Lines Matching full:ssh
45 #include "ssh.h"
68 static int kex_choose_conf(struct ssh *, uint32_t seq);
69 static int kex_input_newkeys(int, u_int32_t, struct ssh *);
91 kex_proposal_populate_entries(struct ssh *ssh, char *prop[PROPOSAL_MAX], in kex_proposal_populate_entries() argument
97 const char **defprop = ssh->kex->server ? defpropserver : defpropclient; in kex_proposal_populate_entries()
107 if ((cp = kex_names_cat(kexalgos, ssh->kex->server ? in kex_proposal_populate_entries()
115 prop[i] = compat_kex_proposal(ssh, cp); in kex_proposal_populate_entries()
236 kex_protocol_error(int type, u_int32_t seq, struct ssh *ssh) in kex_protocol_error() argument
241 if ((ssh->kex->flags & KEX_INITIAL) && ssh->kex->kex_strict) { in kex_protocol_error()
242 ssh_packet_disconnect(ssh, "strict KEX violation: " in kex_protocol_error()
246 if ((r = sshpkt_start(ssh, SSH2_MSG_UNIMPLEMENTED)) != 0 || in kex_protocol_error()
247 (r = sshpkt_put_u32(ssh, seq)) != 0 || in kex_protocol_error()
248 (r = sshpkt_send(ssh)) != 0) in kex_protocol_error()
254 kex_reset_dispatch(struct ssh *ssh) in kex_reset_dispatch() argument
256 ssh_dispatch_range(ssh, SSH2_MSG_TRANSPORT_MIN, in kex_reset_dispatch()
261 kex_set_server_sig_algs(struct ssh *ssh, const char *allowed_algs) in kex_set_server_sig_algs() argument
276 free(ssh->kex->server_sig_algs); in kex_set_server_sig_algs()
277 ssh->kex->server_sig_algs = NULL; in kex_set_server_sig_algs()
285 if (ssh->kex->server_sig_algs != NULL && in kex_set_server_sig_algs()
286 kex_has_any_alg(sigalg, ssh->kex->server_sig_algs)) in kex_set_server_sig_algs()
288 xextendf(&ssh->kex->server_sig_algs, ",", "%s", sigalg); in kex_set_server_sig_algs()
292 if (ssh->kex->server_sig_algs == NULL) in kex_set_server_sig_algs()
293 ssh->kex->server_sig_algs = xstrdup(""); in kex_set_server_sig_algs()
297 kex_compose_ext_info_server(struct ssh *ssh, struct sshbuf *m) in kex_compose_ext_info_server() argument
301 if (ssh->kex->server_sig_algs == NULL && in kex_compose_ext_info_server()
302 (ssh->kex->server_sig_algs = sshkey_alg_list(0, 1, 1, ',')) == NULL) in kex_compose_ext_info_server()
306 (r = sshbuf_put_cstring(m, ssh->kex->server_sig_algs)) != 0 || in kex_compose_ext_info_server()
319 kex_compose_ext_info_client(struct ssh *ssh, struct sshbuf *m) in kex_compose_ext_info_client() argument
336 kex_maybe_send_ext_info(struct ssh *ssh) in kex_maybe_send_ext_info() argument
341 if ((ssh->kex->flags & KEX_INITIAL) == 0) in kex_maybe_send_ext_info()
343 if (!ssh->kex->ext_info_c && !ssh->kex->ext_info_s) in kex_maybe_send_ext_info()
349 if (ssh->kex->ext_info_c && in kex_maybe_send_ext_info()
350 (r = kex_compose_ext_info_server(ssh, m)) != 0) in kex_maybe_send_ext_info()
352 if (ssh->kex->ext_info_s && in kex_maybe_send_ext_info()
353 (r = kex_compose_ext_info_client(ssh, m)) != 0) in kex_maybe_send_ext_info()
358 if ((r = sshpkt_start(ssh, SSH2_MSG_EXT_INFO)) != 0 || in kex_maybe_send_ext_info()
359 (r = sshpkt_putb(ssh, m)) != 0 || in kex_maybe_send_ext_info()
360 (r = sshpkt_send(ssh)) != 0) { in kex_maybe_send_ext_info()
