHLL -uint64_t ntohll(uint64_t a) { -#ifdef WORDS_BIGENDIAN - return a; -#else /* WORDS_BIGENDIAN */ - return (((uint64_t)(a) << 56) | \ - (((uint64_t)(a) << 40) & 0xff000000000000ULL) | \ - (((uint64_t)(a) << 24) & 0xff0000000000ULL) | \ - (((uint64_t)(a) << 8) & 0xff00000000ULL) | \ - (((uint64_t)(a) >> 8) & 0xff000000ULL) | \ - (((uint64_t)(a) >> 24) & 0xff0000ULL) | \ - (((uint64_t)(a) >> 40) & 0xff00ULL) | \ - ((uint64_t)(a) >> 56)); -#endif /* WORDS_BIGENDIAN */ -} -#endif /* HAVE_NTOHLL */ - char *ssh_lowercase(const char* str) { char *new, *p; diff --git a/external/libssh-win-static/src/options.c b/external/libssh-win-static/src/options.c index cc2cc01..aed2dda 100644 --- a/external/libssh-win-static/src/options.c +++ b/external/libssh-win-static/src/options.c @@ -164,7 +164,7 @@ int ssh_options_copy(ssh_session src, ssh_session *dest) { int ssh_options_set_algo(ssh_session session, int algo, const char *list) { - if (!ssh_verify_existing_algo(algo, list)) { + if (!verify_existing_algo(algo, list)) { ssh_set_error(session, SSH_REQUEST_DENIED, "Setting method: no algorithm for method \"%s\" (%s)\n", ssh_kex_get_description(algo), list); @@ -925,17 +925,6 @@ int ssh_options_get_port(ssh_session session, unsigned int* port_target) { * It may include "%s" which will be replaced by the * user home directory. * - * - SSH_OPTIONS_ADD_IDENTITY: - * Add a new identity file (const char *,format string) to - * the identity list.\n - * \n - * By default identity, id_dsa and id_rsa are checked.\n - * \n - * The identity used authenticate with public key will be - * prepended to the list. - * It may include "%s" which will be replaced by the - * user home directory. - * * - SSH_OPTIONS_PROXYCOMMAND: * Get the proxycommand necessary to log into the * remote host. When not explicitly set, it will be read @@ -1179,9 +1168,7 @@ int ssh_options_getopt(ssh_session session, int *argcptr, char **argv) { } } - if (port != NULL) { - ssh_options_set(session, SSH_OPTIONS_PORT_STR, port); - } + ssh_options_set(session, SSH_OPTIONS_PORT_STR, port); ssh_options_set(session, SSH_OPTIONS_SSH1, &ssh1); ssh_options_set(session, SSH_OPTIONS_SSH2, &ssh2); @@ -1363,10 +1350,10 @@ static int ssh_bind_set_key(ssh_bind sshbind, char **key_loc, * with verbosity less than or equal to the * logging verbosity will be shown. * - SSH_LOG_NOLOG: No logging - * - SSH_LOG_RARE: Rare conditions or warnings - * - SSH_LOG_ENTRY: API-accessible entrypoints - * - SSH_LOG_PACKET: Packet id and size - * - SSH_LOG_FUNCTIONS: Function entering and leaving + * - SSH_LOG_WARNING: Only warnings + * - SSH_LOG_PROTOCOL: High level protocol information + * - SSH_LOG_PACKET: Lower level protocol infomations, packet level + * - SSH_LOG_FUNCTIONS: Every function path * * - SSH_BIND_OPTIONS_LOG_VERBOSITY_STR: * Set the session logging verbosity via a @@ -1415,7 +1402,7 @@ int ssh_bind_options_set(ssh_bind sshbind, enum ssh_bind_options_e type, int key_type; ssh_key key; ssh_key *bind_key_loc = NULL; - char **bind_key_path_loc = NULL; + char **bind_key_path_loc; rc = ssh_pki_import_privkey_file(value, NULL, NULL, NULL, &key); if (rc != SSH_OK) { diff --git a/external/libssh-win-static/src/packet.c b/external/libssh-win-static/src/packet.c index 33943ae..d16cd16 100644 --- a/external/libssh-win-static/src/packet.c +++ b/external/libssh-win-static/src/packet.c @@ -192,7 +192,7 @@ int ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user) memcpy(buffer, data, blocksize); processed += blocksize; - len = ssh_packet_decrypt_len(session, buffer); + len = packet_decrypt_len(session, buffer); rc = ssh_buffer_add_data(session->in_buffer, buffer, blocksize); if (rc < 0) { @@ -253,14 +253,14 @@ int ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user) * Decrypt the rest of the packet (blocksize bytes already * have been decrypted) */ - uint32_t buffer_len = ssh_buffer_get_len(session->in_buffer); + uint32_t buffer_len = buffer_get_rest_len(session->in_buffer); /* The following check avoids decrypting zero bytes */ if (buffer_len > blocksize) { - uint8_t *payload = ((uint8_t*)ssh_buffer_get(session->in_buffer) + blocksize); + uint8_t *payload = ((uint8_t*)buffer_get_rest(session->in_buffer) + blocksize); uint32_t plen = buffer_len - blocksize; - rc = ssh_packet_decrypt(session, payload, plen); + rc = packet_decrypt(session, payload, plen); if (rc < 0) { ssh_set_error(session, SSH_FATAL, "Decrypt error"); goto error; @@ -271,7 +271,7 @@ int ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user) packet = ((uint8_t *)data) + processed; memcpy(mac, packet, current_macsize); - rc = ssh_packet_hmac_verify(session, session->in_buffer, mac, session->current_crypto->in_hmac); + rc = packet_hmac_verify(session, session->in_buffer, mac, session->current_crypto->in_hmac); if (rc < 0) { ssh_set_error(session, SSH_FATAL, "HMAC error"); goto error; @@ -280,9 +280,9 @@ int ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user) } /* skip the size field which has been processed before */ - ssh_buffer_pass_bytes(session->in_buffer, sizeof(uint32_t)); + buffer_pass_bytes(session->in_buffer, sizeof(uint32_t)); - rc = ssh_buffer_get_u8(session->in_buffer, &padding); + rc = buffer_get_u8(session->in_buffer, &padding); if (rc == 0) { ssh_set_error(session, SSH_FATAL, @@ -290,28 +290,28 @@ int ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user) goto error; } - if (padding > ssh_buffer_get_len(session->in_buffer)) { + if (padding > buffer_get_rest_len(session->in_buffer)) { ssh_set_error(session, SSH_FATAL, "Invalid padding: %d (%d left)", padding, - ssh_buffer_get_len(session->in_buffer)); + buffer_get_rest_len(session->in_buffer)); goto error; } - ssh_buffer_pass_bytes_end(session->in_buffer, padding); - compsize = ssh_buffer_get_len(session->in_buffer); + buffer_pass_bytes_end(session->in_buffer, padding); + compsize = buffer_get_rest_len(session->in_buffer); #ifdef WITH_ZLIB if (session->current_crypto && session->current_crypto->do_compress_in - && ssh_buffer_get_len(session->in_buffer) > 0) { + && buffer_get_rest_len(session->in_buffer) > 0) { rc = decompress_buffer(session, session->in_buffer,MAX_PACKET_LEN); if (rc < 0) { goto error; } } #endif /* WITH_ZLIB */ - payloadsize = ssh_buffer_get_len(session->in_buffer); + payloadsize = buffer_get_rest_len(session->in_buffer); session->recv_seq++; if (session->raw_counter != NULL) { session->raw_counter->in_bytes += payloadsize; @@ -360,34 +360,11 @@ error: return processed; } -static void ssh_packet_socket_controlflow_callback(int code, void *userdata) -{ - ssh_session session = userdata; - struct ssh_iterator *it; - ssh_channel channel; - - if (code == SSH_SOCKET_FLOW_WRITEWONTBLOCK) { - SSH_LOG(SSH_LOG_TRACE, "sending channel_write_wontblock callback"); - - /* the out pipe is empty so we can forward this to channels */ - it = ssh_list_get_iterator(session->channels); - while (it != NULL) { - channel = ssh_iterator_value(ssh_channel, it); - ssh_callbacks_execute_list(channel->callbacks, - ssh_channel_callbacks, - channel_write_wontblock_function, - session, - channel, - channel->remote_window); - it = it->next; - } - } -} - void ssh_packet_register_socket_callback(ssh_session session, ssh_socket s){ session->socket_callbacks.data=ssh_packet_socket_callback; session->socket_callbacks.connected=NULL; - session->socket_callbacks.controlflow = ssh_packet_socket_controlflow_callback; + session->socket_callbacks.controlflow=NULL; + session->socket_callbacks.exception=NULL; session->socket_callbacks.userdata=session; ssh_socket_set_callbacks(s,&session->socket_callbacks); } @@ -475,7 +452,7 @@ int ssh_packet_send_unimplemented(ssh_session session, uint32_t seqnum){ ssh_set_error_oom(session); return SSH_ERROR; } - rc = ssh_packet_send(session); + rc = packet_send(session); return rc; } @@ -512,7 +489,7 @@ int ssh_packet_parse_type(ssh_session session) { return SSH_ERROR; } - if(ssh_buffer_get_u8(session->in_buffer, &session->in_packet.type) == 0) { + if(buffer_get_u8(session->in_buffer, &session->in_packet.type) == 0) { ssh_set_error(session, SSH_FATAL, "Packet too short to read type"); return SSH_ERROR; } @@ -530,8 +507,8 @@ static int ssh_packet_write(ssh_session session) { int rc = SSH_ERROR; rc=ssh_socket_write(session->socket, - ssh_buffer_get(session->out_buffer), - ssh_buffer_get_len(session->out_buffer)); + buffer_get_rest(session->out_buffer), + buffer_get_rest_len(session->out_buffer)); return rc; } @@ -541,7 +518,7 @@ static int packet_send2(ssh_session session) { session->current_crypto->out_cipher->blocksize : 8); enum ssh_hmac_e hmac_type = (session->current_crypto ? session->current_crypto->out_hmac : session->next_crypto->out_hmac); - uint32_t currentlen = ssh_buffer_get_len(session->out_buffer); + uint32_t currentlen = buffer_get_rest_len(session->out_buffer); unsigned char *hmac = NULL; char padstring[32] = { 0 }; int rc = SSH_ERROR; @@ -554,11 +531,11 @@ static int packet_send2(ssh_session session) { #ifdef WITH_ZLIB if (session->current_crypto && session->current_crypto->do_compress_out - && ssh_buffer_get_len(session->out_buffer)) { + && buffer_get_rest_len(session->out_buffer)) { if (compress_buffer(session,session->out_buffer) < 0) { goto error; } - currentlen = ssh_buffer_get_len(session->out_buffer); + currentlen = buffer_get_rest_len(session->out_buffer); } #endif /* WITH_ZLIB */ compsize = currentlen; @@ -575,7 +552,7 @@ static int packet_send2(ssh_session session) { memcpy(&header[0], &finallen, sizeof(finallen)); header[sizeof(finallen)] = padding; - rc = ssh_buffer_prepend_data(session->out_buffer, &header, sizeof(header)); + rc = buffer_prepend_data(session->out_buffer, &header, sizeof(header)); if (rc < 0) { goto error; } @@ -586,12 +563,12 @@ static int packet_send2(ssh_session session) { #ifdef WITH_PCAP if(session->pcap_ctx){ ssh_pcap_context_write(session->pcap_ctx,SSH_PCAP_DIR_OUT, - ssh_buffer_get(session->out_buffer),ssh_buffer_get_len(session->out_buffer) - ,ssh_buffer_get_len(session->out_buffer)); + buffer_get_rest(session->out_buffer),buffer_get_rest_len(session->out_buffer) + ,buffer_get_rest_len(session->out_buffer)); } #endif - hmac = ssh_packet_encrypt(session, ssh_buffer_get(session->out_buffer), - ssh_buffer_get_len(session->out_buffer)); + hmac = packet_encrypt(session, buffer_get_rest(session->out_buffer), + buffer_get_rest_len(session->out_buffer)); if (hmac) { rc = ssh_buffer_add_data(session->out_buffer, hmac, hmac_digest_len(hmac_type)); if (rc < 0) { @@ -618,10 +595,10 @@ error: } -int ssh_packet_send(ssh_session session) { +int packet_send(ssh_session session) { #ifdef WITH_SSH1 if (session->version == 1) { - return ssh_packet_send1(session); + return packet_send1(session); } #endif return packet_send2(session); diff --git a/external/libssh-win-static/src/packet1.c b/external/libssh-win-static/src/packet1.c index ff33ca1..eac7008 100644 --- a/external/libssh-win-static/src/packet1.c +++ b/external/libssh-win-static/src/packet1.c @@ -160,7 +160,7 @@ int ssh_packet_socket_callback1(const void *data, size_t receivedlen, void *user } processed += to_be_read; #ifdef DEBUG_CRYPTO - ssh_print_hexa("read packet:", ssh_buffer_get(session->in_buffer), + ssh_print_hexa("read packet:", ssh_buffer_get_begin(session->in_buffer), ssh_buffer_get_len(session->in_buffer)); #endif if (session->current_crypto) { @@ -171,8 +171,8 @@ int ssh_packet_socket_callback1(const void *data, size_t receivedlen, void *user buffer_len = ssh_buffer_get_len(session->in_buffer); if (buffer_len > 0) { int rc; - rc = ssh_packet_decrypt(session, - ssh_buffer_get(session->in_buffer), + rc = packet_decrypt(session, + ssh_buffer_get_begin(session->in_buffer), buffer_len); if (rc < 0) { ssh_set_error(session, SSH_FATAL, "Packet decrypt error"); @@ -181,11 +181,11 @@ int ssh_packet_socket_callback1(const void *data, size_t receivedlen, void *user } } #ifdef DEBUG_CRYPTO - ssh_print_hexa("read packet decrypted:", ssh_buffer_get(session->in_buffer), + ssh_print_hexa("read packet decrypted:", ssh_buffer_get_begin(session->in_buffer), ssh_buffer_get_len(session->in_buffer)); #endif SSH_LOG(SSH_LOG_PACKET, "%d bytes padding", padding); - if(((len + padding) != ssh_buffer_get_len(session->in_buffer)) || + if(((len + padding) != buffer_get_rest_len(session->in_buffer)) || ((len + padding) < sizeof(uint32_t))) { SSH_LOG(SSH_LOG_RARE, "no crc32 in packet"); ssh_set_error(session, SSH_FATAL, "no crc32 in packet"); @@ -193,26 +193,26 @@ int ssh_packet_socket_callback1(const void *data, size_t receivedlen, void *user } memcpy(&crc, - (unsigned char *)ssh_buffer_get(session->in_buffer) + (len+padding) - sizeof(uint32_t), + (unsigned char *)buffer_get_rest(session->in_buffer) + (len+padding) - sizeof(uint32_t), sizeof(uint32_t)); - ssh_buffer_pass_bytes_end(session->in_buffer, sizeof(uint32_t)); + buffer_pass_bytes_end(session->in_buffer, sizeof(uint32_t)); crc = ntohl(crc); - if (ssh_crc32(ssh_buffer_get(session->in_buffer), + if (ssh_crc32(buffer_get_rest(session->in_buffer), (len + padding) - sizeof(uint32_t)) != crc) { #ifdef DEBUG_CRYPTO - ssh_print_hexa("crc32 on",ssh_buffer_get(session->in_buffer), + ssh_print_hexa("crc32 on",buffer_get_rest(session->in_buffer), len + padding - sizeof(uint32_t)); #endif SSH_LOG(SSH_LOG_RARE, "Invalid crc32"); ssh_set_error(session, SSH_FATAL, "Invalid crc32: expected %.8x, got %.8x", crc, - ssh_crc32(ssh_buffer_get(session->in_buffer), + ssh_crc32(buffer_get_rest(session->in_buffer), len + padding - sizeof(uint32_t))); goto error; } /* pass the padding */ - ssh_buffer_pass_bytes(session->in_buffer, padding); + buffer_pass_bytes(session->in_buffer, padding); SSH_LOG(SSH_LOG_PACKET, "The packet is valid"); /* TODO FIXME @@ -252,7 +252,7 @@ error: } -int ssh_packet_send1(ssh_session session) { +int packet_send1(ssh_session session) { unsigned int blocksize = (session->current_crypto ? session->current_crypto->out_cipher->blocksize : 8); uint32_t currentlen = ssh_buffer_get_len(session->out_buffer) + sizeof(uint32_t); @@ -270,7 +270,7 @@ int ssh_packet_send1(ssh_session session) { if (compress_buffer(session, session->out_buffer) < 0) { goto error; } - currentlen = ssh_buffer_get_len(session->out_buffer); + currentlen = buffer_get_len(session->out_buffer); } #endif */ @@ -286,35 +286,35 @@ int ssh_packet_send1(ssh_session session) { "%d bytes after comp + %d padding bytes = %d bytes packet", currentlen, padding, ntohl(finallen)); - if (ssh_buffer_prepend_data(session->out_buffer, &padstring, padding) < 0) { + if (buffer_prepend_data(session->out_buffer, &padstring, padding) < 0) { goto error; } - if (ssh_buffer_prepend_data(session->out_buffer, &finallen, sizeof(uint32_t)) < 0) { + if (buffer_prepend_data(session->out_buffer, &finallen, sizeof(uint32_t)) < 0) { goto error; } - crc = ssh_crc32((char *)ssh_buffer_get(session->out_buffer) + sizeof(uint32_t), + crc = ssh_crc32((char *)ssh_buffer_get_begin(session->out_buffer) + sizeof(uint32_t), ssh_buffer_get_len(session->out_buffer) - sizeof(uint32_t)); - if (ssh_buffer_add_u32(session->out_buffer, ntohl(crc)) < 0) { + if (buffer_add_u32(session->out_buffer, ntohl(crc)) < 0) { goto error; } #ifdef DEBUG_CRYPTO - ssh_print_hexa("Clear packet", ssh_buffer_get(session->out_buffer), + ssh_print_hexa("Clear packet", ssh_buffer_get_begin(session->out_buffer), ssh_buffer_get_len(session->out_buffer)); #endif /* session->out_buffer should have more than sizeof(uint32_t) bytes - in it as required for ssh_packet_encrypt */ - ssh_packet_encrypt(session, (unsigned char *)ssh_buffer_get(session->out_buffer) + sizeof(uint32_t), + in it as required for packet_encrypt */ + packet_encrypt(session, (unsigned char *)ssh_buffer_get_begin(session->out_buffer) + sizeof(uint32_t), ssh_buffer_get_len(session->out_buffer) - sizeof(uint32_t)); #ifdef DEBUG_CRYPTO - ssh_print_hexa("encrypted packet",ssh_buffer_get(session->out_buffer), + ssh_print_hexa("encrypted packet",ssh_buffer_get_begin(session->out_buffer), ssh_buffer_get_len(session->out_buffer)); #endif - rc=ssh_socket_write(session->socket, ssh_buffer_get(session->out_buffer), + rc=ssh_socket_write(session->socket, ssh_buffer_get_begin(session->out_buffer), ssh_buffer_get_len(session->out_buffer)); if(rc== SSH_ERROR) { goto error; diff --git a/external/libssh-win-static/src/packet_cb.c b/external/libssh-win-static/src/packet_cb.c index 472e8a7..4fe6402 100644 --- a/external/libssh-win-static/src/packet_cb.c +++ b/external/libssh-win-static/src/packet_cb.c @@ -53,12 +53,12 @@ SSH_PACKET_CALLBACK(ssh_packet_disconnect_callback){ (void)user; (void)type; - rc = ssh_buffer_get_u32(packet, &code); + rc = buffer_get_u32(packet, &code); if (rc != 0) { code = ntohl(code); } - error_s = ssh_buffer_get_ssh_string(packet); + error_s = buffer_get_ssh_string(packet); if (error_s != NULL) { error = ssh_string_to_char(error_s); ssh_string_free(error_s); @@ -154,20 +154,20 @@ SSH_PACKET_CALLBACK(ssh_packet_newkeys){ } else { ssh_key key; /* client */ - rc = ssh_make_sessionid(session); + rc = make_sessionid(session); if (rc != SSH_OK) { goto error; } /* * Set the cryptographic functions for the next crypto - * (it is needed for ssh_generate_session_keys for key lengths) + * (it is needed for generate_session_keys for key lengths) */ if (crypt_set_algorithms(session, SSH_3DES) /* knows nothing about DES*/ ) { goto error; } - if (ssh_generate_session_keys(session) < 0) { + if (generate_session_keys(session) < 0) { goto error; } @@ -237,14 +237,6 @@ SSH_PACKET_CALLBACK(ssh_packet_newkeys){ } memcpy(session->next_crypto->session_id, session->current_crypto->session_id, session->current_crypto->digest_len); - if (session->current_crypto->in_cipher->set_decrypt_key(session->current_crypto->in_cipher, session->current_crypto->decryptkey, - session->current_crypto->decryptIV) < 0) { - goto error; - } - if (session->current_crypto->out_cipher->set_encrypt_key(session->current_crypto->out_cipher, session->current_crypto->encryptkey, - session->current_crypto->encryptIV) < 0) { - goto error; - } } session->dh_handshake_state = DH_STATE_FINISHED; session->ssh_connection_callback(session); diff --git a/external/libssh-win-static/src/packet_crypt.c b/external/libssh-win-static/src/packet_crypt.c index 94fd10e..914727e 100644 --- a/external/libssh-win-static/src/packet_crypt.c +++ b/external/libssh-win-static/src/packet_crypt.c @@ -44,11 +44,11 @@ #include "libssh/crypto.h" #include "libssh/buffer.h" -uint32_t ssh_packet_decrypt_len(ssh_session session, char *crypted){ +uint32_t packet_decrypt_len(ssh_session session, char *crypted){ uint32_t decrypted; if (session->current_crypto) { - if (ssh_packet_decrypt(session, crypted, + if (packet_decrypt(session, crypted, session->current_crypto->in_cipher->blocksize) < 0) { return 0; } @@ -57,7 +57,7 @@ uint32_t ssh_packet_decrypt_len(ssh_session session, char *crypted){ return ntohl(decrypted); } -int ssh_packet_decrypt(ssh_session session, void *data,uint32_t len) { +int packet_decrypt(ssh_session session, void *data,uint32_t len) { struct ssh_cipher_struct *crypto = session->current_crypto->in_cipher; char *out = NULL; @@ -72,6 +72,11 @@ int ssh_packet_decrypt(ssh_session session, void *data,uint32_t len) { return -1; } + if (crypto->set_decrypt_key(crypto, session->current_crypto->decryptkey, + session->current_crypto->decryptIV) < 0) { + SAFE_FREE(out); + return -1; + } crypto->decrypt(crypto,data,out,len); memcpy(data,out,len); @@ -80,7 +85,7 @@ int ssh_packet_decrypt(ssh_session session, void *data,uint32_t len) { return 0; } -unsigned char *ssh_packet_encrypt(ssh_session session, void *data, uint32_t len) { +unsigned char *packet_encrypt(ssh_session session, void *data, uint32_t len) { struct ssh_cipher_struct *crypto = NULL; HMACCTX ctx = NULL; char *out = NULL; @@ -106,6 +111,12 @@ unsigned char *ssh_packet_encrypt(ssh_session session, void *data, uint32_t len) seq = ntohl(session->send_seq); crypto = session->current_crypto->out_cipher; + if (crypto->set_encrypt_key(crypto, session->current_crypto->encryptkey, + session->current_crypto->encryptIV) < 0) { + SAFE_FREE(out); + return NULL; + } + if (session->version == 2) { ctx = hmac_init(session->current_crypto->encryptMAC, hmac_digest_len(type), type); if (ctx == NULL) { @@ -149,7 +160,7 @@ unsigned char *ssh_packet_encrypt(ssh_session session, void *data, uint32_t len) * @return 0 if hmac and mac are equal, < 0 if not or an error * occurred. */ -int ssh_packet_hmac_verify(ssh_session session, ssh_buffer buffer, +int packet_hmac_verify(ssh_session session, ssh_buffer buffer, unsigned char *mac, enum ssh_hmac_e type) { unsigned char hmacbuf[DIGEST_MAX_LEN] = {0}; HMACCTX ctx; @@ -164,7 +175,7 @@ int ssh_packet_hmac_verify(ssh_session session, ssh_buffer buffer, seq = htonl(session->recv_seq); hmac_update(ctx, (unsigned char *) &seq, sizeof(uint32_t)); - hmac_update(ctx, ssh_buffer_get(buffer), ssh_buffer_get_len(buffer)); + hmac_update(ctx, buffer_get_rest(buffer), buffer_get_rest_len(buffer)); hmac_final(ctx, hmacbuf, &len); #ifdef DEBUG_CRYPTO diff --git a/external/libssh-win-static/src/pcap.c b/external/libssh-win-static/src/pcap.c index 043326b..134bdf1 100644 --- a/external/libssh-win-static/src/pcap.c +++ b/external/libssh-win-static/src/pcap.c @@ -144,8 +144,8 @@ static int ssh_pcap_file_write(ssh_pcap_file pcap, ssh_buffer packet){ uint32_t len; if(pcap == NULL || pcap->output==NULL) return SSH_ERROR; - len=ssh_buffer_get_len(packet); - err=fwrite(ssh_buffer_get(packet),len,1,pcap->output); + len=buffer_get_rest_len(packet); + err=fwrite(buffer_get_rest(packet),len,1,pcap->output); if(err<0) return SSH_ERROR; else @@ -163,23 +163,23 @@ int ssh_pcap_file_write_packet(ssh_pcap_file pcap, ssh_buffer packet, uint32_t o if(header == NULL) return SSH_ERROR; gettimeofday(&now,NULL); - err = ssh_buffer_add_u32(header,htonl(now.tv_sec)); + err = buffer_add_u32(header,htonl(now.tv_sec)); if (err < 0) { goto error; } - err = ssh_buffer_add_u32(header,htonl(now.tv_usec)); + err = buffer_add_u32(header,htonl(now.tv_usec)); if (err < 0) { goto error; } - err = ssh_buffer_add_u32(header,htonl(ssh_buffer_get_len(packet))); + err = buffer_add_u32(header,htonl(buffer_get_rest_len(packet))); if (err < 0) { goto error; } - err = ssh_buffer_add_u32(header,htonl(original_len)); + err = buffer_add_u32(header,htonl(original_len)); if (err < 0) { goto error; } - err = ssh_buffer_add_buffer(header,packet); + err = buffer_add_buffer(header,packet); if (err < 0) { goto error; } @@ -207,35 +207,35 @@ int ssh_pcap_file_open(ssh_pcap_file pcap, const char *filename){ header=ssh_buffer_new(); if(header==NULL) return SSH_ERROR; - err = ssh_buffer_add_u32(header,htonl(PCAP_MAGIC)); + err = buffer_add_u32(header,htonl(PCAP_MAGIC)); if (err < 0) { goto error; } - err = ssh_buffer_add_u16(header,htons(PCAP_VERSION_MAJOR)); + err = buffer_add_u16(header,htons(PCAP_VERSION_MAJOR)); if (err < 0) { goto error; } - err = ssh_buffer_add_u16(header,htons(PCAP_VERSION_MINOR)); + err = buffer_add_u16(header,htons(PCAP_VERSION_MINOR)); if (err < 0) { goto error; } /* currently hardcode GMT to 0 */ - err = ssh_buffer_add_u32(header,htonl(0)); + err = buffer_add_u32(header,htonl(0)); if (err < 0) { goto error; } /* accuracy */ - err = ssh_buffer_add_u32(header,htonl(0)); + err = buffer_add_u32(header,htonl(0)); if (err < 0) { goto error; } /* size of the biggest packet */ - err = ssh_buffer_add_u32(header,htonl(MAX_PACKET_LEN)); + err = buffer_add_u32(header,htonl(MAX_PACKET_LEN)); if (err < 0) { goto error; } /* we will write sort-of IP */ - err = ssh_buffer_add_u32(header,htonl(DLT_RAW)); + err = buffer_add_u32(header,htonl(DLT_RAW)); if (err < 0) { goto error; } @@ -371,40 +371,40 @@ int ssh_pcap_context_write(ssh_pcap_context ctx,enum ssh_pcap_direction directio goto error; } if(direction==SSH_PCAP_DIR_OUT){ - rc = ssh_buffer_add_u32(ip,ctx->ipsource); + rc = buffer_add_u32(ip,ctx->ipsource); if (rc < 0) { goto error; } - rc = ssh_buffer_add_u32(ip,ctx->ipdest); + rc = buffer_add_u32(ip,ctx->ipdest); if (rc < 0) { goto error; } } else { - rc = ssh_buffer_add_u32(ip,ctx->ipdest); + rc = buffer_add_u32(ip,ctx->ipdest); if (rc < 0) { goto error; } - rc = ssh_buffer_add_u32(ip,ctx->ipsource); + rc = buffer_add_u32(ip,ctx->ipsource); if (rc < 0) { goto error; } } /* TCP */ if(direction==SSH_PCAP_DIR_OUT){ - rc = ssh_buffer_add_u16(ip,ctx->portsource); + rc = buffer_add_u16(ip,ctx->portsource); if (rc < 0) { goto error; } - rc = ssh_buffer_add_u16(ip,ctx->portdest); + rc = buffer_add_u16(ip,ctx->portdest); if (rc < 0) { goto error; } } else { - rc = ssh_buffer_add_u16(ip,ctx->portdest); + rc = buffer_add_u16(ip,ctx->portdest); if (rc < 0) { goto error; } - rc = ssh_buffer_add_u16(ip,ctx->portsource); + rc = buffer_add_u16(ip,ctx->portsource); if (rc < 0) { goto error; } diff --git a/external/libssh-win-static/src/pki.c b/external/libssh-win-static/src/pki.c index 2d48d25..5b26579 100644 --- a/external/libssh-win-static/src/pki.c +++ b/external/libssh-win-static/src/pki.c @@ -64,6 +64,24 @@ #include "libssh/misc.h" #include "libssh/agent.h" +void _ssh_pki_log(const char *function, const char *format, ...) +{ +#ifdef DEBUG_CRYPTO + char buffer[1024]; + va_list va; + + va_start(va, format); + vsnprintf(buffer, sizeof(buffer), format, va); + va_end(va); + + ssh_log_function(SSH_LOG_DEBUG, function, buffer); +#else + (void) function; + (void) format; +#endif + return; +} + enum ssh_keytypes_e pki_privatekey_type_from_string(const char *privkey) { if (strncmp(privkey, DSA_HEADER_BEGIN, strlen(DSA_HEADER_BEGIN)) == 0) { return SSH_KEYTYPE_DSS; @@ -144,10 +162,6 @@ void ssh_key_clean (ssh_key key){ SAFE_FREE(key->ed25519_privkey); } SAFE_FREE(key->ed25519_pubkey); - if (key->cert != NULL) { - ssh_buffer_free(key->cert); - } - key->cert_type = SSH_KEYTYPE_UNKNOWN; key->flags=SSH_KEY_FLAG_EMPTY; key->type=SSH_KEYTYPE_UNKNOWN; key->ecdsa_nid = 0; @@ -200,10 +214,6 @@ const char *ssh_key_type_to_char(enum ssh_keytypes_e type) { return "ssh-ecdsa"; case SSH_KEYTYPE_ED25519: return "ssh-ed25519"; - case SSH_KEYTYPE_DSS_CERT01: - return "ssh-dss-cert-v01@openssh.com"; - case SSH_KEYTYPE_RSA_CERT01: - return "ssh-rsa-cert-v01@openssh.com"; case SSH_KEYTYPE_UNKNOWN: return NULL; } @@ -244,10 +254,6 @@ enum ssh_keytypes_e ssh_key_type_from_name(const char *name) { return SSH_KEYTYPE_ECDSA; } else if (strcmp(name, "ssh-ed25519") == 0){ return SSH_KEYTYPE_ED25519; - } else if (strcmp(name, "ssh-dss-cert-v01@openssh.com") == 0) { - return SSH_KEYTYPE_DSS_CERT01; - } else if (strcmp(name, "ssh-rsa-cert-v01@openssh.com") == 0) { - return SSH_KEYTYPE_RSA_CERT01; } return SSH_KEYTYPE_UNKNOWN; @@ -303,7 +309,7 @@ int ssh_key_cmp(const ssh_key k1, } if (k1->type != k2->type) { - SSH_LOG(SSH_LOG_WARN, "key types don't match!"); + ssh_pki_log("key types don't match!"); return 1; } @@ -364,8 +370,6 @@ void ssh_signature_free(ssh_signature sig) case SSH_KEYTYPE_ED25519: SAFE_FREE(sig->ed25519_sig); break; - case SSH_KEYTYPE_DSS_CERT01: - case SSH_KEYTYPE_RSA_CERT01: case SSH_KEYTYPE_UNKNOWN: break; } @@ -408,9 +412,8 @@ int ssh_pki_import_privkey_base64(const char *b64_key, return SSH_ERROR; } - SSH_LOG(SSH_LOG_INFO, - "Trying to decode privkey passphrase=%s", - passphrase ? "true" : "false"); + ssh_pki_log("Trying to decode privkey passphrase=%s", + passphrase ? "true" : "false"); /* Test for OpenSSH key format first */ cmp = strncmp(b64_key, OPENSSH_HEADER_BEGIN, strlen(OPENSSH_HEADER_BEGIN)); @@ -472,20 +475,16 @@ int ssh_pki_import_privkey_file(const char *filename, file = fopen(filename, "rb"); if (file == NULL) { - SSH_LOG(SSH_LOG_WARN, - "Error opening %s: %s", - filename, - strerror(errno)); + ssh_pki_log("Error opening %s: %s", + filename, strerror(errno)); return SSH_EOF; } rc = fstat(fileno(file), &sb); if (rc < 0) { fclose(file); - SSH_LOG(SSH_LOG_WARN, - "Error getting stat of %s: %s", - filename, - strerror(errno)); + ssh_pki_log("Error getting stat of %s: %s", + filename, strerror(errno)); switch (errno) { case ENOENT: case EACCES: @@ -496,8 +495,7 @@ int ssh_pki_import_privkey_file(const char *filename, } if (sb.st_size > MAX_PRIVKEY_SIZE) { - SSH_LOG(SSH_LOG_WARN, - "Private key is bigger than 4M."); + ssh_pki_log("Private key is bigger than 4M."); fclose(file); return SSH_ERROR; } @@ -505,7 +503,7 @@ int ssh_pki_import_privkey_file(const char *filename, key_buf = malloc(sb.st_size + 1); if (key_buf == NULL) { fclose(file); - SSH_LOG(SSH_LOG_WARN, "Out of memory!"); + ssh_pki_log("Out of memory!"); return SSH_ERROR; } @@ -514,10 +512,8 @@ int ssh_pki_import_privkey_file(const char *filename, if (size != sb.st_size) { SAFE_FREE(key_buf); - SSH_LOG(SSH_LOG_WARN, - "Error reading %s: %s", - filename, - strerror(errno)); + ssh_pki_log("Error reading %s: %s", + filename, strerror(errno)); return SSH_ERROR; } key_buf[size] = 0; @@ -671,18 +667,18 @@ static int pki_import_pubkey_buffer(ssh_buffer buffer, ssh_string g; ssh_string pubkey; - p = ssh_buffer_get_ssh_string(buffer); + p = buffer_get_ssh_string(buffer); if (p == NULL) { goto fail; } - q = ssh_buffer_get_ssh_string(buffer); + q = buffer_get_ssh_string(buffer); if (q == NULL) { ssh_string_burn(p); ssh_string_free(p); goto fail; } - g = ssh_buffer_get_ssh_string(buffer); + g = buffer_get_ssh_string(buffer); if (g == NULL) { ssh_string_burn(p); ssh_string_free(p); @@ -691,7 +687,7 @@ static int pki_import_pubkey_buffer(ssh_buffer buffer, goto fail; } - pubkey = ssh_buffer_get_ssh_string(buffer); + pubkey = buffer_get_ssh_string(buffer); if (pubkey == NULL) { ssh_string_burn(p); ssh_string_free(p); @@ -728,11 +724,11 @@ static int pki_import_pubkey_buffer(ssh_buffer buffer, ssh_string e; ssh_string n; - e = ssh_buffer_get_ssh_string(buffer); + e = buffer_get_ssh_string(buffer); if (e == NULL) { goto fail; } - n = ssh_buffer_get_ssh_string(buffer); + n = buffer_get_ssh_string(buffer); if (n == NULL) { ssh_string_burn(e); ssh_string_free(e); @@ -761,7 +757,7 @@ static int pki_import_pubkey_buffer(ssh_buffer buffer, ssh_string i; int nid; - i = ssh_buffer_get_ssh_string(buffer); + i = buffer_get_ssh_string(buffer); if (i == NULL) { goto fail; } @@ -772,7 +768,7 @@ static int pki_import_pubkey_buffer(ssh_buffer buffer, } - e = ssh_buffer_get_ssh_string(buffer); + e = buffer_get_ssh_string(buffer); if (e == NULL) { goto fail; } @@ -791,9 +787,9 @@ static int pki_import_pubkey_buffer(ssh_buffer buffer, #endif case SSH_KEYTYPE_ED25519: { - ssh_string pubkey = ssh_buffer_get_ssh_string(buffer); + ssh_string pubkey = buffer_get_ssh_string(buffer); if (ssh_string_len(pubkey) != ED25519_PK_LEN) { - SSH_LOG(SSH_LOG_WARN, "Invalid public key length"); + ssh_pki_log("Invalid public key length"); ssh_string_burn(pubkey); ssh_string_free(pubkey); goto fail; @@ -811,11 +807,9 @@ static int pki_import_pubkey_buffer(ssh_buffer buffer, ssh_string_free(pubkey); } break; - case SSH_KEYTYPE_DSS_CERT01: - case SSH_KEYTYPE_RSA_CERT01: case SSH_KEYTYPE_UNKNOWN: default: - SSH_LOG(SSH_LOG_WARN, "Unknown public key protocol %d", type); + ssh_pki_log("Unknown public key protocol %d", type); goto fail; } @@ -827,58 +821,6 @@ fail: return SSH_ERROR; } -static int pki_import_cert_buffer(ssh_buffer buffer, - enum ssh_keytypes_e type, - ssh_key *pkey) { - ssh_buffer cert; - ssh_string type_s; - ssh_key key; - int rc; - - key = ssh_key_new(); - if (key == NULL) { - return SSH_ERROR; - } - cert = ssh_buffer_new(); - if (cert == NULL) { - ssh_key_free(key); - return SSH_ERROR; - } - - key->type = type; - key->type_c = ssh_key_type_to_char(type); - key->flags = SSH_KEY_FLAG_PUBLIC; - - /* - * The cert blob starts with the key type as an ssh_string, but this - * string has been read out of the buffer to identify the key type. - * Simply add it again as first element before copying the rest. - */ - type_s = ssh_string_from_char(key->type_c); - if (type_s == NULL) { - goto fail; - } - rc = ssh_buffer_add_ssh_string(cert, type_s); - ssh_string_free(type_s); - if (rc != 0) { - goto fail; - } - - rc = ssh_buffer_add_buffer(cert, buffer); - if (rc != 0) { - goto fail; - } - key->cert = (void*) cert; - - *pkey = key; - return SSH_OK; - -fail: - ssh_key_free(key); - ssh_buffer_free(cert); - return SSH_ERROR; -} - /** * @brief Import a base64 formated public key from a memory c-string. * @@ -909,19 +851,14 @@ int ssh_pki_import_pubkey_base64(const char *b64_key, return SSH_ERROR; } - type_s = ssh_buffer_get_ssh_string(buffer); + type_s = buffer_get_ssh_string(buffer); if (type_s == NULL) { ssh_buffer_free(buffer); return SSH_ERROR; } ssh_string_free(type_s); - if (type == SSH_KEYTYPE_RSA_CERT01 || - type == SSH_KEYTYPE_DSS_CERT01) { - rc = pki_import_cert_buffer(buffer, type, pkey); - } else { - rc = pki_import_pubkey_buffer(buffer, type, pkey); - } + rc = pki_import_pubkey_buffer(buffer, type, pkey); ssh_buffer_free(buffer); return rc; @@ -955,36 +892,31 @@ int ssh_pki_import_pubkey_blob(const ssh_string key_blob, buffer = ssh_buffer_new(); if (buffer == NULL) { - SSH_LOG(SSH_LOG_WARN, "Out of memory!"); + ssh_pki_log("Out of memory!"); return SSH_ERROR; } rc = ssh_buffer_add_data(buffer, ssh_string_data(key_blob), ssh_string_len(key_blob)); if (rc < 0) { - SSH_LOG(SSH_LOG_WARN, "Out of