373 kex_server_update_ext_info(struct ssh *ssh) in kex_server_update_ext_info() argument
377 if ((ssh->kex->flags & KEX_HAS_EXT_INFO_IN_AUTH) == 0) in kex_server_update_ext_info()
381 if ((r = sshpkt_start(ssh, SSH2_MSG_EXT_INFO)) != 0 || in kex_server_update_ext_info()
382 (r = sshpkt_put_u32(ssh, 1)) != 0 || in kex_server_update_ext_info()
383 (r = sshpkt_put_cstring(ssh, "server-sig-algs")) != 0 || in kex_server_update_ext_info()
384 (r = sshpkt_put_cstring(ssh, ssh->kex->server_sig_algs)) != 0 || in kex_server_update_ext_info()
385 (r = sshpkt_send(ssh)) != 0) { in kex_server_update_ext_info()
393 kex_send_newkeys(struct ssh *ssh) in kex_send_newkeys() argument
397 kex_reset_dispatch(ssh); in kex_send_newkeys()
398 if ((r = sshpkt_start(ssh, SSH2_MSG_NEWKEYS)) != 0 || in kex_send_newkeys()
399 (r = sshpkt_send(ssh)) != 0) in kex_send_newkeys()
402 ssh_dispatch_set(ssh, SSH2_MSG_NEWKEYS, &kex_input_newkeys); in kex_send_newkeys()
403 if ((r = kex_maybe_send_ext_info(ssh)) != 0) in kex_send_newkeys()
427 kex_ext_info_client_parse(struct ssh *ssh, const char *name, in kex_ext_info_client_parse() argument
440 free(ssh->kex->server_sig_algs); in kex_ext_info_client_parse()
441 ssh->kex->server_sig_algs = xstrdup((const char *)value); in kex_ext_info_client_parse()
442 } else if (ssh->kex->ext_info_received == 1 && in kex_ext_info_client_parse()
444 if ((r = kex_ext_info_check_ver(ssh->kex, name, value, vlen, in kex_ext_info_client_parse()
448 } else if (ssh->kex->ext_info_received == 1 && in kex_ext_info_client_parse()
450 if ((r = kex_ext_info_check_ver(ssh->kex, name, value, vlen, in kex_ext_info_client_parse()
461 kex_ext_info_server_parse(struct ssh *ssh, const char *name, in kex_ext_info_server_parse() argument
467 if ((r = kex_ext_info_check_ver(ssh->kex, name, value, vlen, in kex_ext_info_server_parse()
477 kex_input_ext_info(int type, u_int32_t seq, struct ssh *ssh) in kex_input_ext_info() argument
479 struct kex *kex = ssh->kex; in kex_input_ext_info()
490 return dispatch_protocol_error(type, seq, ssh); in kex_input_ext_info()
492 ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, &kex_protocol_error); in kex_input_ext_info()
493 if ((r = sshpkt_get_u32(ssh, &ninfo)) != 0) in kex_input_ext_info()
498 return dispatch_protocol_error(type, seq, ssh); in kex_input_ext_info()
501 if ((r = sshpkt_get_cstring(ssh, &name, NULL)) != 0) in kex_input_ext_info()
503 if ((r = sshpkt_get_string(ssh, &val, &vlen)) != 0) { in kex_input_ext_info()
509 if ((r = kex_ext_info_server_parse(ssh, name, in kex_input_ext_info()
513 if ((r = kex_ext_info_client_parse(ssh, name, in kex_input_ext_info()
520 return sshpkt_get_end(ssh); in kex_input_ext_info()
524 kex_input_newkeys(int type, u_int32_t seq, struct ssh *ssh) in kex_input_newkeys() argument
526 struct kex *kex = ssh->kex; in kex_input_newkeys()
532 ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, &kex_input_ext_info); in kex_input_newkeys()
533 ssh_dispatch_set(ssh, SSH2_MSG_NEWKEYS, &kex_protocol_error); in kex_input_newkeys()
534 ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_input_kexinit); in kex_input_newkeys()
535 if ((r = sshpkt_get_end(ssh)) != 0) in kex_input_newkeys()
537 if ((r = ssh_set_newkeys(ssh, MODE_IN)) != 0) in kex_input_newkeys()
552 if ((r = kex_prop2buf(ssh->kex->my, prop)) != 0) { in kex_input_newkeys()
572 kex_send_kexinit(struct ssh *ssh) in kex_send_kexinit() argument
575 struct kex *kex = ssh->kex; in kex_send_kexinit()
598 if ((r = sshpkt_start(ssh, SSH2_MSG_KEXINIT)) != 0 || in kex_send_kexinit()
599 (r = sshpkt_putb(ssh, kex->my)) != 0 || in kex_send_kexinit()
600 (r = sshpkt_send(ssh)) != 0) { in kex_send_kexinit()
610 kex_input_kexinit(int type, u_int32_t seq, struct ssh *ssh) in kex_input_kexinit() argument
612 struct kex *kex = ssh->kex; in kex_input_kexinit()
623 ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_protocol_error); in kex_input_kexinit()
624 ptr = sshpkt_ptr(ssh, &dlen); in kex_input_kexinit()
630 if ((r = sshpkt_get_u8(ssh, NULL)) != 0) { in kex_input_kexinit()
636 if ((r = sshpkt_get_string(ssh, NULL, NULL)) != 0) { in kex_input_kexinit()
651 if ((r = sshpkt_get_u8(ssh, NULL)) != 0 || /* first_kex_follows */ in kex_input_kexinit()
652 (r = sshpkt_get_u32(ssh, NULL)) != 0 || /* reserved */ in kex_input_kexinit()
653 (r = sshpkt_get_end(ssh)) != 0) in kex_input_kexinit()
657 if ((r = kex_send_kexinit(ssh)) != 0) in kex_input_kexinit()
659 if ((r = kex_choose_conf(ssh, seq)) != 0) in kex_input_kexinit()
663 return (kex->kex[kex->kex_type])(ssh); in kex_input_kexinit()
749 kex_ready(struct ssh *ssh, char *proposal[PROPOSAL_MAX]) in kex_ready() argument
753 if ((r = kex_prop2buf(ssh->kex->my, proposal)) != 0) in kex_ready()
755 ssh->kex->flags = KEX_INITIAL; in kex_ready()
756 kex_reset_dispatch(ssh); in kex_ready()
757 ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_input_kexinit); in kex_ready()
762 kex_setup(struct ssh *ssh, char *proposal[PROPOSAL_MAX]) in kex_setup() argument
766 if ((r = kex_ready(ssh, proposal)) != 0) in kex_setup()
768 if ((r = kex_send_kexinit(ssh)) != 0) { /* we start */ in kex_setup()
769 kex_free(ssh->kex); in kex_setup()
770 ssh->kex = NULL; in kex_setup()
781 kex_start_rekex(struct ssh *ssh) in kex_start_rekex() argument
783 if (ssh->kex == NULL) { in kex_start_rekex()
787 if (ssh->kex->done == 0) { in kex_start_rekex()
791 ssh->kex->done = 0; in kex_start_rekex()
792 return kex_send_kexinit(ssh); in kex_start_rekex()
818 choose_mac(struct ssh *ssh, struct sshmac *mac, char *client, char *server) in choose_mac() argument
926 kex_choose_conf(struct ssh *ssh, uint32_t seq) in kex_choose_conf() argument
928 struct kex *kex = ssh->kex; in kex_choose_conf()
965 ssh_packet_disconnect(ssh, in kex_choose_conf()
1014 (r = choose_mac(ssh, &newkeys->mac, cprop[nmac], in kex_choose_conf()
1050 ssh->dispatch_skip_packets = 1; in kex_choose_conf()
1059 derive_key(struct ssh *ssh, int id, u_int need, u_char *hash, u_int hashlen, in derive_key() argument
1062 struct kex *kex = ssh->kex; in derive_key()
1124 kex_derive_keys(struct ssh *ssh, u_char *hash, u_int hashlen, in kex_derive_keys() argument