memory!"); + ssh_pki_log("Out of memory!"); goto fail; } - type_s = ssh_buffer_get_ssh_string(buffer); + type_s = buffer_get_ssh_string(buffer); if (type_s == NULL) { - SSH_LOG(SSH_LOG_WARN, "Out of memory!"); + ssh_pki_log("Out of memory!"); goto fail; } type = ssh_key_type_from_name(ssh_string_get_char(type_s)); if (type == SSH_KEYTYPE_UNKNOWN) { - SSH_LOG(SSH_LOG_WARN, "Unknown key type found!"); + ssh_pki_log("Unknown key type found!"); goto fail; } ssh_string_free(type_s); - if (type == SSH_KEYTYPE_RSA_CERT01 || - type == SSH_KEYTYPE_DSS_CERT01) { - rc = pki_import_cert_buffer(buffer, type, pkey); - } else { - rc = pki_import_pubkey_buffer(buffer, type, pkey); - } + rc = pki_import_pubkey_buffer(buffer, type, pkey); ssh_buffer_free(buffer); @@ -1025,7 +957,7 @@ int ssh_pki_import_pubkey_file(const char *filename, ssh_key *pkey) file = fopen(filename, "r"); if (file == NULL) { - SSH_LOG(SSH_LOG_WARN, "Error opening %s: %s", + ssh_pki_log("Error opening %s: %s", filename, strerror(errno)); return SSH_EOF; } @@ -1033,7 +965,7 @@ int ssh_pki_import_pubkey_file(const char *filename, ssh_key *pkey) rc = fstat(fileno(file), &sb); if (rc < 0) { fclose(file); - SSH_LOG(SSH_LOG_WARN, "Error gettint stat of %s: %s", + ssh_pki_log("Error gettint stat of %s: %s", filename, strerror(errno)); switch (errno) { case ENOENT: @@ -1051,7 +983,7 @@ int ssh_pki_import_pubkey_file(const char *filename, ssh_key *pkey) key_buf = malloc(sb.st_size + 1); if (key_buf == NULL) { fclose(file); - SSH_LOG(SSH_LOG_WARN, "Out of memory!"); + ssh_pki_log("Out of memory!"); return SSH_ERROR; } @@ -1060,7 +992,7 @@ int ssh_pki_import_pubkey_file(const char *filename, ssh_key *pkey) if (size != sb.st_size) { SAFE_FREE(key_buf); - SSH_LOG(SSH_LOG_WARN, "Error reading %s: %s", + ssh_pki_log("Error reading %s: %s", filename, strerror(errno)); return SSH_ERROR; } @@ -1085,64 +1017,6 @@ int ssh_pki_import_pubkey_file(const char *filename, ssh_key *pkey) return rc; } -/** - * @brief Import a base64 formated certificate from a memory c-string. - * - * @param[in] b64_cert The base64 cert to format. - * - * @param[in] type The type of the cert to format. - * - * @param[out] pkey A pointer where the allocated key can be stored. You - * need to free the memory. - * - * @return SSH_OK on success, SSH_ERROR on error. - * - * @see ssh_key_free() - */ -int ssh_pki_import_cert_base64(const char *b64_cert, - enum ssh_keytypes_e type, - ssh_key *pkey) { - return ssh_pki_import_pubkey_base64(b64_cert, type, pkey); -} - -/** - * @internal - * - * @brief Import a certificate from a ssh string. - * - * @param[in] cert_blob The cert blob to import as specified in RFC 4253 section - * 6.6 "Public Key Algorithms". - * - * @param[out] pkey A pointer where the allocated key can be stored. You - * need to free the memory. - * - * @return SSH_OK on success, SSH_ERROR on error. - * - * @see ssh_key_free() - */ -int ssh_pki_import_cert_blob(const ssh_string cert_blob, - ssh_key *pkey) { - return ssh_pki_import_pubkey_blob(cert_blob, pkey); -} - -/** - * @brief Import a certificate from the given filename. - * - * @param[in] filename The path to the certificate. - * - * @param[out] pkey A pointer to store the allocated certificate. You need to - * free the memory. - * - * @returns SSH_OK on success, SSH_EOF if the file doesn't exist or permission - * denied, SSH_ERROR otherwise. - * - * @see ssh_key_free() - */ -int ssh_pki_import_cert_file(const char *filename, ssh_key *pkey) -{ - return ssh_pki_import_pubkey_file(filename, pkey); -} - /** * @brief Generates a keypair. * @@ -1201,8 +1075,6 @@ int ssh_pki_generate(enum ssh_keytypes_e type, int parameter, goto error; } break; - case SSH_KEYTYPE_DSS_CERT01: - case SSH_KEYTYPE_RSA_CERT01: case SSH_KEYTYPE_UNKNOWN: goto error; } @@ -1251,8 +1123,6 @@ int ssh_pki_export_privkey_to_pubkey(const ssh_key privkey, * * The "key_blob" is encoded as per RFC 4253 section 6.6 "Public Key * Algorithms" for any of the supported protocol 2 key types. - * Encoding of EC keys is described in RFC 5656 section 3.1 "Key - * Format". * * @param[in] key A public or private key to create the public ssh_string * from. @@ -1378,47 +1248,6 @@ int ssh_pki_export_pubkey_file(const ssh_key key, return SSH_OK; } -/** - * @brief Copy the certificate part of a public key into a private key. - * - * @param[in] certkey The certificate key. - * - * @param[in] privkey The target private key to copy the certificate to. - * - * @returns SSH_OK on success, SSH_ERROR otherwise. - **/ -int ssh_pki_copy_cert_to_privkey(const ssh_key certkey, ssh_key privkey) { - ssh_buffer cert_buffer; - int rc; - - if (certkey == NULL || privkey == NULL) { - return SSH_ERROR; - } - - if (privkey->cert != NULL) { - return SSH_ERROR; - } - - if (certkey->cert == NULL) { - return SSH_ERROR; - } - - cert_buffer = ssh_buffer_new(); - if (cert_buffer == NULL) { - return SSH_ERROR; - } - - rc = ssh_buffer_add_buffer(cert_buffer, certkey->cert); - if (rc != 0) { - ssh_buffer_free(cert_buffer); - return SSH_ERROR; - } - - privkey->cert = cert_buffer; - privkey->cert_type = certkey->type; - return SSH_OK; -} - int ssh_pki_export_pubkey_rsa1(const ssh_key key, const char *host, char *rsa1, @@ -1449,7 +1278,7 @@ int ssh_pki_export_signature_blob(const ssh_signature sig, return SSH_ERROR; } - rc = ssh_buffer_add_ssh_string(buf, str); + rc = buffer_add_ssh_string(buf, str); ssh_string_free(str); if (rc < 0) { ssh_buffer_free(buf); @@ -1462,20 +1291,20 @@ int ssh_pki_export_signature_blob(const ssh_signature sig, return SSH_ERROR; } - rc = ssh_buffer_add_ssh_string(buf, str); + rc = buffer_add_ssh_string(buf, str); ssh_string_free(str); if (rc < 0) { ssh_buffer_free(buf); return SSH_ERROR; } - str = ssh_string_new(ssh_buffer_get_len(buf)); + str = ssh_string_new(buffer_get_rest_len(buf)); if (str == NULL) { ssh_buffer_free(buf); return SSH_ERROR; } - ssh_string_fill(str, ssh_buffer_get(buf), ssh_buffer_get_len(buf)); + ssh_string_fill(str, buffer_get_rest(buf), buffer_get_rest_len(buf)); ssh_buffer_free(buf); *sig_blob = str; @@ -1510,7 +1339,7 @@ int ssh_pki_import_signature_blob(const ssh_string sig_blob, return SSH_ERROR; } - str = ssh_buffer_get_ssh_string(buf); + str = buffer_get_ssh_string(buf); if (str == NULL) { ssh_buffer_free(buf); return SSH_ERROR; @@ -1519,7 +1348,7 @@ int ssh_pki_import_signature_blob(const ssh_string sig_blob, type = ssh_key_type_from_name(ssh_string_get_char(str)); ssh_string_free(str); - str = ssh_buffer_get_ssh_string(buf); + str = buffer_get_ssh_string(buf); ssh_buffer_free(buf); if (str == NULL) { return SSH_ERROR; @@ -1579,11 +1408,7 @@ int ssh_pki_signature_verify_blob(ssh_session session, sha1(digest, dlen, hash); #ifdef DEBUG_CRYPTO - ssh_print_hexa(key->type == SSH_KEYTYPE_DSS - ? "Hash to be verified with DSA" - : "Hash to be verified with RSA", - hash, - SHA_DIGEST_LEN); + ssh_print_hexa("Hash to be verified with dsa", hash, SHA_DIGEST_LEN); #endif rc = pki_signature_verify(session, @@ -1635,7 +1460,7 @@ ssh_string ssh_pki_do_sign(ssh_session session, } evp_update(ctx, session_id, ssh_string_len(session_id) + 4); - evp_update(ctx, ssh_buffer_get(sigbuf), ssh_buffer_get_len(sigbuf)); + evp_update(ctx, buffer_get_rest(sigbuf), buffer_get_rest_len(sigbuf)); evp_final(ctx, ehash, &elen); #ifdef DEBUG_CRYPTO @@ -1657,7 +1482,7 @@ ssh_string ssh_pki_do_sign(ssh_session session, rc = ssh_buffer_pack(buf, "SP", session_id, - ssh_buffer_get_len(sigbuf), ssh_buffer_get(sigbuf)); + buffer_get_rest_len(sigbuf), buffer_get_rest(sigbuf)); if (rc != SSH_OK) { ssh_string_free(session_id); ssh_buffer_free(buf); @@ -1665,7 +1490,7 @@ ssh_string ssh_pki_do_sign(ssh_session session, } sig = pki_do_sign(privkey, - ssh_buffer_get(buf), + ssh_buffer_get_begin(buf), ssh_buffer_get_len(buf)); ssh_buffer_free(buf); } else { @@ -1679,7 +1504,7 @@ ssh_string ssh_pki_do_sign(ssh_session session, } sha1_update(ctx, session_id, ssh_string_len(session_id) + 4); - sha1_update(ctx, ssh_buffer_get(sigbuf), ssh_buffer_get_len(sigbuf)); + sha1_update(ctx, buffer_get_rest(sigbuf), buffer_get_rest_len(sigbuf)); sha1_final(hash, ctx); #ifdef DEBUG_CRYPTO @@ -1731,7 +1556,7 @@ ssh_string ssh_pki_do_sign_agent(ssh_session session, return NULL; } - rc = ssh_buffer_add_ssh_string(sig_buf, session_id); + rc = buffer_add_ssh_string(sig_buf, session_id); if (rc < 0) { ssh_string_free(session_id); ssh_buffer_free(sig_buf); @@ -1740,7 +1565,7 @@ ssh_string ssh_pki_do_sign_agent(ssh_session session, ssh_string_free(session_id); /* append out buffer */ - if (ssh_buffer_add_buffer(sig_buf, buf) < 0) { + if (buffer_add_buffer(sig_buf, buf) < 0) { ssh_buffer_free(sig_buf); return NULL; } diff --git a/external/libssh-win-static/src/pki_container_openssh.c b/external/libssh-win-static/src/pki_container_openssh.c index 74a068c..bfc6f8d 100644 --- a/external/libssh-win-static/src/pki_container_openssh.c +++ b/external/libssh-win-static/src/pki_container_openssh.c @@ -69,20 +69,20 @@ static int pki_openssh_import_privkey_blob(ssh_buffer key_blob_buffer, rc = ssh_buffer_unpack(key_blob_buffer, "s", &type_s); if (rc == SSH_ERROR){ - SSH_LOG(SSH_LOG_WARN, "Unpack error"); + ssh_pki_log("Unpack error"); return SSH_ERROR; } type = ssh_key_type_from_name(type_s); if (type == SSH_KEYTYPE_UNKNOWN) { - SSH_LOG(SSH_LOG_WARN, "Unknown key type found!"); + ssh_pki_log("Unknown key type found!"); return SSH_ERROR; } SAFE_FREE(type_s); key = ssh_key_new(); if (key == NULL) { - SSH_LOG(SSH_LOG_WARN, "Out of memory"); + ssh_pki_log("Out of memory"); return SSH_ERROR; } @@ -94,12 +94,12 @@ static int pki_openssh_import_privkey_blob(ssh_buffer key_blob_buffer, case SSH_KEYTYPE_ED25519: rc = ssh_buffer_unpack(key_blob_buffer, "SS", &pubkey, &privkey); if (rc != SSH_OK){ - SSH_LOG(SSH_LOG_WARN, "Unpack error"); + ssh_pki_log("Unpack error"); goto fail; } if(ssh_string_len(pubkey) != ED25519_PK_LEN || ssh_string_len(privkey) != ED25519_SK_LEN){ - SSH_LOG(SSH_LOG_WARN, "Invalid ed25519 key len"); + ssh_pki_log("Invalid ed25519 key len"); goto fail; } key->ed25519_privkey = malloc(ED25519_SK_LEN); @@ -113,19 +113,17 @@ static int pki_openssh_import_privkey_blob(ssh_buffer key_blob_buffer, SAFE_FREE(privkey); SAFE_FREE(pubkey); break; - case SSH_KEYTYPE_DSS_CERT01: case SSH_KEYTYPE_DSS: /* p,q,g,pub_key,priv_key */ - case SSH_KEYTYPE_RSA_CERT01: case SSH_KEYTYPE_RSA: /* n,e,d,iqmp,p,q */ case SSH_KEYTYPE_RSA1: case SSH_KEYTYPE_ECDSA: /* curve_name, group, privkey */ - SSH_LOG(SSH_LOG_WARN, "Unsupported private key method %s", key->type_c); + ssh_pki_log("Unsupported private key method %s", key->type_c); goto fail; case SSH_KEYTYPE_UNKNOWN: - SSH_LOG(SSH_LOG_WARN, "Unknown private key protocol %s", key->type_c); + ssh_pki_log("Unknown private key protocol %s", key->type_c); goto fail; } @@ -160,7 +158,7 @@ static int pki_private_key_decrypt(ssh_string blob, char passphrase_buffer[128]; size_t key_material_len; ssh_buffer buffer; - ssh_string salt = NULL; + ssh_string salt; uint32_t rounds; int cmp; int rc; @@ -215,21 +213,18 @@ static int pki_private_key_decrypt(ssh_string blob, /* We need material for key (keysize bits / 8) and IV (blocksize) */ key_material_len = cipher.keysize/8 + cipher.blocksize; if (key_material_len > sizeof(key_material)) { - SSH_LOG(SSH_LOG_WARN, "Key material too big"); + ssh_pki_log("Key material too big"); return SSH_ERROR; } - SSH_LOG(SSH_LOG_DEBUG, - "Decryption: %d key, %d IV, %d rounds, %zu bytes salt", - cipher.keysize/8, - cipher.blocksize, - rounds, - ssh_string_len(salt)); + ssh_pki_log("Decryption: %d key, %d IV, %d rounds, %zu bytes salt", + cipher.keysize/8, + cipher.blocksize, rounds, ssh_string_len(salt)); if (passphrase == NULL) { if (auth_fn == NULL) { SAFE_FREE(salt); - SSH_LOG(SSH_LOG_WARN, "No passphrase provided"); + ssh_pki_log("No passphrase provided"); return SSH_ERROR; } rc = auth_fn("Passphrase", @@ -287,7 +282,7 @@ ssh_key ssh_pki_openssh_privkey_import(const char *text_key, int i; ssh_buffer buffer = NULL, privkey_buffer=NULL; char *magic = NULL, *ciphername = NULL, *kdfname = NULL; - uint32_t nkeys = 0, checkint1 = 0, checkint2 = 0xFFFF; + uint32_t nkeys = 0, checkint1, checkint2; ssh_string kdfoptions = NULL; ssh_string pubkey0 = NULL; ssh_string privkeys = NULL; @@ -344,11 +339,7 @@ ssh_key ssh_pki_openssh_privkey_import(const char *text_key, SSH_LOG(SSH_LOG_WARN, "Not an OpenSSH private key (bad magic)"); goto error; } - SSH_LOG(SSH_LOG_INFO, - "Opening OpenSSH private key: ciphername: %s, kdf: %s, nkeys: %d\n", - ciphername, - kdfname, - nkeys); + ssh_pki_log("Opening OpenSSH private key: ciphername: %s, kdf: %s, nkeys: %d\n", ciphername, kdfname, nkeys); if (nkeys != 1){ SSH_LOG(SSH_LOG_WARN, "Opening OpenSSH private key: only 1 key supported (%d available)", nkeys); goto error; @@ -384,15 +375,15 @@ ssh_key ssh_pki_openssh_privkey_import(const char *text_key, if (rc == SSH_ERROR){ goto error; } - comment = ssh_buffer_get_ssh_string(privkey_buffer); + comment = buffer_get_ssh_string(privkey_buffer); SAFE_FREE(comment); /* verify that the remaining data is correct padding */ - for (i=1; ssh_buffer_get_len(privkey_buffer) > 0; ++i){ - ssh_buffer_get_u8(privkey_buffer, &padding); + for (i=1; buffer_get_rest_len(privkey_buffer) > 0; ++i){ + buffer_get_u8(privkey_buffer, &padding); if (padding != i){ ssh_key_free(key); key = NULL; - SSH_LOG(SSH_LOG_WARN, "Invalid padding"); + ssh_pki_log("Invalid padding"); goto error; } } @@ -428,7 +419,7 @@ static int pki_openssh_export_privkey_blob(const ssh_key privkey, int rc; if (privkey->type != SSH_KEYTYPE_ED25519) { - SSH_LOG(SSH_LOG_WARN, "Type %s not supported", privkey->type_c); + ssh_pki_log("Type %s not supported", privkey->type_c); return SSH_ERROR; } if (privkey->ed25519_privkey == NULL || @@ -493,7 +484,7 @@ static int pki_private_key_encrypt(ssh_buffer privkey_buffer, return SSH_ERROR; } while (ssh_buffer_get_len(privkey_buffer) % cipher.blocksize != 0) { - rc = ssh_buffer_add_u8(privkey_buffer, padding); + rc = buffer_add_u8(privkey_buffer, padding); if (rc < 0) { return SSH_ERROR; } @@ -503,17 +494,17 @@ static int pki_private_key_encrypt(ssh_buffer privkey_buffer, /* We need material for key (keysize bits / 8) and IV (blocksize) */ key_material_len = cipher.keysize/8 + cipher.blocksize; if (key_material_len > sizeof(key_material)){ - SSH_LOG(SSH_LOG_WARN, "Key material too big"); + ssh_pki_log("Key material too big"); return SSH_ERROR; } - SSH_LOG(SSH_LOG_WARN, "Encryption: %d key, %d IV, %d rounds, %zu bytes salt", + ssh_pki_log("Encryption: %d key, %d IV, %d rounds, %zu bytes salt", cipher.keysize/8, cipher.blocksize, rounds, ssh_string_len(salt)); if (passphrase == NULL){ if (auth_fn == NULL){ - SSH_LOG(SSH_LOG_WARN, "No passphrase provided"); + ssh_pki_log("No passphrase provided"); return SSH_ERROR; } rc = auth_fn("Passphrase", @@ -543,8 +534,8 @@ static int pki_private_key_encrypt(ssh_buffer privkey_buffer, key_material, key_material + cipher.keysize/8); cipher.encrypt(&cipher, - ssh_buffer_get(privkey_buffer), - ssh_buffer_get(privkey_buffer), + ssh_buffer_get_begin(privkey_buffer), + ssh_buffer_get_begin(privkey_buffer), ssh_buffer_get_len(privkey_buffer)); ssh_cipher_clear(&cipher); BURN_BUFFER(passphrase_buffer, sizeof(passphrase_buffer)); @@ -582,11 +573,11 @@ ssh_string ssh_pki_openssh_privkey_export(const ssh_key privkey, return NULL; } if (privkey->type != SSH_KEYTYPE_ED25519){ - SSH_LOG(SSH_LOG_WARN, "Unsupported key type %s", privkey->type_c); + ssh_pki_log("Unsupported key type %s", privkey->type_c); return NULL; } if (passphrase != NULL || auth_fn != NULL){ - SSH_LOG(SSH_LOG_INFO, "Enabling encryption for private key export"); + ssh_pki_log("Enabling encryption for private key export"); to_encrypt = 1; } buffer = ssh_buffer_new(); @@ -642,7 +633,7 @@ ssh_string ssh_pki_openssh_privkey_export(const ssh_key privkey, goto error; } memcpy(ssh_string_data(kdf_options), - ssh_buffer_get(kdf_buf), + ssh_buffer_get_begin(kdf_buf), ssh_buffer_get_len(kdf_buf)); ssh_buffer_free(kdf_buf); rc = pki_private_key_encrypt(privkey_buffer, @@ -670,12 +661,12 @@ ssh_string ssh_pki_openssh_privkey_export(const ssh_key privkey, pubkey_s, (uint32_t)ssh_buffer_get_len(privkey_buffer), /* rest of buffer is a string */ - (size_t)ssh_buffer_get_len(privkey_buffer), ssh_buffer_get(privkey_buffer)); + (size_t)ssh_buffer_get_len(privkey_buffer), ssh_buffer_get_begin(privkey_buffer)); if (rc != SSH_OK) { goto error; } - b64 = bin_to_base64(ssh_buffer_get(buffer), + b64 = bin_to_base64(ssh_buffer_get_begin(buffer), ssh_buffer_get_len(buffer)); if (b64 == NULL){ goto error; @@ -704,7 +695,7 @@ ssh_string ssh_pki_openssh_privkey_export(const ssh_key privkey, } str_len = ssh_buffer_get_len(buffer); - len = ssh_buffer_get_data(buffer, ssh_string_data(str), str_len); + len = buffer_get_data(buffer, ssh_string_data(str), str_len); if (str_len != len) { ssh_string_free(str); str = NULL; @@ -712,7 +703,7 @@ ssh_string ssh_pki_openssh_privkey_export(const ssh_key privkey, error: if (privkey_buffer != NULL) { - void *bufptr = ssh_buffer_get(privkey_buffer); + void *bufptr = ssh_buffer_get_begin(privkey_buffer); BURN_BUFFER(bufptr, ssh_buffer_get_len(privkey_buffer)); ssh_buffer_free(privkey_buffer); } diff --git a/external/libssh-win-static/src/pki_crypto.c b/external/libssh-win-static/src/pki_crypto.c index dabf54b..b53bba2 100644 --- a/external/libssh-win-static/src/pki_crypto.c +++ b/external/libssh-win-static/src/pki_crypto.c @@ -649,13 +649,11 @@ ssh_string pki_private_key_to_pem(const ssh_key key, #endif case SSH_KEYTYPE_ED25519: BIO_free(mem); - SSH_LOG(SSH_LOG_WARN, "PEM output not supported for key type ssh-ed25519"); + ssh_pki_log("PEM output not supported for key type ssh-ed25519"); return NULL; - case SSH_KEYTYPE_DSS_CERT01: - case SSH_KEYTYPE_RSA_CERT01: case SSH_KEYTYPE_UNKNOWN: BIO_free(mem); - SSH_LOG(SSH_LOG_WARN, "Unkown or invalid private key type %d", key->type); + ssh_pki_log("Unkown or invalid private key type %d", key->type); return NULL; } @@ -698,7 +696,7 @@ ssh_key pki_private_key_from_base64(const char *b64_key, type = pki_privatekey_type_from_string(b64_key); if (type == SSH_KEYTYPE_UNKNOWN) { - SSH_LOG(SSH_LOG_WARN, "Unknown or invalid private key."); + ssh_pki_log("Unknown or invalid private key."); return NULL; } @@ -722,9 +720,8 @@ ssh_key pki_private_key_from_base64(const char *b64_key, BIO_free(mem); if (dsa == NULL) { - SSH_LOG(SSH_LOG_WARN, - "Parsing private key: %s", - ERR_error_string(ERR_get_error(), NULL)); + ssh_pki_log("Parsing private key: %s", + ERR_error_string(ERR_get_error(), NULL)); return NULL; } @@ -747,9 +744,8 @@ ssh_key pki_private_key_from_base64(const char *b64_key, BIO_free(mem); if (rsa == NULL) { - SSH_LOG(SSH_LOG_WARN, - "Parsing private key: %s", - ERR_error_string(ERR_get_error(),NULL)); + ssh_pki_log("Parsing private key: %s", + ERR_error_string(ERR_get_error(),NULL)); return NULL; } @@ -772,9 +768,8 @@ ssh_key pki_private_key_from_base64(const char *b64_key, BIO_free(mem); if (ecdsa == NULL) { - SSH_LOG(SSH_LOG_WARN, - "Parsing private key: %s", - ERR_error_string(ERR_get_error(), NULL)); + ssh_pki_log("Parsing private key: %s", + ERR_error_string(ERR_get_error(), NULL)); return NULL; } @@ -782,11 +777,9 @@ ssh_key pki_private_key_from_base64(const char *b64_key, #endif case SSH_KEYTYPE_ED25519: /* Cannot open ed25519 keys with libcrypto */ - case SSH_KEYTYPE_DSS_CERT01: - case SSH_KEYTYPE_RSA_CERT01: case SSH_KEYTYPE_UNKNOWN: BIO_free(mem); - SSH_LOG(SSH_LOG_WARN, "Unkown or invalid private key type %d", type); + ssh_pki_log("Unkown or invalid private key type %d", type); return NULL; } @@ -831,10 +824,10 @@ int pki_pubkey_build_dss(ssh_key key, return SSH_ERROR; } - key->dsa->p = ssh_make_string_bn(p); - key->dsa->q = ssh_make_string_bn(q); - key->dsa->g = ssh_make_string_bn(g); - key->dsa->pub_key = ssh_make_string_bn(pubkey); + key->dsa->p = make_string_bn(p); + key->dsa->q = make_string_bn(q); + key->dsa->g = make_string_bn(g); + key->dsa->pub_key = make_string_bn(pubkey); if (key->dsa->p == NULL || key->dsa->q == NULL || key->dsa->g == NULL || @@ -854,8 +847,8 @@ int pki_pubkey_build_rsa(ssh_key key, return SSH_ERROR; } - key->rsa->e = ssh_make_string_bn(e); - key->rsa->n = ssh_make_string_bn(n); + key->rsa->e = make_string_bn(e); + key->rsa->n = make_string_bn(n); if (key->rsa->e == NULL || key->rsa->n == NULL) { RSA_free(key->rsa); @@ -882,22 +875,13 @@ ssh_string pki_publickey_to_blob(const ssh_key key) return NULL; } - if (key->cert != NULL) { - rc = ssh_buffer_add_buffer(buffer, key->cert); - if (rc < 0) { - ssh_buffer_free(buffer); - return NULL; - } - goto makestring; - } - type_s = ssh_string_from_char(key->type_c); if (type_s == NULL) { ssh_buffer_free(buffer); return NULL; } - rc = ssh_buffer_add_ssh_string(buffer, type_s); + rc = buffer_add_ssh_string(buffer, type_s); ssh_string_free(type_s); if (rc < 0) { ssh_buffer_free(buffer); @@ -906,36 +890,36 @@ ssh_string pki_publickey_to_blob(const ssh_key key) switch (key->type) { case SSH_KEYTYPE_DSS: - p = ssh_make_bignum_string(key->dsa->p); + p = make_bignum_string(key->dsa->p); if (p == NULL) { goto fail; } - q = ssh_make_bignum_string(key->dsa->q); + q = make_bignum_string(key->dsa->q); if (q == NULL) { goto fail; } - g = ssh_make_bignum_string(key->dsa->g); + g = make_bignum_string(key->dsa->g); if (g == NULL) { goto fail; } - n = ssh_make_bignum_string(key->dsa->pub_key); + n = make_bignum_string(key->dsa->pub_key); if (n == NULL) { goto fail; } - if (ssh_buffer_add_ssh_string(buffer, p) < 0) { + if (buffer_add_ssh_string(buffer, p) < 0) { goto fail; } - if (ssh_buffer_add_ssh_string(buffer, q) < 0) { + if (buffer_add_ssh_string(buffer, q) < 0) { goto fail; } - if (ssh_buffer_add_ssh_string(buffer, g) < 0) { + if (buffer_add_ssh_string(buffer, g) < 0) { goto fail; } - if (ssh_buffer_add_ssh_string(buffer, n) < 0) { + if (buffer_add_ssh_string(buffer, n) < 0) { goto fail; } @@ -955,20 +939,20 @@ ssh_string pki_publickey_to_blob(const ssh_key key) break; case SSH_KEYTYPE_RSA: case SSH_KEYTYPE_RSA1: - e = ssh_make_bignum_string(key->rsa->e); + e = make_bignum_string(key->rsa->e); if (e == NULL) { goto fail; } - n = ssh_make_bignum_string(key->rsa->n); + n = make_bignum_string(key->rsa->n); if (n == NULL) { goto fail; } - if (ssh_buffer_add_ssh_string(buffer, e) < 0) { + if (buffer_add_ssh_string(buffer, e) < 0) { goto fail; } - if (ssh_buffer_add_ssh_string(buffer, n) < 0) { + if (buffer_add_ssh_string(buffer, n) < 0) { goto fail; } @@ -994,7 +978,7 @@ ssh_string pki_publickey_to_blob(const ssh_key key) return NULL; } - rc = ssh_buffer_add_ssh_string(buffer, type_s); + rc = buffer_add_ssh_string(buffer, type_s); ssh_string_free(type_s); if (rc < 0) { ssh_buffer_free(buffer); @@ -1007,7 +991,7 @@ ssh_string pki_publickey_to_blob(const ssh_key key) return NULL; } - rc = ssh_buffer_add_ssh_string(buffer, type_s); + rc = buffer_add_ssh_string(buffer, type_s); ssh_string_free(type_s); if (rc < 0) { ssh_buffer_free(buffer); @@ -1021,7 +1005,7 @@ ssh_string pki_publickey_to_blob(const ssh_key key) return NULL; } - rc = ssh_buffer_add_ssh_string(buffer, e); + rc = buffer_add_ssh_string(buffer, e); if (rc < 0) { goto fail; } @@ -1043,13 +1027,12 @@ ssh_string pki_publickey_to_blob(const ssh_key key) goto fail; } -makestring: - str = ssh_string_new(ssh_buffer_get_len(buffer)); + str = ssh_string_new(buffer_get_rest_len(buffer)); if (str == NULL) { goto fail; } - rc = ssh_string_fill(str, ssh_buffer_get(buffer), ssh_buffer_get_len(buffer)); + rc = ssh_string_fill(str, buffer_get_rest(buffer), buffer_get_rest_len(buffer)); if (rc < 0) { goto fail; } @@ -1160,12 +1143,12 @@ static ssh_string pki_dsa_signature_to_blob(const ssh_signature sig) ssh_string s; int s_len, s_offset_in, s_offset_out; - r = ssh_make_bignum_string(sig->dsa_sig->r); + r = make_bignum_string(sig->dsa_sig->r); if (r == NULL) { return NULL; } - s = ssh_make_bignum_string(sig->dsa_sig->s); + s = make_bignum_string(sig->dsa_sig->s); if (s == NULL) { ssh_string_free(r); return NULL; @@ -1224,37 +1207,37 @@ ssh_string pki_signature_to_blob(const ssh_signature sig) return NULL; } - r = ssh_make_bignum_string(sig->ecdsa_sig->r); + r = make_bignum_string(sig->ecdsa_sig->r); if (r == NULL) { ssh_buffer_free(b); return NULL; } - rc = ssh_buffer_add_ssh_string(b, r); + rc = buffer_add_ssh_string(b, r); ssh_string_free(r); if (rc < 0) { ssh_buffer_free(b); return NULL; } - s = ssh_make_bignum_string(sig->ecdsa_sig->s); + s = make_bignum_string(sig->ecdsa_sig->s); if (s == NULL) { ssh_buffer_free(b); return NULL; } - rc = ssh_buffer_add_ssh_string(b, s); + rc = buffer_add_ssh_string(b, s); ssh_string_free(s); if (rc < 0) { ssh_buffer_free(b); return NULL; } - sig_blob = ssh_string_new(ssh_buffer_get_len(b)); + sig_blob = ssh_string_new(buffer_get_rest_len(b)); if (sig_blob == NULL) { ssh_buffer_free(b); return NULL; } - ssh_string_fill(sig_blob, ssh_buffer_get(b), ssh_buffer_get_len(b)); + ssh_string_fill(sig_blob, buffer_get_rest(b), buffer_get_rest_len(b)); ssh_buffer_free(b); break; } @@ -1264,7 +1247,7 @@ ssh_string pki_signature_to_blob(const ssh_signature sig) break; default: case SSH_KEYTYPE_UNKNOWN: - SSH_LOG(SSH_LOG_WARN, "Unknown signature key type: %s", sig->type_c); + ssh_pki_log("Unknown signature key type: %s", sig->type_c); return NULL; } @@ -1284,21 +1267,19 @@ static ssh_signature pki_signature_from_rsa_blob(const ssh_key pubkey, size_t len = ssh_string_len(sig_blob); if (pubkey->rsa == NULL) { - SSH_LOG(SSH_LOG_WARN, "Pubkey RSA field NULL"); + ssh_pki_log("Pubkey RSA field NULL"); goto errout; } rsalen = RSA_size(pubkey->rsa); if (len > rsalen) { - SSH_LOG(SSH_LOG_WARN, - "Signature is too big: %lu > %lu", - (unsigned long)len, - (unsigned long)rsalen); + ssh_pki_log("Signature is too big: %lu > %lu", + (unsigned long)len, (unsigned long)rsalen); goto errout; } #ifdef DEBUG_CRYPTO - SSH_LOG(SSH_LOG_WARN, "RSA signature len: %lu", (unsigned long)len); + ssh_pki_log("RSA signature len: %lu", (unsigned long)len); ssh_print_hexa("RSA signature", ssh_string_data(sig_blob), len); #endif @@ -1306,10 +1287,8 @@ static ssh_signature pki_signature_from_rsa_blob(const ssh_key pubkey, sig->rsa_sig = ssh_string_copy(sig_blob); } else { /* pad the blob to the expected rsalen size */ - SSH_LOG(SSH_LOG_DEBUG, - "RSA signature len %lu < %lu", - (unsigned long)len, - (unsigned long)rsalen); + ssh_pki_log("RSA signature len %lu < %lu", + (unsigned long)len, (unsigned long)rsalen); pad_len = rsalen - len; @@ -1360,9 +1339,8 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey, case SSH_KEYTYPE_DSS: /* 40 is the dual signature blob len. */ if (len != 40) { - SSH_LOG(SSH_LOG_WARN, - "Signature has wrong size: %lu", - (unsigned long)len); + ssh_pki_log("Signature has wrong size: %lu", + (unsigned long)len); ssh_signature_free(sig); return NULL; } @@ -1385,7 +1363,7 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey, } ssh_string_fill(r, ssh_string_data(sig_blob), 20); - sig->dsa_sig->r = ssh_make_string_bn(r); + sig->dsa_sig->r = make_string_bn(r); ssh_string_free(r); if (sig->dsa_sig->r == NULL) { ssh_signature_free(sig); @@ -1399,7 +1377,7 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey, } ssh_string_fill(s, (char *)ssh_string_data(sig_blob) + 20, 20); - sig->dsa_sig->s = ssh_make_string_bn(s); + sig->dsa_sig->s = make_string_bn(s); ssh_string_free(s); if (sig->dsa_sig->s == NULL) { ssh_signature_free(sig); @@ -1438,7 +1416,7 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey, return NULL; } - r = ssh_buffer_get_ssh_string(b); + r = buffer_get_ssh_string(b); if (r == NULL) { ssh_buffer_free(b); ssh_signature_free(sig); @@ -1449,7 +1427,7 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey, ssh_print_hexa("r", ssh_string_data(r), ssh_string_len(r)); #endif - ssh_make_string_bn_inplace(r, sig->ecdsa_sig->r); + make_string_bn_inplace(r, sig->ecdsa_sig->r); ssh_string_burn(r); ssh_string_free(r); if (sig->ecdsa_sig->r == NULL) { @@ -1458,8 +1436,8 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey, return NULL; } - s = ssh_buffer_get_ssh_string(b); - rlen = ssh_buffer_get_len(b); + s = buffer_get_ssh_string(b); + rlen = buffer_get_rest_len(b); ssh_buffer_free(b); if (s == NULL) { ssh_signature_free(sig); @@ -1470,7 +1448,7 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey, ssh_print_hexa("s", ssh_string_data(s), ssh_string_len(s)); #endif - ssh_make_string_bn_inplace(s, sig->ecdsa_sig->s); + make_string_bn_inplace(s, sig->ecdsa_sig->s); ssh_string_burn(s); ssh_string_free(s); if (sig->ecdsa_sig->s == NULL) { @@ -1479,10 +1457,9 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey, } if (rlen != 0) { - SSH_LOG(SSH_LOG_WARN, - "Signature has remaining bytes in inner " - "sigblob: %lu", - (unsigned long)rlen); + ssh_pki_log("Signature has remaining bytes in inner " + "sigblob: %lu", + (unsigned long)rlen); ssh_signature_free(sig); return NULL; } @@ -1499,7 +1476,7 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey, break; default: case SSH_KEYTYPE_UNKNOWN: - SSH_LOG(SSH_LOG_WARN, "Unknown signature type"); + ssh_pki_log("Unknown signature type"); ssh_signature_free(sig); return NULL; } diff --git a/external/libssh-win-static/src/pki_ed25519.c b/external/libssh-win-static/src/pki_ed25519.c index a51f6c6..37d3c87 100644 --- a/external/libssh-win-static/src/pki_ed25519.c +++ b/external/libssh-win-static/src/pki_ed25519.c @@ -290,7 +290,7 @@ int pki_ed25519_sig_from_blob(ssh_signature sig, ssh_string sig_blob) len = ssh_string_len(sig_blob); if (len != ED25519_SIG_LEN){ - SSH_LOG(SSH_LOG_WARN, "Invalid ssh-ed25519 signature len: %zu", len); + ssh_pki_log("Invalid ssh-ed25519 signature len: %zu", len); return SSH_ERROR; } diff --git a/external/libssh-win-static/src/pki_gcrypt.c b/external/libssh-win-static/src/pki_gcrypt.c index 982e3f4..bf570b5 100644 --- a/external/libssh-win-static/src/pki_gcrypt.c +++ b/external/libssh-win-static/src/pki_gcrypt.c @@ -5,7 +5,6 @@ * * Copyright (c) 2003-2009 Aris Adamantiadis * Copyright (c) 2009-2011 Andreas Schneider - * Copyright (C) 2016 g10 Code GmbH * * The SSH Library is free software; you can redistribute it and/or modify * it under the terms of the GNU Lesser General Public License as published by @@ -49,7 +48,6 @@ #define MAX_KEY_SIZE 32 #define MAX_PASSPHRASE_SIZE 1024 #define ASN1_INTEGER 2 -#define ASN1_BIT_STRING 3 #define ASN1_SEQUENCE 48 #define PKCS5_SALT_LEN 8 @@ -94,7 +92,7 @@ static uint32_t asn1_get_len(ssh_buffer buffer) { uint32_t len; unsigned char tmp[4]; - if (ssh_buffer_get_data(buffer,tmp,1) == 0) { + if (buffer_get_data(buffer,tmp,1) == 0) { return 0; } @@ -103,7 +101,7 @@ static uint32_t asn1_get_len(ssh_buffer buffer) { if (len > 4) { return 0; /* Length doesn't fit in u32. Can this really happen? */ } - if (ssh_buffer_get_data(buffer,tmp,len) == 0) { + if (buffer_get_data(buffer,tmp,len) == 0) { return 0; } len = char_to_u32(tmp, len); @@ -114,12 +112,12 @@ static uint32_t asn1_get_len(ssh_buffer buffer) { return len; } -static ssh_string asn1_get(ssh_buffer buffer, unsigned char want) { +static ssh_string asn1_get_int(ssh_buffer buffer) { ssh_string str; unsigned char type; uint32_t size; - if (ssh_buffer_get_data(buffer, &type, 1) == 0 || type != want) { + if (buffer_get_data(buffer, &type, 1) == 0 || type != ASN1_INTEGER) { return NULL; } size = asn1_get_len(buffer); @@ -132,7 +130,7 @@ static ssh_string asn1_get(ssh_buffer buffer, unsigned char want) { return NULL; } - if (ssh_buffer_get_data(buffer, ssh_string_data(str), size) == 0) { + if (buffer_get_data(buffer, ssh_string_data(str), size) == 0) { ssh_string_free(str); return NULL; } @@ -140,67 +138,6 @@ static ssh_string asn1_get(ssh_buffer buffer, unsigned char want) { return str; } -static ssh_string asn1_get_int(ssh_buffer buffer) { - return asn1_get(buffer, ASN1_INTEGER); -} - -static ssh_string asn1_get_bit_string(ssh_buffer buffer) -{ - ssh_string str; - unsigned char type; - uint32_t size; - unsigned char unused, last, *p; - uint32_t len; - - len = ssh_buffer_get_data(buffer, &type, 1); - if (len == 0 || type != ASN1_BIT_STRING) { - return NULL; - } - size = asn1_get_len(buffer); - if (size == 0) { - return NULL; - } - - /* The first octet encodes the number of unused bits. */ - size -= 1; - - str = ssh_string_new(size); - if (str == NULL) { - return NULL; - } - - len = ssh_buffer_get_data(buffer, &unused, 1); - if (len == 0) { - ssh_string_free(str); - return NULL; - } - - if (unused == 0) { - len = ssh_buffer_get_data(buffer, ssh_string_data(str), size); - if (len == 0) { - ssh_string_free(str); - return NULL; - } - return str; - } - - /* The bit string is padded at the end, we must shift the whole - string by UNUSED bits. */ - for (p = ssh_string_data(str), last = 0; size; size--, p++) { - unsigned char c; - - len = ssh_buffer_get_data(buffer, &c, 1); - if (len == 0) { - ssh_string_free(str); - return NULL; - } - *p = last | (c >> unused); - last = c << (8 - unused); - } - - return str; -} - static int asn1_check_sequence(ssh_buffer buffer) { unsigned char *j = NULL; unsigned char tmp; @@ -208,14 +145,14 @@ static int asn1_check_sequence(ssh_buffer buffer) { uint32_t size; uint32_t padding; - if (ssh_buffer_get_data(buffer, &tmp, 