1127 struct kex *kex = ssh->kex; in kex_derive_keys()
1145 if ((r = derive_key(ssh, 'A'+i, kex->we_need, hash, hashlen, in kex_derive_keys()
1163 kex_load_hostkey(struct ssh *ssh, struct sshkey **prvp, struct sshkey **pubp) in kex_load_hostkey() argument
1165 struct kex *kex = ssh->kex; in kex_load_hostkey()
1175 kex->hostkey_nid, ssh); in kex_load_hostkey()
1177 kex->hostkey_nid, ssh); in kex_load_hostkey()
1184 kex_verify_host_key(struct ssh *ssh, struct sshkey *server_host_key) in kex_verify_host_key() argument
1186 struct kex *kex = ssh->kex; in kex_verify_host_key()
1196 if (kex->verify_host_key(server_host_key, ssh) == -1) in kex_verify_host_key()
1215 send_error(struct ssh *ssh, char *msg) in send_error() argument
1219 if (!ssh->kex->server) in send_error()
1222 if (atomicio(vwrite, ssh_packet_get_connection_out(ssh), in send_error()
1224 atomicio(vwrite, ssh_packet_get_connection_out(ssh), in send_error()
1235 kex_exchange_identification(struct ssh *ssh, int timeout_ms, in kex_exchange_identification() argument
1242 struct sshbuf *our_version = ssh->kex->server ? in kex_exchange_identification()
1243 ssh->kex->server_version : ssh->kex->client_version; in kex_exchange_identification()
1244 struct sshbuf *peer_version = ssh->kex->server ? in kex_exchange_identification()
1245 ssh->kex->client_version : ssh->kex->server_version; in kex_exchange_identification()
1253 if ((r = sshbuf_putf(our_version, "SSH-%d.%d-%s%s%s\r\n", in kex_exchange_identification()
1262 if (atomicio(vwrite, ssh_packet_get_connection_out(ssh), in kex_exchange_identification()
1286 send_error(ssh, "No SSH identification string " in kex_exchange_identification()
1288 error_f("No SSH version received in first %u lines " in kex_exchange_identification()
1297 r = waitrfd(ssh_packet_get_connection_in(ssh), in kex_exchange_identification()
1300 send_error(ssh, "Timed out waiting " in kex_exchange_identification()
1301 "for SSH identification string."); in kex_exchange_identification()
1314 len = atomicio(read, ssh_packet_get_connection_in(ssh), in kex_exchange_identification()
1349 memcmp(sshbuf_ptr(peer_version), "SSH-", 4) == 0) in kex_exchange_identification()
1357 /* Do not accept lines before the SSH ident from a client */ in kex_exchange_identification()
1358 if (ssh->kex->server) { in kex_exchange_identification()
1381 if (sscanf(peer_version_string, "SSH-%d.%d-%[^\n]\n", in kex_exchange_identification()
1386 send_error(ssh, "Invalid SSH identification string."); in kex_exchange_identification()
1392 compat_banner(ssh, remote_version); in kex_exchange_identification()
1409 send_error(ssh, "Protocol major versions differ."); in kex_exchange_identification()
1414 if (ssh->kex->server && (ssh->compat & SSH_BUG_PROBE) != 0) { in kex_exchange_identification()
1416 ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), in kex_exchange_identification()
1421 if (ssh->kex->server && (ssh->compat & SSH_BUG_SCANNER) != 0) { in kex_exchange_identification()
1423 ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), in kex_exchange_identification()