1) == 0 || tmp != ASN1_SEQUENCE) { + if (buffer_get_data(buffer, &tmp, 1) == 0 || tmp != ASN1_SEQUENCE) { return 0; } size = asn1_get_len(buffer); - if ((padding = ssh_buffer_get_len(buffer) - size) > 0) { - for (i = ssh_buffer_get_len(buffer) - size, - j = (unsigned char*)ssh_buffer_get(buffer) + size; + if ((padding = ssh_buffer_get_len(buffer) - buffer->pos - size) > 0) { + for (i = ssh_buffer_get_len(buffer) - buffer->pos - size, + j = (unsigned char*)ssh_buffer_get_begin(buffer) + size + buffer->pos; i; i--, j++) { @@ -298,12 +235,12 @@ static int privatekey_decrypt(int algo, int mode, unsigned int key_len, || gcry_cipher_setiv(cipher, iv, iv_len) || (tmp = malloc(ssh_buffer_get_len(data) * sizeof (char))) == NULL || gcry_cipher_decrypt(cipher, tmp, ssh_buffer_get_len(data), - ssh_buffer_get(data), ssh_buffer_get_len(data))) { + ssh_buffer_get_begin(data), ssh_buffer_get_len(data))) { gcry_cipher_close(cipher); return -1; } - memcpy(ssh_buffer_get(data), tmp, ssh_buffer_get_len(data)); + memcpy(ssh_buffer_get_begin(data), tmp, ssh_buffer_get_len(data)); SAFE_FREE(tmp); gcry_cipher_close(cipher); @@ -481,7 +418,7 @@ static ssh_buffer privatekey_string_to_buffer(const char *pkey, int type, return NULL; } - out = base64_to_bin(ssh_buffer_get(buffer)); + out = base64_to_bin(ssh_buffer_get_begin(buffer)); ssh_buffer_free(buffer); if (out == NULL) { SAFE_FREE(iv); @@ -534,7 +471,6 @@ static int b64decode_rsa_privatekey(const char *pkey, gcry_sexp_t *r, data = ssh_string_data(v); if (ssh_string_len(v) != 1 || data[0] != 0) { - ssh_string_free(v); ssh_buffer_free(buffer); return 0; } @@ -568,19 +504,13 @@ static int b64decode_rsa_privatekey(const char *pkey, gcry_sexp_t *r, } error: - ssh_string_burn(n); ssh_string_free(n); - ssh_string_burn(e); ssh_string_free(e); - ssh_string_burn(d); ssh_string_free(d); - ssh_string_burn(p); ssh_string_free(p); - ssh_string_burn(q); ssh_string_free(q); ssh_string_free(unused1); ssh_string_free(unused2); - ssh_string_burn(u); ssh_string_free(u); ssh_string_free(v); @@ -617,7 +547,6 @@ static int b64decode_dsa_privatekey(const char *pkey, gcry_sexp_t *r, ssh_auth_c data = ssh_string_data(v); if (ssh_string_len(v) != 1 || data[0] != 0) { - ssh_string_free(v); ssh_buffer_free(buffer); return 0; } @@ -645,15 +574,10 @@ static int b64decode_dsa_privatekey(const char *pkey, gcry_sexp_t *r, ssh_auth_c } error: - ssh_string_burn(p); ssh_string_free(p); - ssh_string_burn(q); ssh_string_free(q); - ssh_string_burn(g); ssh_string_free(g); - ssh_string_burn(y); ssh_string_free(y); - ssh_string_burn(x); ssh_string_free(x); ssh_string_free(v); @@ -698,7 +622,7 @@ ssh_key pki_private_key_from_base64(const char *b64_key, type = pki_privatekey_type_from_string(b64_key); if (type == SSH_KEYTYPE_UNKNOWN) { - SSH_LOG(SSH_LOG_WARN, "Unknown or invalid private key."); + ssh_pki_log("Unknown or invalid private key."); return NULL; } @@ -718,7 +642,7 @@ ssh_key pki_private_key_from_base64(const char *b64_key, } if (!valid) { - SSH_LOG(SSH_LOG_WARN, "Parsing private key"); + ssh_pki_log("Parsing private key"); goto fail; } break; @@ -738,7 +662,7 @@ ssh_key pki_private_key_from_base64(const char *b64_key, } if (!valid) { - SSH_LOG(SSH_LOG_WARN, "Parsing private key"); + ssh_pki_log("Parsing private key"); goto fail; } break; @@ -747,7 +671,7 @@ ssh_key pki_private_key_from_base64(const char *b64_key, case SSH_KEYTYPE_ECDSA: case SSH_KEYTYPE_UNKNOWN: default: - SSH_LOG(SSH_LOG_WARN, "Unkown or invalid private key type %d", type); + ssh_pki_log("Unkown or invalid private key type %d", type); return NULL; } @@ -813,19 +737,22 @@ int pki_pubkey_build_ecdsa(ssh_key key, int nid, ssh_string e) ssh_key pki_key_dup(const ssh_key key, int demote) { ssh_key new; - gcry_error_t err = 0; + gcry_sexp_t sexp = NULL; + gcry_error_t err; + const char *tmp = NULL; + size_t size; int rc; - gcry_mpi_t p = NULL; - gcry_mpi_t q = NULL; - gcry_mpi_t g = NULL; - gcry_mpi_t y = NULL; - gcry_mpi_t x = NULL; + ssh_string p = NULL; + ssh_string q = NULL; + ssh_string g = NULL; + ssh_string y = NULL; + ssh_string x = NULL; - gcry_mpi_t e = NULL; - gcry_mpi_t n = NULL; - gcry_mpi_t d = NULL; - gcry_mpi_t u = NULL; + ssh_string e = NULL; + ssh_string n = NULL; + ssh_string d = NULL; + ssh_string u = NULL; new = ssh_key_new(); if (new == NULL) { @@ -841,64 +768,209 @@ ssh_key pki_key_dup(const ssh_key key, int demote) switch(key->type) { case SSH_KEYTYPE_DSS: - err = gcry_sexp_extract_param(key->dsa, - NULL, - "pqgyx?", - &p, - &q, - &g, - &y, - &x, - NULL); - if (err != 0) { - break; + sexp = gcry_sexp_find_token(key->dsa, "p", 0); + if (sexp == NULL) { + goto fail; } + tmp = gcry_sexp_nth_data(sexp, 1, &size); + p = ssh_string_new(size); + if (p == NULL) { + goto fail; + } + ssh_string_fill(p, (char *)tmp, size); + gcry_sexp_release(sexp); + + sexp = gcry_sexp_find_token(key->dsa, "q", 0); + if (sexp == NULL) { + goto fail; + } + tmp = gcry_sexp_nth_data(sexp, 1, &size); + q = ssh_string_new(size); + if (q == NULL) { + goto fail; + } + ssh_string_fill(q, (char *)tmp, size); + gcry_sexp_release(sexp); + + sexp = gcry_sexp_find_token(key->dsa, "g", 0); + if (sexp == NULL) { + goto fail; + } + tmp = gcry_sexp_nth_data(sexp, 1, &size); + g = ssh_string_new(size); + if (g == NULL) { + goto fail; + } + ssh_string_fill(g, (char *)tmp, size); + gcry_sexp_release(sexp); + + sexp = gcry_sexp_find_token(key->dsa, "y", 0); + if (sexp == NULL) { + goto fail; + } + tmp = gcry_sexp_nth_data(sexp, 1, &size); + y = ssh_string_new(size); + if (y == NULL) { + goto fail; + } + ssh_string_fill(y, (char *)tmp, size); + gcry_sexp_release(sexp); if (!demote && (key->flags & SSH_KEY_FLAG_PRIVATE)) { - err = gcry_sexp_build(&new->dsa, - NULL, - "(private-key(dsa(p %m)(q %m)(g %m)(y %m)(x %m)))", - p, q, g, y, x); + sexp = gcry_sexp_find_token(key->dsa, "x", 0); + if (sexp == NULL) { + goto fail; + } + tmp = gcry_sexp_nth_data(sexp, 1, &size); + x = ssh_string_new(size); + if (x == NULL) { + goto fail; + } + ssh_string_fill(x, (char *)tmp, size); + gcry_sexp_release(sexp); + + err = gcry_sexp_build(&new->dsa, NULL, + "(private-key(dsa(p %b)(q %b)(g %b)(y %b)(x %b)))", + ssh_string_len(p), ssh_string_data(p), + ssh_string_len(q), ssh_string_data(q), + ssh_string_len(g), ssh_string_data(g), + ssh_string_len(y), ssh_string_data(y), + ssh_string_len(x), ssh_string_data(x)); } else { - err = gcry_sexp_build(&new->dsa, - NULL, - "(public-key(dsa(p %m)(q %m)(g %m)(y %m)))", - p, q, g, y); + err = gcry_sexp_build(&new->dsa, NULL, + "(public-key(dsa(p %b)(q %b)(g %b)(y %b)))", + ssh_string_len(p), ssh_string_data(p), + ssh_string_len(q), ssh_string_data(q), + ssh_string_len(g), ssh_string_data(g), + ssh_string_len(y), ssh_string_data(y)); } + if (err) { + goto fail; + } + + ssh_string_burn(p); + ssh_string_free(p); + ssh_string_burn(q); + ssh_string_free(q); + ssh_string_burn(g); + ssh_string_free(g); + ssh_string_burn(y); + ssh_string_free(y); + ssh_string_burn(x); + ssh_string_free(x); break; case SSH_KEYTYPE_RSA: case SSH_KEYTYPE_RSA1: - err = gcry_sexp_extract_param(key->rsa, - NULL, - "ned?p?q?u?", - &n, - &e, - &d, - &p, - &q, - &u, - NULL); - if (err != 0) { - break; + sexp = gcry_sexp_find_token(key->rsa, "e", 0); + if (sexp == NULL) { + goto fail; } + tmp = gcry_sexp_nth_data(sexp, 1, &size); + e = ssh_string_new(size); + if (e == NULL) { + goto fail; + } + ssh_string_fill(e, (char *)tmp, size); + gcry_sexp_release(sexp); + + sexp = gcry_sexp_find_token(key->rsa, "n", 0); + if (sexp == NULL) { + goto fail; + } + tmp = gcry_sexp_nth_data(sexp, 1, &size); + n = ssh_string_new(size); + if (n == NULL) { + goto fail; + } + ssh_string_fill(n, (char *)tmp, size); + gcry_sexp_release(sexp); if (!demote && (key->flags & SSH_KEY_FLAG_PRIVATE)) { - err = gcry_sexp_build(&new->rsa, - NULL, - "(private-key(rsa(n %m)(e %m)(d %m)(p %m)(q %m)(u %m)))", - n, e, d, p, q, u); + sexp = gcry_sexp_find_token(key->rsa, "d", 0); + if (sexp == NULL) { + goto fail; + } + tmp = gcry_sexp_nth_data(sexp, 1, &size); + d = ssh_string_new(size); + if (e == NULL) { + goto fail; + } + ssh_string_fill(d, (char *)tmp, size); + gcry_sexp_release(sexp); + + sexp = gcry_sexp_find_token(key->rsa, "p", 0); + if (sexp == NULL) { + goto fail; + } + tmp = gcry_sexp_nth_data(sexp, 1, &size); + p = ssh_string_new(size); + if (p == NULL) { + goto fail; + } + ssh_string_fill(p, (char *)tmp, size); + gcry_sexp_release(sexp); + + sexp = gcry_sexp_find_token(key->rsa, "q", 0); + if (sexp == NULL) { + goto fail; + } + tmp = gcry_sexp_nth_data(sexp, 1, &size); + q = ssh_string_new(size); + if (q == NULL) { + goto fail; + } + ssh_string_fill(q, (char *)tmp, size); + gcry_sexp_release(sexp); + + sexp = gcry_sexp_find_token(key->rsa, "u", 0); + if (sexp == NULL) { + goto fail; + } + tmp = gcry_sexp_nth_data(sexp, 1, &size); + u = ssh_string_new(size); + if (u == NULL) { + goto fail; + } + ssh_string_fill(u, (char *)tmp, size); + gcry_sexp_release(sexp); + + err = gcry_sexp_build(&new->rsa, NULL, + "(private-key(rsa(n %b)(e %b)(d %b)(p %b)(q %b)(u %b)))", + ssh_string_len(n), ssh_string_data(n), + ssh_string_len(e), ssh_string_data(e), + ssh_string_len(d), ssh_string_data(d), + ssh_string_len(p), ssh_string_data(p), + ssh_string_len(q), ssh_string_data(q), + ssh_string_len(u), ssh_string_data(u)); } else { - err = gcry_sexp_build(&new->rsa, - NULL, - "(public-key(rsa(n %m)(e %m)))", - n, e); + err = gcry_sexp_build(&new->rsa, NULL, + "(public-key(rsa(n %b)(e %b)))", + ssh_string_len(n), ssh_string_data(n), + ssh_string_len(e), ssh_string_data(e)); } + + if (err) { + goto fail; + } + + ssh_string_burn(e); + ssh_string_free(e); + ssh_string_burn(n); + ssh_string_free(n); + ssh_string_burn(d); + ssh_string_free(d); + ssh_string_burn(p); + ssh_string_free(p); + ssh_string_burn(q); + ssh_string_free(q); + ssh_string_burn(u); + ssh_string_free(u); + break; case SSH_KEYTYPE_ED25519: rc = pki_ed25519_key_dup(new, key); - if (rc != SSH_OK) { - ssh_key_free(new); - return NULL; + if (rc != SSH_OK){ + goto fail; } break; @@ -909,23 +981,30 @@ ssh_key pki_key_dup(const ssh_key key, int demote) return NULL; } - if (err) { - ssh_key_free(new); - new = NULL; - } - - gcry_mpi_release(p); - gcry_mpi_release(q); - gcry_mpi_release(g); - gcry_mpi_release(y); - gcry_mpi_release(x); - - gcry_mpi_release(e); - gcry_mpi_release(n); - gcry_mpi_release(d); - gcry_mpi_release(u); - return new; +fail: + gcry_sexp_release(sexp); + ssh_string_burn(p); + ssh_string_free(p); + ssh_string_burn(q); + ssh_string_free(q); + ssh_string_burn(g); + ssh_string_free(g); + ssh_string_burn(y); + ssh_string_free(y); + ssh_string_burn(x); + ssh_string_free(x); + + ssh_string_burn(e); + ssh_string_free(e); + ssh_string_burn(n); + ssh_string_free(n); + ssh_string_burn(u); + ssh_string_free(u); + + ssh_key_free(new); + + return NULL; } static int pki_key_generate(ssh_key key, int parameter, const char *type_s, int type){ @@ -968,7 +1047,6 @@ static int _bignum_cmp(const gcry_sexp_t s1, gcry_sexp_t sexp; bignum b1; bignum b2; - int result; sexp = gcry_sexp_find_token(s1, what, 0); if (sexp == NULL) { @@ -982,20 +1060,19 @@ static int _bignum_cmp(const gcry_sexp_t s1, sexp = gcry_sexp_find_token(s2, what, 0); if (sexp == NULL) { - bignum_free(b1); return 1; } b2 = gcry_sexp_nth_mpi(sexp, 1, GCRYMPI_FMT_USG); gcry_sexp_release(sexp); if (b2 == NULL) { - bignum_free(b1); return 1; } - result = !! bignum_cmp(b1, b2); - bignum_free(b1); - bignum_free(b2); - return result; + if (bignum_cmp(b1, b2) != 0) { + return 1; + } + + return 0; } int pki_key_compare(const ssh_key k1, @@ -1058,8 +1135,6 @@ int pki_key_compare(const ssh_key k1, /* ed25519 keys handled globaly */ return 0; case SSH_KEYTYPE_ECDSA: - case SSH_KEYTYPE_DSS_CERT01: - case SSH_KEYTYPE_RSA_CERT01: case SSH_KEYTYPE_UNKNOWN: return 1; } @@ -1077,6 +1152,9 @@ ssh_string pki_publickey_to_blob(const ssh_key key) ssh_string p = NULL; ssh_string g = NULL; ssh_string q = NULL; + const char *tmp = NULL; + size_t size; + gcry_sexp_t sexp; int rc; buffer = ssh_buffer_new(); @@ -1084,22 +1162,13 @@ ssh_string pki_publickey_to_blob(const ssh_key key) return NULL; } - if (key->cert != NULL) { - rc = ssh_buffer_add_buffer(buffer, key->cert); - if (rc < 0) { - ssh_buffer_free(buffer); - return NULL; - } - goto makestring; - } - type_s = ssh_string_from_char(key->type_c); if (type_s == NULL) { ssh_buffer_free(buffer); return NULL; } - rc = ssh_buffer_add_ssh_string(buffer, type_s); + rc = buffer_add_ssh_string(buffer, type_s); ssh_string_free(type_s); if (rc < 0) { ssh_buffer_free(buffer); @@ -1108,52 +1177,63 @@ ssh_string pki_publickey_to_blob(const ssh_key key) switch (key->type) { case SSH_KEYTYPE_DSS: - p = ssh_sexp_extract_mpi(key->dsa, - "p", - GCRYMPI_FMT_USG, - GCRYMPI_FMT_STD); + sexp = gcry_sexp_find_token(key->dsa, "p", 0); + if (sexp == NULL) { + goto fail; + } + tmp = gcry_sexp_nth_data(sexp, 1, &size); + p = ssh_string_new(size); if (p == NULL) { goto fail; } + ssh_string_fill(p, (char *) tmp, size); + gcry_sexp_release(sexp); - q = ssh_sexp_extract_mpi(key->dsa, - "q", - GCRYMPI_FMT_USG, - GCRYMPI_FMT_STD); + sexp = gcry_sexp_find_token(key->dsa, "q", 0); + if (sexp == NULL) { + goto fail; + } + tmp = gcry_sexp_nth_data(sexp, 1, &size); + q = ssh_string_new(size); if (q == NULL) { goto fail; } + ssh_string_fill(q, (char *) tmp, size); + gcry_sexp_release(sexp); - g = ssh_sexp_extract_mpi(key->dsa, - "g", - GCRYMPI_FMT_USG, - GCRYMPI_FMT_STD); + sexp = gcry_sexp_find_token(key->dsa, "g", 0); + if (sexp == NULL) { + goto fail; + } + tmp = gcry_sexp_nth_data(sexp, 1, &size); + g = ssh_string_new(size); if (g == NULL) { goto fail; } + ssh_string_fill(g, (char *) tmp, size); + gcry_sexp_release(sexp); - n = ssh_sexp_extract_mpi(key->dsa, - "y", - GCRYMPI_FMT_USG, - GCRYMPI_FMT_STD); + sexp = gcry_sexp_find_token(key->dsa, "y", 0); + if (sexp == NULL) { + goto fail; + } + tmp = gcry_sexp_nth_data(sexp, 1, &size); + n = ssh_string_new(size); if (n == NULL) { goto fail; } + ssh_string_fill(n, (char *) tmp, size); - rc = ssh_buffer_add_ssh_string(buffer, p); - if (rc < 0) { + if (buffer_add_ssh_string(buffer, p) < 0) { goto fail; } - rc = ssh_buffer_add_ssh_string(buffer, q); - if (rc < 0) { + if (buffer_add_ssh_string(buffer, q) < 0) { goto fail; } - rc = ssh_buffer_add_ssh_string(buffer, g); - if (rc < 0) { + if (buffer_add_ssh_string(buffer, g) < 0) { goto fail; } - rc = ssh_buffer_add_ssh_string(buffer, n); - if (rc < 0) { + if (buffer_add_ssh_string(buffer, n) < 0) { goto fail; } @@ -1169,28 +1249,34 @@ ssh_string pki_publickey_to_blob(const ssh_key key) break; case SSH_KEYTYPE_RSA: case SSH_KEYTYPE_RSA1: - e = ssh_sexp_extract_mpi(key->rsa, - "e", - GCRYMPI_FMT_USG, - GCRYMPI_FMT_STD); + sexp = gcry_sexp_find_token(key->rsa, "e", 0); + if (sexp == NULL) { + goto fail; + } + tmp = gcry_sexp_nth_data(sexp, 1, &size); + e = ssh_string_new(size); if (e == NULL) { goto fail; } + ssh_string_fill(e, (char *) tmp, size); + gcry_sexp_release(sexp); - n = ssh_sexp_extract_mpi(key->rsa, - "n", - GCRYMPI_FMT_USG, - GCRYMPI_FMT_STD); + sexp = gcry_sexp_find_token(key->rsa, "n", 0); + if (sexp == NULL) { + goto fail; + } + tmp = gcry_sexp_nth_data(sexp, 1, &size); + n = ssh_string_new(size); if (n == NULL) { goto fail; } + ssh_string_fill(n, (char *) tmp, size); + gcry_sexp_release(sexp); - rc = ssh_buffer_add_ssh_string(buffer, e); - if (rc < 0) { + if (buffer_add_ssh_string(buffer, e) < 0) { goto fail; } - rc = ssh_buffer_add_ssh_string(buffer, n); - if (rc < 0) { + if (buffer_add_ssh_string(buffer, n) < 0) { goto fail; } @@ -1212,13 +1298,12 @@ ssh_string pki_publickey_to_blob(const ssh_key key) goto fail; } -makestring: - str = ssh_string_new(ssh_buffer_get_len(buffer)); + str = ssh_string_new(buffer_get_rest_len(buffer)); if (str == NULL) { goto fail; } - rc = ssh_string_fill(str, ssh_buffer_get(buffer), ssh_buffer_get_len(buffer)); + rc = ssh_string_fill(str, buffer_get_rest(buffer), buffer_get_rest_len(buffer)); if (rc < 0) { goto fail; } @@ -1248,17 +1333,34 @@ int pki_export_pubkey_rsa1(const ssh_key key, char *rsa1, size_t rsa1_len) { - gpg_error_t err; + gcry_sexp_t sexp; int rsa_size; - bignum E, N; + bignum b; char *e, *n; - err = gcry_sexp_extract_param(key->rsa, NULL, "en", &E, &N, NULL); - if (err != 0) { + sexp = gcry_sexp_find_token(key->rsa, "e", 0); + if (sexp == NULL) { return SSH_ERROR; } - e = bignum_bn2dec(E); - n = bignum_bn2dec(N); + b = gcry_sexp_nth_mpi(sexp, 1, GCRYMPI_FMT_USG); + gcry_sexp_release(sexp); + if (b == NULL) { + return SSH_ERROR; + } + e = bignum_bn2dec(b); + + sexp = gcry_sexp_find_token(key->rsa, "n", 0); + if (sexp == NULL) { + SAFE_FREE(e); + return SSH_ERROR; + } + b = gcry_sexp_nth_mpi(sexp, 1, GCRYMPI_FMT_USG); + gcry_sexp_release(sexp); + if (b == NULL) { + SAFE_FREE(e); + return SSH_ERROR; + } + n = bignum_bn2dec(b); rsa_size = (gcry_pk_get_nbits(key->rsa) + 7) / 8; @@ -1267,8 +1369,6 @@ int pki_export_pubkey_rsa1(const ssh_key key, host, rsa_size << 3, e, n); SAFE_FREE(e); SAFE_FREE(n); - bignum_free(E); - bignum_free(N); return SSH_OK; } @@ -1361,7 +1461,7 @@ ssh_string pki_signature_to_blob(const ssh_signature sig) case SSH_KEYTYPE_ECDSA: case SSH_KEYTYPE_UNKNOWN: default: - SSH_LOG(SSH_LOG_WARN, "Unknown signature key type: %d", sig->type); + ssh_pki_log("Unknown signature key type: %d", sig->type); return NULL; break; } @@ -1392,17 +1492,14 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey, case SSH_KEYTYPE_DSS: /* 40 is the dual signature blob len. */ if (len != 40) { - SSH_LOG(SSH_LOG_WARN, - "Signature has wrong size: %lu", - (unsigned long)len); + ssh_pki_log("Signature has wrong size: %lu", + (unsigned long)len); ssh_signature_free(sig); return NULL; } #ifdef DEBUG_CRYPTO - SSH_LOG(SSH_LOG_DEBUG, - "DSA signature len: %lu", - (unsigned long)len); + ssh_pki_log("DSA signature len: %lu", (unsigned long)len); ssh_print_hexa("DSA signature", ssh_string_data(sig_blob), len); #endif @@ -1423,22 +1520,19 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey, rsalen = (gcry_pk_get_nbits(pubkey->rsa) + 7) / 8; if (len > rsalen) { - SSH_LOG(SSH_LOG_WARN, - "Signature is to big size: %lu", - (unsigned long)len); + ssh_pki_log("Signature is to big size: %lu", + (unsigned long)len); ssh_signature_free(sig); return NULL; } if (len < rsalen) { - SSH_LOG(SSH_LOG_DEBUG, - "RSA signature len %lu < %lu", - (unsigned long)len, - (unsigned long)rsalen); + ssh_pki_log("RSA signature len %lu < %lu", + (unsigned long)len, (unsigned long)rsalen); } #ifdef DEBUG_CRYPTO - SSH_LOG(SSH_LOG_DEBUG, "RSA signature len: %lu", (unsigned long)len); + ssh_pki_log("RSA signature len: %lu", (unsigned long)len); ssh_print_hexa("RSA signature", ssh_string_data(sig_blob), len); #endif @@ -1462,7 +1556,7 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey, case SSH_KEYTYPE_ECDSA: case SSH_KEYTYPE_UNKNOWN: default: - SSH_LOG(SSH_LOG_WARN, "Unknown signature type"); + ssh_pki_log("Unknown signature type"); return NULL; } diff --git a/external/libssh-win-static/src/poll.c b/external/libssh-win-static/src/poll.c index c698c13..807b0a5 100644 --- a/external/libssh-win-static/src/poll.c +++ b/external/libssh-win-static/src/poll.c @@ -774,33 +774,6 @@ int ssh_event_add_fd(ssh_event event, socket_t fd, short events, return SSH_OK; } -/** - * @brief Add a poll handle to the event. - * - * @param event the ssh_event - * - * @param p the poll handle - * - * @returns SSH_OK on success - * SSH_ERROR on failure - */ -int ssh_event_add_poll(ssh_event event, ssh_poll_handle p) -{ - return ssh_poll_ctx_add(event->ctx, p); -} - -/** - * @brief remove a poll handle to the event. - * - * @param event the ssh_event - * - * @param p the poll handle - */ -void ssh_event_remove_poll(ssh_event event, ssh_poll_handle p) -{ - ssh_poll_ctx_remove(event->ctx,p); -} - /** * @brief remove the poll handle from session and assign them to a event, * when used in blocking mode. @@ -850,34 +823,17 @@ int ssh_event_add_session(ssh_event event, ssh_session session) { } /** - * @brief Add a connector to the SSH event loop - * - * @param[in] event The SSH event loop - * - * @param[in] connector The connector object - * - * @return SSH_OK - * - * @return SSH_ERROR in case of error - */ -int ssh_event_add_connector(ssh_event event, ssh_connector connector){ - return ssh_connector_set_event(connector, event); -} - -/** - * @brief Poll all the sockets and sessions associated through an event object.i - * - * If any of the events are set after the poll, the call back functions of the - * sessions or sockets will be called. - * This function should be called once within the programs main loop. + * @brief Poll all the sockets and sessions associated through an event object. + * If any of the events are set after the poll, the + * call back functions of the sessions or sockets will be called. + * This function should be called once within the programs main loop. * * @param event The ssh_event object to poll. - * * @param timeout An upper limit on the time for which the poll will * block, in milliseconds. Specifying a negative value * means an infinite timeout. This parameter is passed to * the poll() function. - * @returns SSH_OK on success. + * @returns SSH_OK No error. * SSH_ERROR Error happened during the poll. */ int ssh_event_dopoll(ssh_event event, int timeout) { @@ -983,17 +939,6 @@ int ssh_event_remove_session(ssh_event event, ssh_session session) { return rc; } -/** @brief Remove a connector from an event context - * @param[in] event The ssh_event object. - * @param[in] connector connector object to remove - * @return SSH_OK on success - * @return SSH_ERROR on failure - */ -int ssh_event_remove_connector(ssh_event event, ssh_connector connector){ - (void)event; - return ssh_connector_remove_event(connector); -} - /** * @brief Free an event context. * diff --git a/external/libssh-win-static/src/server.c b/external/libssh-win-static/src/server.c index 017a4cc..a078e7a 100644 --- a/external/libssh-win-static/src/server.c +++ b/external/libssh-win-static/src/server.c @@ -155,12 +155,12 @@ static int server_set_kex(ssh_session session) { **/ static int ssh_server_kexdh_init(ssh_session session, ssh_buffer packet){ ssh_string e; - e = ssh_buffer_get_ssh_string(packet); + e = buffer_get_ssh_string(packet); if (e == NULL) { ssh_set_error(session, SSH_FATAL, "No e number in client request"); return -1; } - if (ssh_dh_import_e(session, e) < 0) { + if (dh_import_e(session, e) < 0) { ssh_set_error(session, SSH_FATAL, "Cannot import e number"); session->session_state=SSH_SESSION_STATE_ERROR; } else { @@ -258,7 +258,7 @@ int ssh_get_key_params(ssh_session session, ssh_key *privkey){ return -1; } - ssh_dh_import_pubkey(session, pubkey_blob); + dh_import_pubkey(session, pubkey_blob); return SSH_OK; } @@ -268,16 +268,16 @@ static int dh_handshake_server(ssh_session session) { ssh_string f; int rc; - if (ssh_dh_generate_y(session) < 0) { + if (dh_generate_y(session) < 0) { ssh_set_error(session, SSH_FATAL, "Could not create y number"); return -1; } - if (ssh_dh_generate_f(session) < 0) { + if (dh_generate_f(session) < 0) { ssh_set_error(session, SSH_FATAL, "Could not create f number"); return -1; } - f = ssh_dh_get_f(session); + f = dh_get_f(session); if (f == NULL) { ssh_set_error(session, SSH_FATAL, "Could not get the f number"); return -1; @@ -288,13 +288,13 @@ static int dh_handshake_server(ssh_session session) { return -1; } - if (ssh_dh_build_k(session) < 0) { + if (dh_build_k(session) < 0) { ssh_set_error(session, SSH_FATAL, "Could not import the public key"); ssh_string_free(f); return -1; } - if (ssh_make_sessionid(session) != SSH_OK) { + if (make_sessionid(session) != SSH_OK) { ssh_set_error(session, SSH_FATAL, "Could not create a session id"); ssh_string_free(f); return -1; @@ -321,16 +321,16 @@ static int dh_handshake_server(ssh_session session) { return -1; } - if (ssh_packet_send(session) == SSH_ERROR) { + if (packet_send(session) == SSH_ERROR) { return -1; } - if (ssh_buffer_add_u8(session->out_buffer, SSH2_MSG_NEWKEYS) < 0) { + if (buffer_add_u8(session->out_buffer, SSH2_MSG_NEWKEYS) < 0) { ssh_buffer_reinit(session->out_buffer); return -1; } - if (ssh_packet_send(session) == SSH_ERROR) { + if (packet_send(session) == SSH_ERROR) { return -1; } SSH_LOG(SSH_LOG_PACKET, "SSH_MSG_NEWKEYS sent"); @@ -432,7 +432,7 @@ static void ssh_server_connection_callback(ssh_session session){ break; case SSH_SESSION_STATE_DH: if(session->dh_handshake_state==DH_STATE_FINISHED){ - if (ssh_generate_session_keys(session) < 0) { + if (generate_session_keys(session) < 0) { goto error; } @@ -457,14 +457,6 @@ static void ssh_server_connection_callback(ssh_session session){ } memcpy(session->next_crypto->session_id, session->current_crypto->session_id, session->current_crypto->digest_len); - if (session->current_crypto->in_cipher->set_decrypt_key(session->current_crypto->in_cipher, session->current_crypto->decryptkey, - session->current_crypto->decryptIV) < 0) { - goto error; - } - if (session->current_crypto->out_cipher->set_encrypt_key(session->current_crypto->out_cipher, session->current_crypto->encryptkey, - session->current_crypto->encryptIV) < 0) { - goto error; - } set_status(session,1.0f); session->connected = 1; @@ -659,7 +651,7 @@ int ssh_auth_reply_default(ssh_session session,int partial) { ssh_set_error_oom(session); return SSH_ERROR; } - rc = ssh_packet_send(session); + rc = packet_send(session); return rc; } @@ -680,7 +672,7 @@ static int ssh_message_channel_request_open_reply_default(ssh_message msg) { return SSH_ERROR; } - rc = ssh_packet_send(msg->session); + rc = packet_send(msg->session); return rc; } @@ -702,7 +694,7 @@ static int ssh_message_channel_request_reply_default(ssh_message msg) { ssh_set_error_oom(msg->session); return SSH_ERROR; } - return ssh_packet_send(msg->session); + return packet_send(msg->session); } SSH_LOG(SSH_LOG_PACKET, @@ -736,7 +728,7 @@ int ssh_message_service_reply_success(ssh_message msg) { ssh_set_error_oom(session); return SSH_ERROR; } - rc = ssh_packet_send(msg->session); + rc = packet_send(msg->session); return rc; } @@ -746,7 +738,7 @@ int ssh_message_global_request_reply_success(ssh_message msg, uint16_t bound_por SSH_LOG(SSH_LOG_FUNCTIONS, "Accepting a global request"); if (msg->global_request.want_reply) { - if (ssh_buffer_add_u8(msg->session->out_buffer + if (buffer_add_u8(msg->session->out_buffer , SSH2_MSG_REQUEST_SUCCESS) < 0) { goto error; } @@ -760,7 +752,7 @@ int ssh_message_global_request_reply_success(ssh_message msg, uint16_t bound_por } } - return ssh_packet_send(msg->session); + return packet_send(msg->session); } if(msg->global_request.type == SSH_GLOBAL_REQUEST_TCPIP_FORWARD @@ -778,11 +770,11 @@ static int ssh_message_global_request_reply_default(ssh_message msg) { SSH_LOG(SSH_LOG_FUNCTIONS, "Refusing a global request"); if (msg->global_request.want_reply) { - if (ssh_buffer_add_u8(msg->session->out_buffer + if (buffer_add_u8(msg->session->out_buffer , SSH2_MSG_REQUEST_FAILURE) < 0) { goto error; } - return ssh_packet_send(msg->session); + return packet_send(msg->session); } SSH_LOG(SSH_LOG_PACKET, "The client doesn't want to know the request failed!"); @@ -919,7 +911,7 @@ int ssh_message_auth_interactive_request(ssh_message msg, const char *name, } } - rc = ssh_packet_send(msg->session); + rc = packet_send(msg->session); /* fill in the kbdint structure */ if (msg->session->kbdint == NULL) { @@ -1002,11 +994,11 @@ int ssh_auth_reply_success(ssh_session session, int partial) { session->session_state = SSH_SESSION_STATE_AUTHENTICATED; session->flags |= SSH_SESSION_FLAG_AUTHENTICATED; - if (ssh_buffer_add_u8(session->out_buffer,SSH2_MSG_USERAUTH_SUCCESS) < 0) { + if (buffer_add_u8(session->out_buffer,SSH2_MSG_USERAUTH_SUCCESS) < 0) { return SSH_ERROR; } - r = ssh_packet_send(session); + r = packet_send(session); if(session->current_crypto && session->current_crypto->delayed_compress_out){ SSH_LOG(SSH_LOG_PROTOCOL,"Enabling delayed compression OUT"); session->current_crypto->do_compress_out=1; @@ -1041,7 +1033,7 @@ int ssh_message_auth_reply_pk_ok(ssh_message msg, ssh_string algo, ssh_string pu return SSH_ERROR; } - rc = ssh_packet_send(msg->session); + rc = packet_send(msg->session); return rc; } @@ -1208,7 +1200,7 @@ int ssh_send_keepalive(ssh_session session) goto err; } - if (ssh_packet_send(session) == SSH_ERROR) { + if (packet_send(session) == SSH_ERROR) { goto err; } diff --git a/external/libssh-win-static/src/session.c b/external/libssh-win-static/src/session.c index 0e4d251..f6d926a 100644 --- a/external/libssh-win-static/src/session.c +++ b/external/libssh-win-static/src/session.c @@ -92,7 +92,7 @@ ssh_session ssh_new(void) { session->maxchannel = FIRST_CHANNEL; #ifndef _WIN32 - session->agent = ssh_agent_new(session); + session->agent = agent_new(session); if (session->agent == NULL) { goto err; } @@ -231,7 +231,7 @@ void ssh_free(ssh_session session) { crypto_free(session->next_crypto); #ifndef _WIN32 - ssh_agent_free(session->agent); + agent_free(session->agent); #endif /* _WIN32 */ ssh_key_free(session->srv.dsa_key); @@ -272,8 +272,8 @@ void ssh_free(ssh_session session) { #ifndef _WIN32 ssh_agent_state_free (session->agent_state); +#endif session->agent_state = NULL; -#endif /* _WIN32 */ SAFE_FREE(session->auth_auto_state); SAFE_FREE(session->serverbanner); @@ -842,7 +842,7 @@ int ssh_send_ignore (ssh_session session, const char *data) { ssh_set_error_oom(session); goto error; } - ssh_packet_send(session); + packet_send(session); ssh_handle_packets(session, 0); } @@ -878,7 +878,7 @@ int ssh_send_debug (ssh_session session, const char *message, int always_display ssh_set_error_oom(session); goto error; } - ssh_packet_send(session); + packet_send(session); ssh_handle_packets(session, 0); } diff --git a/external/libssh-win-static/src/sftp.c b/external/libssh-win-static/src/sftp.c index f99683d..03380c0 100644 --- a/external/libssh-win-static/src/sftp.c +++ b/external/libssh-win-static/src/sftp.c @@ -38,6 +38,14 @@ #ifndef _WIN32 #include #include +#else +#define S_IFSOCK 0140000 +#define S_IFLNK 0120000 + +#ifdef _MSC_VER +#define S_IFBLK 0060000 +#define S_IFIFO 0010000 +#endif #endif #include "libssh/priv.h" @@ -65,10 +73,11 @@ static void status_msg_free(sftp_status_message status); static sftp_ext sftp_ext_new(void) { sftp_ext ext; - ext = calloc(1, sizeof(struct sftp_ext_struct)); + ext = malloc(sizeof(struct sftp_ext_struct)); if (ext == NULL) { return NULL; } + ZERO_STRUCTP(ext); return ext; } @@ -99,12 +108,13 @@ sftp_session sftp_new(ssh_session session){ return NULL; } - sftp = calloc(1, sizeof(struct sftp_session_struct)); + sftp = malloc(sizeof(struct sftp_session_struct)); if (sftp == NULL) { ssh_set_error_oom(session); return NULL; } + ZERO_STRUCTP(sftp); sftp->ext = sftp_ext_new(); if (sftp->ext == NULL) { @@ -147,12 +157,13 @@ sftp_session sftp_new_channel(ssh_session session, ssh_channel channel){ return NULL; } - sftp = calloc(1, sizeof(struct sftp_session_struct)); + sftp = malloc(sizeof(struct sftp_session_struct)); if (sftp == NULL) { ssh_set_error_oom(session); return NULL; } + ZERO_STRUCTP(sftp); sftp->ext = sftp_ext_new(); if (sftp->ext == NULL) { @@ -172,11 +183,12 @@ sftp_session sftp_new_channel(ssh_session session, ssh_channel channel){ sftp_session sftp_server_new(ssh_session session, ssh_channel chan){ sftp_session sftp = NULL; - sftp = calloc(1, sizeof(struct sftp_session_struct)); + sftp = malloc(sizeof(struct sftp_session_struct)); if (sftp == NULL) { ssh_set_error_oom(session); return NULL; } + ZERO_STRUCTP(sftp); sftp->session = session; sftp->channel = chan; @@ -206,7 +218,7 @@ int sftp_server_init(sftp_session sftp){ SSH_LOG(SSH_LOG_PACKET, "Received SSH_FXP_INIT"); - ssh_buffer_get_u32(packet->payload, &version); + buffer_get_u32(packet->payload, &version); version = ntohl(version); SSH_LOG(SSH_LOG_PACKET, "Client version: %d", version); sftp->client_version = version; @@ -219,7 +231,7 @@ int sftp_server_init(sftp_session sftp){ return -1; } - if (ssh_buffer_add_u32(reply, ntohl(LIBSFTP_VERSION)) < 0) { + if (buffer_add_u32(reply, ntohl(LIBSFTP_VERSION)) < 0) { ssh_set_error_oom(session); ssh_buffer_free(reply); return -1; @@ -273,25 +285,25 @@ void sftp_free(sftp_session sftp){ int sftp_packet_write(sftp_session sftp, uint8_t type, ssh_buffer payload){ int size; - if (ssh_buffer_prepend_data(payload, &type, sizeof(uint8_t)) < 0) { + if (buffer_prepend_data(payload, &type, sizeof(uint8_t)) < 0) { ssh_set_error_oom(sftp->session); return -1; } - size = htonl(ssh_buffer_get_len(payload)); - if (ssh_buffer_prepend_data(payload, &size, sizeof(uint32_t)) < 0) { + size = htonl(buffer_get_rest_len(payload)); + if (buffer_prepend_data(payload, &size, sizeof(uint32_t)) < 0) { ssh_set_error_oom(sftp->session); return -1; } - size = ssh_channel_write(sftp->channel, ssh_buffer_get(payload), - ssh_buffer_get_len(payload)); + size = ssh_channel_write(sftp->channel, buffer_get_rest(payload), + buffer_get_rest_len(payload)); if (size < 0) { return -1; - } else if((uint32_t) size != ssh_buffer_get_len(payload)) { + } else if((uint32_t) size != buffer_get_rest_len(payload)) { SSH_LOG(SSH_LOG_PACKET, "Had to write %d bytes, wrote only %d", - ssh_buffer_get_len(payload), + buffer_get_rest_len(payload), size); } @@ -305,7 +317,7 @@ sftp_packet sftp_packet_read(sftp_session sftp) { size_t size; int r, s; - packet = calloc(1, sizeof(struct sftp_packet_struct)); + packet = malloc(sizeof(struct sftp_packet_struct)); if (packet == NULL) { ssh_set_error_oom(sftp->session); return NULL; @@ -323,30 +335,31 @@ sftp_packet sftp_packet_read(sftp_session sftp) { // read from channel until 4 bytes have been read or an error occurs s=ssh_channel_read(sftp->channel, buffer+r, 4-r, 0); if (s < 0) { - ssh_buffer_free(packet->payload); - SAFE_FREE(packet); - return NULL; + goto error; + } else if (s == 0) { + int is_eof; + + is_eof = ssh_channel_is_eof(sftp->channel); + if (is_eof) { + goto error; + } } else { r += s; } } while (r<4); ssh_buffer_add_data(packet->payload, buffer, r); - if (ssh_buffer_get_u32(packet->payload, &tmp) != sizeof(uint32_t)) { + if (buffer_get_u32(packet->payload, &tmp) != sizeof(uint32_t)) { ssh_set_error(sftp->session, SSH_FATAL, "Short sftp packet!"); - ssh_buffer_free(packet->payload); - SAFE_FREE(packet); - return NULL; + goto error; } r=ssh_channel_read(sftp->channel, buffer, 1, 0); if (r <= 0) { /* TODO: check if there are cases where an error needs to be set here */ - ssh_buffer_free(packet->payload); - SAFE_FREE(packet); - return NULL; + goto error; } ssh_buffer_add_data(packet->payload, buffer, r); - ssh_buffer_get_u8(packet->payload, &packet->type); + buffer_get_u8(packet->payload, &packet->type); size = ntohl(tmp); if (size == 0) { @@ -360,20 +373,20 @@ sftp_packet sftp_packet_read(sftp_session sftp) { if(r <= 0) { /* TODO: check if there are cases where an error needs to be set here */ - ssh_buffer_free(packet->payload); - SAFE_FREE(packet); - return NULL; + goto error; } if (ssh_buffer_add_data(packet->payload, buffer, r) == SSH_ERROR) { - ssh_buffer_free(packet->payload); - SAFE_FREE(packet); ssh_set_error_oom(sftp->session); - return NULL; + goto error; } size -= r; } return packet; +error: + ssh_buffer_free(packet->payload); + SAFE_FREE(packet); + return NULL; } static void sftp_set_error(sftp_session sftp, int errnum) { @@ -394,11 +407,12 @@ int sftp_get_error(sftp_session sftp) { static sftp_message sftp_message_new(sftp_session sftp){ sftp_message msg = NULL; - msg = calloc(1, sizeof(struct sftp_message_struct)); + msg = malloc(sizeof(struct sftp_message_struct)); if (msg == NULL) { ssh_set_error_oom(sftp->session); return NULL; } + ZERO_STRUCTP(msg); msg->payload = ssh_buffer_new(); if (msg->payload == NULL) { @@ -455,8 +469,8 @@ static sftp_message sftp_get_message(sftp_packet packet) { msg->id, msg->packet_type); - if (ssh_buffer_add_data(msg->payload, ssh_buffer_get(packet->payload), - ssh_buffer_get_len(packet->payload)) < 0) { + if (ssh_buffer_add_data(msg->payload, buffer_get_rest(packet->payload), + buffer_get_rest_len(packet->payload)) < 0) { ssh_set_error_oom(sftp->session); sftp_message_free(msg); return NULL; @@ -658,11 +672,12 @@ int sftp_extension_supported(sftp_session sftp, const char *name, static sftp_request_queue request_queue_new(sftp_message msg) { sftp_request_queue queue = NULL; - queue = calloc(1, sizeof(struct sftp_request_queue_struct)); + queue = malloc(sizeof(struct sftp_request_queue_struct)); if (queue == NULL) { ssh_set_error_oom(msg->sftp->session); return NULL; } + ZERO_STRUCTP(queue); queue->message = msg; @@ -760,11 +775,12 @@ static sftp_status_message parse_status_msg(sftp_message msg){ return NULL; } - status = calloc(1, sizeof(struct sftp_status_message_struct)); + status = malloc(sizeof(struct sftp_status_message_struct)); if (status == NULL) { ssh_set_error_oom(msg->sftp->session); return NULL; } + ZERO_STRUCTP(status); status->id = msg->id; rc = ssh_buffer_unpack(msg->payload, "d", @@ -818,13 +834,14 @@ static sftp_file parse_handle_msg(sftp_message msg){ return NULL; } - file = calloc(1, sizeof(struct sftp_file_struct)); + file = malloc(sizeof(struct sftp_file_struct)); if (file == NULL) { ssh_set_error_oom(msg->sftp->session); return NULL; } + ZERO_STRUCTP(file); - file->handle = ssh_buffer_get_ssh_string(msg->payload); + file->handle = buffer_get_ssh_string(msg->payload); if (file->handle == NULL) { ssh_set_error(msg->sftp->session, SSH_FATAL, "Invalid SSH_FXP_HANDLE message"); @@ -863,8 +880,8 @@ sftp_dir sftp_opendir(sftp_session sftp, const char *path){ } id = sftp_get_new_id(sftp); - if (ssh_buffer_add_u32(payload, htonl(id)) < 0 || - ssh_buffer_add_ssh_string(payload, path_s) < 0) { + if (buffer_add_u32(payload, htonl(id)) < 0 || + buffer_add_ssh_string(payload, path_s) < 0) { ssh_set_error_oom(sftp->session); ssh_buffer_free(payload); ssh_string_free(path_s); @@ -902,12 +919,13 @@ sftp_dir sftp_opendir(sftp_session sftp, const char *path){ file = parse_handle_msg(msg); sftp_message_free(msg); if (file != NULL) { - dir = calloc(1, sizeof(struct sftp_dir_struct)); + dir = malloc(sizeof(struct sftp_dir_struct)); if (dir == NULL) { ssh_set_error_oom(sftp->session); free(file); return NULL; } + ZERO_STRUCTP(dir); dir->sftp = sftp; dir->name = strdup(path); @@ -945,15 +963,16 @@ static sftp_attributes sftp_parse_attr_4(sftp_session sftp, ssh_buffer buf, /* unused member variable */ (void) expectnames; - attr = calloc(1, sizeof(struct sftp_attributes_struct)); + attr = malloc(sizeof(struct sftp_attributes_struct)); if (attr == NULL) { ssh_set_error_oom(sftp->session); return NULL; } + ZERO_STRUCTP(attr); /* This isn't really a loop, but it is like a try..catch.. */ do { - if (ssh_buffer_get_u32(buf, &flags) != 4) { + if (buffer_get_u32(buf, &flags) != 4) { break; } @@ -961,14 +980,14 @@ static sftp_attributes sftp_parse_attr_4(sftp_session sftp, ssh_buffer buf, attr->flags = flags; if (flags & SSH_FILEXFER_ATTR_SIZE) { - if (ssh_buffer_get_u64(buf, &attr->size) != 8) { + if (buffer_get_u64(buf, &attr->size) != 8) { break; } attr->size = ntohll(attr->size); } if (flags & SSH_FILEXFER_ATTR_OWNERGROUP) { - owner = ssh_buffer_get_ssh_string(buf); + owner = buffer_get_ssh_string(buf); if (owner == NULL) { break; } @@ -978,7 +997,7 @@ static sftp_attributes sftp_parse_attr_4(sftp_session sftp, ssh_buffer buf, break; } - group = ssh_buffer_get_ssh_string(buf); + group = buffer_get_ssh_string(buf); if (group == NULL) { break; } @@ -990,26 +1009,26 @@ static sftp_attributes sftp_parse_attr_4(sftp_session sftp, ssh_buffer buf, } if (flags & SSH_FILEXFER_ATTR_PERMISSIONS) { - if (ssh_buffer_get_u32(buf, &attr->permissions) != 4) { + if (buffer_get_u32(buf, &attr->permissions) != 4) { break; } attr->permissions = ntohl(attr->permissions); /* FIXME on windows! */ - switch (attr->permissions & SSH_S_IFMT) { - case SSH_S_IFSOCK: - case SSH_S_IFBLK: - case SSH_S_IFCHR: - case SSH_S_IFIFO: + switch (attr->permissions & S_IFMT) { + case S_IFSOCK: + case S_IFBLK: + case S_IFCHR: + case S_IFIFO: attr->type = SSH_FILEXFER_TYPE_SPECIAL; break; - case SSH_S_IFLNK: + case S_IFLNK: attr->type = SSH_FILEXFER_TYPE_SYMLINK; break; - case SSH_S_IFREG: + case S_IFREG: attr->type = SSH_FILEXFER_TYPE_REGULAR; break; - case SSH_S_IFDIR: + case S_IFDIR: attr->type = SSH_FILEXFER_TYPE_DIRECTORY; break; default: @@ -1019,62 +1038,62 @@ static sftp_attributes sftp_parse_attr_4(sftp_session sftp, ssh_buffer buf, } if (flags & SSH_FILEXFER_ATTR_ACCESSTIME) { - if (ssh_buffer_get_u64(buf, &attr->atime64) != 8) { + if (buffer_get_u64(buf, &attr->atime64) != 8) { break; } attr->atime64 = ntohll(attr->atime64); } if (flags & SSH_FILEXFER_ATTR_SUBSECOND_TIMES) { - if (ssh_buffer_get_u32(buf, &attr->atime_nseconds) != 4) { + if (buffer_get_u32(buf, &attr->atime_nseconds) != 4) { break; } attr->atime_nseconds = ntohl(attr->atime_nseconds); } if (flags & SSH_FILEXFER_ATTR_CREATETIME) { - if (ssh_buffer_get_u64(buf, &attr->createtime) != 8) { + if (buffer_get_u64(buf, &attr->createtime) != 8) { break; } attr->createtime = ntohll(attr->createtime); } if (flags & SSH_FILEXFER_ATTR_SUBSECOND_TIMES) { - if (ssh_buffer_get_u32(buf, &attr->createtime_nseconds) != 4) { + if (buffer_get_u32(buf, &attr->createtime_nseconds) != 4) { break; } attr->createtime_nseconds = ntohl(attr->createtime_nseconds); } if (flags & SSH_FILEXFER_ATTR_MODIFYTIME) { - if (ssh_buffer_get_u64(buf, &attr->mtime64) != 8) { + if (buffer_get_u64(buf, &attr->mtime64) != 8) { break; } attr->mtime64 = ntohll(attr->mtime64); } if (flags & SSH_FILEXFER_ATTR_SUBSECOND_TIMES) { - if (ssh_buffer_get_u32(buf, &attr->mtime_nseconds) != 4) { + if (buffer_get_u32(buf, &attr->mtime_nseconds) != 4) { break; } attr->mtime_nseconds = ntohl(attr->mtime_nseconds); } if (flags & SSH_FILEXFER_ATTR_ACL) { - if ((attr->acl = ssh_buffer_get_ssh_string(buf)) == NULL) { + if ((attr->acl = buffer_get_ssh_string(buf)) == NULL) { break; } } if (flags & SSH_FILEXFER_ATTR_EXTENDED) { - if (ssh_buffer_get_u32(buf,&attr->extended_count) != 4) { + if (buffer_get_u32(buf,&attr->extended_count) != 4) { break; } attr->extended_count = ntohl(attr->extended_count); while(attr->extended_count && - (attr->extended_type = ssh_buffer_get_ssh_string(buf)) && - (attr->extended_data = ssh_buffer_get_ssh_string(buf))){ + (attr->extended_type = buffer_get_ssh_string(buf)) && + (attr->extended_data = buffer_get_ssh_string(buf))){ attr->extended_count--; } @@ -1140,7 +1159,7 @@ static char *sftp_parse_longname(const char *longname, /* There is no strndup on windows */ len = q - p + 1; - x = calloc(1, len); + x = malloc(len); if (x == NULL) { return NULL; } @@ -1170,11 +1189,12 @@ static sftp_attributes sftp_parse_attr_3(sftp_session sftp, ssh_buffer buf, sftp_attributes attr; int rc; - attr = calloc(1, sizeof(struct sftp_attributes_struct)); + attr = malloc(sizeof(struct sftp_attributes_struct)); if (attr == NULL) { ssh_set_error_oom(sftp->session); return NULL; } + ZERO_STRUCTP(attr); if (expectname) { rc = ssh_buffer_unpack(buf, "ss", @@ -1231,20 +1251,20 @@ static sftp_attributes sftp_parse_attr_3(sftp_session sftp, ssh_buffer buf, goto error; } - switch (attr->permissions & SSH_S_IFMT) { - case SSH_S_IFSOCK: - case SSH_S_IFBLK: - case SSH_S_IFCHR: - case SSH_S_IFIFO: + switch (attr->permissions & S_IFMT) { + case S_IFSOCK: + case S_IFBLK: + case S_IFCHR: + case S_IFIFO: attr->type = SSH_FILEXFER_TYPE_SPECIAL; break; - case SSH_S_IFLNK: + case S_IFLNK: attr->type = SSH_FILEXFER_TYPE_SYMLINK; break; - case SSH_S_IFREG: + case S_IFREG: attr->type = SSH_FILEXFER_TYPE_REGULAR; break; - case SSH_S_IFDIR: + case S_IFDIR: attr->type = SSH_FILEXFER_TYPE_DIRECTORY; break; default: @@ -1392,8 +1412,8 @@ sftp_attributes sftp_readdir(sftp_session sftp, sftp_dir dir) { } id = sftp_get_new_id(sftp); - if (ssh_buffer_add_u32(payload, htonl(id)) < 0 || - ssh_buffer_add_ssh_string(payload, dir->handle) < 0) { + if (buffer_add_u32(payload, htonl(id)) < 0 || + buffer_add_ssh_string(payload, dir->handle) < 0) { ssh_set_error_oom(sftp->session); ssh_buffer_free(payload); return NULL; @@ -1439,7 +1459,7 @@ sftp_attributes sftp_readdir(sftp_session sftp, sftp_dir dir) { return NULL; case SSH_FXP_NAME: - ssh_buffer_get_u32(msg->payload, &dir->count); + buffer_get_u32(msg->payload, &dir->count); dir->count = ntohl(dir->count); dir->buffer = msg->payload; msg->payload = NULL; @@ -1516,8 +1536,8 @@ static int sftp_handle_close(sftp_session sftp, ssh_string handle) { } id = sftp_get_new_id(sftp); - if (ssh_buffer_add_u32(buffer, htonl(id)) < 0 || - ssh_buffer_add_ssh_string(buffer, handle) < 0) { + if (buffer_add_u32(buffer, htonl(id)) < 0 || + buffer_add_ssh_string(buffer, handle) < 0) { ssh_set_error_oom(sftp->session); ssh_buffer_free(buffer); return -1; @@ -1625,22 +1645,23 @@ sftp_file sftp_open(sftp_session sftp, const char *file, int flags, attr.permissions = mode; attr.flags = SSH_FILEXFER_ATTR_PERMISSIONS; - if ((flags & O_RDONLY) == O_RDONLY) - sftp_flags |= SSH_FXF_READ; - if ((flags & O_WRONLY) == O_WRONLY) + if (flags == O_RDONLY) + sftp_flags |= SSH_FXF_READ; /* if any of the other flag is set, + READ should not be set initialy */ + if (flags & O_WRONLY) sftp_flags |= SSH_FXF_WRITE; - if ((flags & O_RDWR) == O_RDWR) + if (flags & O_RDWR) sftp_flags |= (SSH_FXF_WRITE | SSH_FXF_READ); - if ((flags & O_CREAT) == O_CREAT) + if (flags & O_CREAT) sftp_flags |= SSH_FXF_CREAT; - if ((flags & O_TRUNC) == O_TRUNC) + if (flags & O_TRUNC) sftp_flags |= SSH_FXF_TRUNC; - if ((flags & O_EXCL) == O_EXCL) + if (flags & O_EXCL) sftp_flags |= SSH_FXF_EXCL; SSH_LOG(SSH_LOG_PACKET,"Opening file %s with sftp flags %x",file,sftp_flags); id = sftp_get_new_id(sftp); - if (ssh_buffer_add_u32(buffer, htonl(id)) < 0 || - ssh_buffer_add_ssh_string(buffer, filename) < 0) { + if (buffer_add_u32(buffer, htonl(id)) < 0 || + buffer_add_ssh_string(buffer, filename) < 0) { ssh_set_error_oom(sftp->session); ssh_buffer_free(buffer); ssh_string_free(filename); @@ -1648,7 +1669,7 @@ sftp_file sftp_open(sftp_session sftp, const char *file, int flags, } ssh_string_free(filename); - if (ssh_buffer_add_u32(buffer, htonl(sftp_flags)) < 0 || + if (buffer_add_u32(buffer, htonl(sftp_flags)) < 0 || buffer_add_attributes(buffer, &attr) < 0) { ssh_set_error_oom(sftp->session); ssh_buffer_free(buffer); @@ -1776,7 +1797,7 @@ ssize_t sftp_read(sftp_file handle, void *buf, size_t count) { status_msg_free(status); return -1; case SSH_FXP_DATA: - datastring = ssh_buffer_get_ssh_string(msg->payload); + datastring = buffer_get_ssh_string(msg->payload); sftp_message_free(msg); if (datastring == NULL) { ssh_set_error(sftp->session, SSH_FATAL, @@ -1897,7 +1918,7 @@ int sftp_async_read(sftp_file file, void *data, uint32_t size, uint32_t id){ status_msg_free(status); return err; case SSH_FXP_DATA: - datastring = ssh_buffer_get_ssh_string(msg->payload); + datastring = buffer_get_ssh_string(msg->payload); sftp_message_free(msg); if (datastring == NULL) { ssh_set_error(sftp->session, SSH_FATAL, @@ -1957,7 +1978,7 @@ ssize_t sftp_write(sftp_file file, const void *buf, size_t count) { ssh_buffer_free(buffer); return -1; } - packetlen=ssh_buffer_get_len(buffer); + packetlen=buffer_get_rest_len(buffer); len = sftp_packet_write(file->sftp, SSH_FXP_WRITE, buffer); ssh_buffer_free(buffer); if (len < 0) { @@ -2212,8 +2233,8 @@ int sftp_mkdir(sftp_session sftp, const char *directory, mode_t mode) { attr.flags = SSH_FILEXFER_ATTR_PERMISSIONS; id = sftp_get_new_id(sftp); - if (ssh_buffer_add_u32(buffer, htonl(id)) < 0 || - ssh_buffer_add_ssh_string(buffer, path) < 0 || + if (buffer_add_u32(buffer, htonl(id)) < 0 || + buffer_add_ssh_string(buffer, path) < 0 || buffer_add_attributes(buffer, &attr) < 0 || sftp_packet_write(sftp, SSH_FXP_MKDIR, buffer) < 0) { ssh_buffer_free(buffer); @@ -2306,7 +2327,7 @@ int sftp_rename(sftp_session sftp, const char *original, const char *newname) { if (sftp->version >= 4){ /* POSIX rename atomically replaces newpath, we should do the same * only available on >=v4 */ - ssh_buffer_add_u32(buffer, SSH_FXF_RENAME_OVERWRITE); + buffer_add_u32(buffer, SSH_FXF_RENAME_OVERWRITE); } if (sftp_packet_write(sftp, SSH_FXP_RENAME, buffer) < 0) { @@ -2378,8 +2399,8 @@ int sftp_setstat(sftp_session sftp, const char *file, sftp_attributes attr) { } id = sftp_get_new_id(sftp); - if (ssh_buffer_add_u32(buffer, htonl(id)) < 0 || - ssh_buffer_add_ssh_string(buffer, path) < 0 || + if (buffer_add_u32(buffer, htonl(id)) < 0 || + buffer_add_ssh_string(buffer, path) < 0 || buffer_add_attributes(buffer, attr) < 0) { ssh_set_error_oom(sftp->session); ssh_buffer_free(buffer); @@ -2595,8 +2616,8 @@ char *sftp_readlink(sftp_session sftp, const char *path) { } id = sftp_get_new_id(sftp); - if (ssh_buffer_add_u32(buffer, htonl(id)) < 0 || - ssh_buffer_add_ssh_string(buffer, path_s) < 0) { + if (buffer_add_u32(buffer, htonl(id)) < 0 || + buffer_add_ssh_string(buffer, path_s) < 0) { ssh_set_error_oom(sftp->session); ssh_buffer_free(buffer); ssh_string_free(path_s); @@ -2619,9 +2640,9 @@ char *sftp_readlink(sftp_session sftp, const char *path) { if (msg->packet_type == SSH_FXP_NAME) { /* we don't care about "count" */ - ssh_buffer_get_u32(msg->payload, &ignored); + buffer_get_u32(msg->payload, &ignored); /* we only care about the file name string */ - link_s = ssh_buffer_get_ssh_string(msg->payload); + link_s = buffer_get_ssh_string(msg->payload); sftp_message_free(msg); if (link_s == NULL) { /* TODO: what error to set here? */ @@ -2653,11 +2674,12 @@ static sftp_statvfs_t sftp_parse_statvfs(sftp_session sftp, ssh_buffer buf) { sftp_statvfs_t statvfs; int rc; - statvfs = calloc(1, sizeof(struct sftp_statvfs_struct)); + statvfs = malloc(sizeof(struct sftp_statvfs_struct)); if (statvfs == NULL) { ssh_set_error_oom(sftp->session); return NULL; } + ZERO_STRUCTP(statvfs); rc = ssh_buffer_unpack(buf, "qqqqqqqqqqq", &statvfs->f_bsize, /* file system block size */ @@ -2722,9 +2744,9 @@ sftp_statvfs_t sftp_statvfs(sftp_session sftp, const char *path) { } id = sftp_get_new_id(sftp); - if (ssh_buffer_add_u32(buffer, htonl(id)) < 0 || - ssh_buffer_add_ssh_string(buffer, ext) < 0 || - ssh_buffer_add_ssh_string(buffer, pathstr) < 0) { + if (buffer_add_u32(buffer, htonl(id)) < 0 || + buffer_add_ssh_string(buffer, ext) < 0 || + buffer_add_ssh_string(buffer, pathstr) < 0) { ssh_set_error_oom(sftp->session); ssh_buffer_free(buffer); ssh_string_free(ext); @@ -2801,9 +2823,9 @@ sftp_statvfs_t sftp_fstatvfs(sftp_file file) { } id = sftp_get_new_id(sftp); - if (ssh_buffer_add_u32(buffer, htonl(id)) < 0 || - ssh_buffer_add_ssh_string(buffer, ext) < 0 || - ssh_buffer_add_ssh_string(buffer, file->handle) < 0) { + if (buffer_add_u32(buffer, htonl(id)) < 0 || + buffer_add_ssh_string(buffer, ext) < 0 || + buffer_add_ssh_string(buffer, file->handle) < 0) { ssh_set_error_oom(sftp->session); ssh_buffer_free(buffer); ssh_string_free(ext); @@ -2890,8 +2912,8 @@ char *sftp_canonicalize_path(sftp_session sftp, const char *path) { } id = sftp_get_new_id(sftp); - if (ssh_buffer_add_u32(buffer, htonl(id)) < 0 || - ssh_buffer_add_ssh_string(buffer, pathstr) < 0) { + if (buffer_add_u32(buffer, htonl(id)) < 0 || + buffer_add_ssh_string(buffer, pathstr) < 0) { ssh_set_error_oom(sftp->session); ssh_buffer_free(buffer); ssh_string_free(pathstr); @@ -2914,9 +2936,9 @@ char *sftp_canonicalize_path(sftp_session sftp, const char *path) { if (msg->packet_type == SSH_FXP_NAME) { /* we don't care about "count" */ - ssh_buffer_get_u32(msg->payload, &ignored); + buffer_get_u32(msg->payload, &ignored); /* we only care about the file name string */ - name = ssh_buffer_get_ssh_string(msg->payload); + name = buffer_get_ssh_string(msg->payload); sftp_message_free(msg); if (name == NULL) { /* TODO: error message? */ @@ -2968,8 +2990,8 @@ static sftp_attributes sftp_xstat(sftp_session sftp, const char *path, } id = sftp_get_new_id(sftp); - if (ssh_buffer_add_u32(buffer, htonl(id)) < 0 || - ssh_buffer_add_ssh_string(buffer, pathstr) < 0) { + if (buffer_add_u32(buffer, htonl(id)) < 0 || + buffer_add_ssh_string(buffer, pathstr) < 0) { ssh_set_error_oom(sftp->session); ssh_buffer_free(buffer); ssh_string_free(pathstr); @@ -3035,8 +3057,8 @@ sftp_attributes sftp_fstat(sftp_file file) { } id = sftp_get_new_id(file->sftp); - if (ssh_buffer_add_u32(buffer, htonl(id)) < 0 || - ssh_buffer_add_ssh_string(buffer, file->handle) < 0) { + if (buffer_add_u32(buffer, htonl(id)) < 0 || + buffer_add_ssh_string(buffer, file->handle) < 0) { ssh_set_error_oom(file->sftp->session); ssh_buffer_free(buffer); return NULL; @@ -3055,7 +3077,10 @@ sftp_attributes sftp_fstat(sftp_file file) { } if (msg->packet_type == SSH_FXP_ATTRS){ - return sftp_parse_attr(file->sftp, msg->payload, 0); + sftp_attributes attr = sftp_parse_attr(file->sftp, msg->payload, 0); + sftp_message_free(msg); + + return attr; } else if (msg->packet_type == SSH_FXP_STATUS) { status = parse_status_msg(msg); sftp_message_free(msg); diff --git a/external/libssh-win-static/src/sftpserver.c b/external/libssh-win-static/src/sftpserver.c index dc78591..d0f6f88 100644 --- a/external/libssh-win-static/src/sftpserver.c +++ b/external/libssh-win-static/src/sftpserver.c @@ -65,15 +65,15 @@ sftp_client_message sftp_get_client_message(sftp_session sftp) { /* take a copy of the whole packet */ msg->complete_message = ssh_buffer_new(); ssh_buffer_add_data(msg->complete_message, - ssh_buffer_get(payload), - ssh_buffer_get_len(payload)); + buffer_get_rest(payload), + buffer_get_rest_len(payload)); - ssh_buffer_get_u32(payload, &msg->id); + buffer_get_u32(payload, &msg->id); switch(msg->type) { case SSH_FXP_CLOSE: case SSH_FXP_READDIR: - msg->handle = ssh_buffer_get_ssh_string(payload); + msg->handle = buffer_get_ssh_string(payload); if (msg->handle == NULL) { ssh_set_error_oom(session); sftp_client_message_free(msg); @@ -148,7 +148,7 @@ sftp_client_message sftp_get_client_message(sftp_session sftp) { } break; case SSH_FXP_FSETSTAT: - msg->handle = ssh_buffer_get_ssh_string(payload); + msg->handle = buffer_get_ssh_string(payload); if (msg->handle == NULL) { ssh_set_error_oom(session); sftp_client_message_free(msg); @@ -273,10 +273,10 @@ int sftp_reply_name(sftp_client_message msg, const char *name, return -1; } - if (ssh_buffer_add_u32(out, msg->id) < 0 || - ssh_buffer_add_u32(out, htonl(1)) < 0 || - ssh_buffer_add_ssh_string(out, file) < 0 || - ssh_buffer_add_ssh_string(out, file) < 0 || /* The protocol is broken here between 3 & 4 */ + if (buffer_add_u32(out, msg->id) < 0 || + buffer_add_u32(out, htonl(1)) < 0 || + buffer_add_ssh_string(out, file) < 0 || + buffer_add_ssh_string(out, file) < 0 || /* The protocol is broken here between 3 & 4 */ buffer_add_attributes(out, attr) < 0 || sftp_packet_write(msg->sftp, SSH_FXP_NAME, out) < 0) { ssh_buffer_free(out); @@ -297,8 +297,8 @@ int sftp_reply_handle(sftp_client_message msg, ssh_string handle){ return -1; } - if (ssh_buffer_add_u32(out, msg->id) < 0 || - ssh_buffer_add_ssh_string(out, handle) < 0 || + if (buffer_add_u32(out, msg->id) < 0 || + buffer_add_ssh_string(out, handle) < 0 || sftp_packet_write(msg->sftp, SSH_FXP_HANDLE, out) < 0) { ssh_buffer_free(out); return -1; @@ -316,7 +316,7 @@ int sftp_reply_attr(sftp_client_message msg, sftp_attributes attr) { return -1; } - if (ssh_buffer_add_u32(out, msg->id) < 0 || + if (buffer_add_u32(out, msg->id) < 0 || buffer_add_attributes(out, attr) < 0 || sftp_packet_write(msg->sftp, SSH_FXP_ATTRS, out) < 0) { ssh_buffer_free(out); @@ -344,7 +344,7 @@ int sftp_reply_names_add(sftp_client_message msg, const char *file, } } - if (ssh_buffer_add_ssh_string(msg->attrbuf, name) < 0) { + if (buffer_add_ssh_string(msg->attrbuf, name) < 0) { ssh_string_free(name); return -1; } @@ -354,7 +354,7 @@ int sftp_reply_names_add(sftp_client_message msg, const char *file, if (name == NULL) { return -1; } - if (ssh_buffer_add_ssh_string(msg->attrbuf,name) < 0 || + if (buffer_add_ssh_string(msg->attrbuf,name) < 0 || buffer_add_attributes(msg->attrbuf,attr) < 0) { ssh_string_free(name); return -1; @@ -374,10 +374,10 @@ int sftp_reply_names(sftp_client_message msg) { return -1; } - if (ssh_buffer_add_u32(out, msg->id) < 0 || - ssh_buffer_add_u32(out, htonl(msg->attr_num)) < 0 || - ssh_buffer_add_data(out, ssh_buffer_get(msg->attrbuf), - ssh_buffer_get_len(msg->attrbuf)) < 0 || + if (buffer_add_u32(out, msg->id) < 0 || + buffer_add_u32(out, htonl(msg->attr_num)) < 0 || + ssh_buffer_add_data(out, buffer_get_rest(msg->attrbuf), + buffer_get_rest_len(msg->attrbuf)) < 0 || sftp_packet_write(msg->sftp, SSH_FXP_NAME, out) < 0) { ssh_buffer_free(out); ssh_buffer_free(msg->attrbuf); @@ -409,10 +409,10 @@ int sftp_reply_status(sftp_client_message msg, uint32_t status, return -1; } - if (ssh_buffer_add_u32(out, msg->id) < 0 || - ssh_buffer_add_u32(out, htonl(status)) < 0 || - ssh_buffer_add_ssh_string(out, s) < 0 || - ssh_buffer_add_u32(out, 0) < 0 || /* language string */ + if (buffer_add_u32(out, msg->id) < 0 || + buffer_add_u32(out, htonl(status)) < 0 || + buffer_add_ssh_string(out, s) < 0 || + buffer_add_u32(out, 0) < 0 || /* language string */ sftp_packet_write(msg->sftp, SSH_FXP_STATUS, out) < 0) { ssh_buffer_free(out); ssh_string_free(s); @@ -433,8 +433,8 @@ int sftp_reply_data(sftp_client_message msg, const void *data, int len) { return -1; } - if (ssh_buffer_add_u32(out, msg->id) < 0 || - ssh_buffer_add_u32(out, ntohl(len)) < 0 || + if (buffer_add_u32(out, msg->id) < 0 || + buffer_add_u32(out, ntohl(len)) < 0 || ssh_buffer_add_data(out, data, len) < 0 || sftp_packet_write(msg->sftp, SSH_FXP_DATA, out) < 0) { ssh_buffer_free(out); diff --git a/external/libssh-win-static/src/socket.c b/external/libssh-win-static/src/socket.c index 76dc55e..022c9a7 100644 --- a/external/libssh-win-static/src/socket.c +++ b/external/libssh-win-static/src/socket.c @@ -227,11 +227,6 @@ int ssh_socket_pollcallback(struct ssh_poll_handle_struct *p, socket_t fd, if (!ssh_socket_is_open(s)) { return -1; } - SSH_LOG(SSH_LOG_TRACE, "Poll callback on socket %d (%s%s%s), out buffer %d",fd, - (revents & POLLIN) ? "POLLIN ":"", - (revents & POLLOUT) ? "POLLOUT ":"", - (revents & POLLERR) ? "POLLERR":"", - ssh_buffer_get_len(s->out_buffer)); if (revents & POLLERR || revents & POLLHUP) { /* Check if we are in a connecting state */ if (s->state == SSH_SOCKET_CONNECTING) { @@ -295,10 +290,10 @@ int ssh_socket_pollcallback(struct ssh_poll_handle_struct *p, socket_t fd, } if (s->callbacks && s->callbacks->data) { do { - r = s->callbacks->data(ssh_buffer_get(s->in_buffer), - ssh_buffer_get_len(s->in_buffer), + r = s->callbacks->data(buffer_get_rest(s->in_buffer), + buffer_get_rest_len(s->in_buffer), s->callbacks->userdata); - ssh_buffer_pass_bytes(s->in_buffer, r); + buffer_pass_bytes(s->in_buffer, r); } while ((r > 0) && (s->state == SSH_SOCKET_CONNECTED)); /* p may have been freed, so don't use it * anymore in this function */ @@ -335,11 +330,10 @@ int ssh_socket_pollcallback(struct ssh_poll_handle_struct *p, socket_t fd, } /* If buffered data is pending, write it */ - if (ssh_buffer_get_len(s->out_buffer) > 0) { + if (buffer_get_rest_len(s->out_buffer) > 0) { ssh_socket_nonblocking_flush(s); } else if (s->callbacks && s->callbacks->controlflow) { /* Otherwise advertise the upper level that write can be done */ - SSH_LOG(SSH_LOG_TRACE,"sending control flow event"); s->callbacks->controlflow(SSH_SOCKET_FLOW_WRITEWONTBLOCK, s->callbacks->userdata); } @@ -656,7 +650,7 @@ int ssh_socket_nonblocking_flush(ssh_socket s) { return SSH_ERROR; } - len = ssh_buffer_get_len(s->out_buffer); + len = buffer_get_rest_len(s->out_buffer); if (!s->write_wontblock && s->poll_out && len > 0) { /* force the poll system to catch pollout events */ ssh_poll_add_events(s->poll_out, POLLOUT); @@ -664,7 +658,7 @@ int ssh_socket_nonblocking_flush(ssh_socket s) { return SSH_AGAIN; } if (s->write_wontblock && len > 0) { - w = ssh_socket_unbuffered_write(s, ssh_buffer_get(s->out_buffer), len); + w = ssh_socket_unbuffered_write(s, buffer_get_rest(s->out_buffer), len); if (w < 0) { session->alive = 0; ssh_socket_close(s); @@ -680,14 +674,14 @@ int ssh_socket_nonblocking_flush(ssh_socket s) { } return SSH_ERROR; } - ssh_buffer_pass_bytes(s->out_buffer, w); + buffer_pass_bytes(s->out_buffer, w); if (s->session->socket_counter != NULL) { s->session->socket_counter->out_bytes += w; } } /* Is there some data pending? */ - len = ssh_buffer_get_len(s->out_buffer); + len = buffer_get_rest_len(s->out_buffer); if (s->poll_out && len > 0) { /* force the poll system to catch pollout events */ ssh_poll_add_events(s->poll_out, POLLOUT); @@ -727,7 +721,7 @@ int ssh_socket_data_writable(ssh_socket s) { int ssh_socket_buffered_write_bytes(ssh_socket s){ if(s==NULL || s->out_buffer == NULL) return 0; - return ssh_buffer_get_len(s->out_buffer); + return buffer_get_rest_len(s->out_buffer); } diff --git a/external/libssh-win-static/src/wrapper.c b/external/libssh-win-static/src/wrapper.c index 7686937..b750702 100644 --- a/external/libssh-win-static/src/wrapper.c +++ b/external/libssh-win-static/src/wrapper.c @@ -112,16 +112,16 @@ void ssh_cipher_clear(struct ssh_cipher_struct *cipher){ return; } -#ifdef HAVE_LIBGCRYPT if(cipher->key) { +#ifdef HAVE_LIBGCRYPT for (i = 0; i < (cipher->keylen / sizeof(gcry_cipher_hd_t)); i++) { gcry_cipher_close(cipher->key[i]); } - SAFE_FREE(cipher->key); - } +#elif defined HAVE_LIBCRYPTO + /* destroy the key */ + memset(cipher->key, 0, cipher->keylen); #endif - if (cipher->cleanup != NULL){ - cipher->cleanup(cipher); + SAFE_FREE(cipher->key); } } diff --git a/external/readme.md b/external/readme.md index ef7d3ed..696f92a 100644 --- a/external/readme.md +++ b/external/readme.md @@ -28,4 +28,8 @@ teleport项目用到的第三方库 mbedtls-mbedtls-2.2.1 注意:teleport项目使用源代码直接编译,因此解压缩源代码到此即可。 - libssh + https://git.libssh.org/projects/libssh.git/snapshot + libssh-0.7.4.zip + Windows平台使用预制的libssh-static工程进行编译。 + diff --git a/server/tp_core/common/base_env.cpp b/server/tp_core/common/base_env.cpp index 9fd2336..4755eea 100644 --- a/server/tp_core/common/base_env.cpp +++ b/server/tp_core/common/base_env.cpp @@ -18,6 +18,7 @@ bool TppEnvBase::init(TPP_INIT_ARGS* args) exec_path = args->exec_path; etc_path = args->etc_path; + replay_path = args->replay_path; take_session = args->func_take_session; session_begin = args->func_session_begin; @@ -35,18 +36,18 @@ bool TppEnvBase::init(TPP_INIT_ARGS* args) return false; } - ExIniSection* ps = args->cfg->GetSection(L"common"); - if (NULL == ps) - { - EXLOGE("invalid config(1).\n"); - return false; - } - - if (!ps->GetStr(L"replay-path", replay_path)) - { - replay_path = exec_path; - ex_path_join(replay_path, true, L"..", L"data", L"replay", NULL); - } +// ExIniSection* ps = args->cfg->GetSection(L"common"); +// if (NULL == ps) +// { +// EXLOGE("invalid config(1).\n"); +// return false; +// } +// +// if (!ps->GetStr(L"replay-path", replay_path)) +// { +// replay_path = exec_path; +// ex_path_join(replay_path, true, L"..", L"data", L"replay", NULL); +// } if (!_on_init(args)) { diff --git a/server/tp_core/common/protocol_interface.h b/server/tp_core/common/protocol_interface.h index 3fdcb38..9b0608a 100644 --- a/server/tp_core/common/protocol_interface.h +++ b/server/tp_core/common/protocol_interface.h @@ -44,6 +44,7 @@ typedef struct TPP_INIT_ARGS ExLogger* logger; ex_wstr exec_path; ex_wstr etc_path; + ex_wstr replay_path; ExIniFile* cfg; TPP_TAKE_SESSION_FUNC func_take_session; diff --git a/server/tp_core/core/ts_env.cpp b/server/tp_core/core/ts_env.cpp index 6fcb50f..35cbc15 100644 --- a/server/tp_core/core/ts_env.cpp +++ b/server/tp_core/core/ts_env.cpp @@ -33,7 +33,7 @@ bool TsEnv::init(void) if (!ex_is_file_exists(conf_file.c_str())) { - EXLOGD("[core] ===== DEVELOPMENT MODE =====\n"); + EXLOGW("[core] ===== DEVELOPMENT MODE =====\n"); base_path = m_exec_path; ex_path_join(base_path, true, L"..", L"..", L"..", L"..", L"server", L"share", NULL); @@ -56,8 +56,15 @@ bool TsEnv::init(void) return false; } - ex_wstr log_file; ExIniSection* ps = m_ini.GetSection(L"common"); + + if (!ps->GetStr(L"replay-path", m_replay_path)) + { + m_replay_path = base_path; + ex_path_join(m_replay_path, false, L"data", L"replay", NULL); + } + + ex_wstr log_file; if (!ps->GetStr(L"log-file", log_file)) { ex_wstr log_path = base_path; @@ -98,20 +105,20 @@ bool TsEnv::init(void) rpc_bind_port = TS_HTTP_RPC_PORT; } - m_db_file = base_path; - ex_path_join(m_db_file, false, L"data", L"ts_db.db", NULL); +// m_db_file = base_path; +// ex_path_join(m_db_file, false, L"data", L"ts_db.db", NULL); return true; } -bool TsEnv::check_db_file(void) -{ - if (!ex_is_file_exists(m_db_file.c_str())) - { - EXLOGE("[core] can not found database file.\n"); - return false; - } - - return true; -} +// bool TsEnv::check_db_file(void) +// { +// if (!ex_is_file_exists(m_db_file.c_str())) +// { +// EXLOGE("[core] can not found database file.\n"); +// return false; +// } +// +// return true; +// } diff --git a/server/tp_core/core/ts_env.h b/server/tp_core/core/ts_env.h index ee89fe1..6779627 100644 --- a/server/tp_core/core/ts_env.h +++ b/server/tp_core/core/ts_env.h @@ -10,7 +10,7 @@ public: ~TsEnv(); bool init(void); - bool check_db_file(void); +// bool check_db_file(void); ExIniFile& get_ini(void) { return m_ini; } @@ -18,8 +18,9 @@ public: ex_wstr m_exec_file; ex_wstr m_exec_path; ex_wstr m_etc_path; + ex_wstr m_replay_path; - ex_wstr m_db_file; + //ex_wstr m_db_file; ex_astr rpc_bind_ip; int rpc_bind_port; diff --git a/server/tp_core/core/ts_main.cpp b/server/tp_core/core/ts_main.cpp index ab3f2c7..013a053 100644 --- a/server/tp_core/core/ts_main.cpp +++ b/server/tp_core/core/ts_main.cpp @@ -160,6 +160,7 @@ bool TppManager::load_tpp(const ex_wstr& libname) init_args.logger = &g_ex_logger; init_args.exec_path = g_env.m_exec_path; init_args.etc_path = g_env.m_etc_path; + init_args.replay_path = g_env.m_replay_path; init_args.cfg = &g_env.get_ini(); init_args.func_take_session = tpp_take_session; init_args.func_session_begin = tpp_session_begin; diff --git a/server/www/teleport/app/eom_app/module/record.py b/server/www/teleport/app/eom_app/module/record.py index 4fcc819..3783304 100644 --- a/server/www/teleport/app/eom_app/module/record.py +++ b/server/www/teleport/app/eom_app/module/record.py @@ -5,6 +5,9 @@ import shutil import struct from .common import * +from eom_app.app.configs import app_cfg + +cfg = app_cfg() def read_record_head(record_id):