Lines Matching +full:- +full:state

43 #include "openbsd-compat/sys-queue.h"
190 /* Volume-based rekeying */
193 /* Time-based rekeying */
220 /* One-off warning about weak ciphers */
234 struct session_state *state = NULL; in ssh_alloc_session_state() local
237 (state = calloc(1, sizeof(*state))) == NULL || in ssh_alloc_session_state()
238 (ssh->kex = kex_new()) == NULL || in ssh_alloc_session_state()
239 (state->input = sshbuf_new()) == NULL || in ssh_alloc_session_state()
240 (state->output = sshbuf_new()) == NULL || in ssh_alloc_session_state()
241 (state->outgoing_packet = sshbuf_new()) == NULL || in ssh_alloc_session_state()
242 (state->incoming_packet = sshbuf_new()) == NULL) in ssh_alloc_session_state()
244 TAILQ_INIT(&state->outgoing); in ssh_alloc_session_state()
245 TAILQ_INIT(&ssh->private_keys); in ssh_alloc_session_state()
246 TAILQ_INIT(&ssh->public_keys); in ssh_alloc_session_state()
247 state->connection_in = -1; in ssh_alloc_session_state()
248 state->connection_out = -1; in ssh_alloc_session_state()
249 state->max_packet_size = 32768; in ssh_alloc_session_state()
250 state->packet_timeout_ms = -1; in ssh_alloc_session_state()
251 state->p_send.packets = state->p_read.packets = 0; in ssh_alloc_session_state()
252 state->initialized = 1; in ssh_alloc_session_state()
257 state->rekeying = 1; in ssh_alloc_session_state()
258 ssh->state = state; in ssh_alloc_session_state()
262 kex_free(ssh->kex); in ssh_alloc_session_state()
265 if (state) { in ssh_alloc_session_state()
266 sshbuf_free(state->input); in ssh_alloc_session_state()
267 sshbuf_free(state->output); in ssh_alloc_session_state()
268 sshbuf_free(state->incoming_packet); in ssh_alloc_session_state()
269 sshbuf_free(state->outgoing_packet); in ssh_alloc_session_state()
270 free(state); in ssh_alloc_session_state()
278 ssh->state->hook_in = hook; in ssh_packet_set_input_hook()
279 ssh->state->hook_in_ctx = ctx; in ssh_packet_set_input_hook()
286 return ssh->state->rekeying || in ssh_packet_is_rekeying()
287 (ssh->kex != NULL && ssh->kex->done == 0); in ssh_packet_is_rekeying()
296 struct session_state *state; in ssh_packet_set_connection() local
307 error_f("could not allocate state"); in ssh_packet_set_connection()
310 state = ssh->state; in ssh_packet_set_connection()
311 state->connection_in = fd_in; in ssh_packet_set_connection()
312 state->connection_out = fd_out; in ssh_packet_set_connection()
313 if ((r = cipher_init(&state->send_context, none, in ssh_packet_set_connection()
315 (r = cipher_init(&state->receive_context, none, in ssh_packet_set_connection()
321 state->newkeys[MODE_IN] = state->newkeys[MODE_OUT] = NULL; in ssh_packet_set_connection()
333 struct session_state *state = ssh->state; in ssh_packet_set_timeout() local
336 state->packet_timeout_ms = -1; in ssh_packet_set_timeout()
340 state->packet_timeout_ms = INT_MAX; in ssh_packet_set_timeout()
342 state->packet_timeout_ms = timeout * count * 1000; in ssh_packet_set_timeout()
348 ssh->state->mux = 1; in ssh_packet_set_mux()
349 ssh->state->rekeying = 0; in ssh_packet_set_mux()
350 kex_free(ssh->kex); in ssh_packet_set_mux()
351 ssh->kex = NULL; in ssh_packet_set_mux()
357 return ssh->state->mux; in ssh_packet_get_mux()
366 free(ssh->log_preamble); in ssh_packet_set_log_preamble()
368 ssh->log_preamble = NULL; in ssh_packet_set_log_preamble()
371 r = vasprintf(&ssh->log_preamble, fmt, args); in ssh_packet_set_log_preamble()
373 if (r < 0 || ssh->log_preamble == NULL) in ssh_packet_set_log_preamble()
382 struct session_state *state = ssh->state; in ssh_packet_stop_discard() local
385 if (state->packet_discard_mac) { in ssh_packet_stop_discard()
389 if (dlen > state->packet_discard_mac_already) in ssh_packet_stop_discard()
390 dlen -= state->packet_discard_mac_already; in ssh_packet_stop_discard()
392 while (sshbuf_len(state->incoming_packet) < dlen) in ssh_packet_stop_discard()
393 if ((r = sshbuf_put(state->incoming_packet, buf, in ssh_packet_stop_discard()
396 (void) mac_compute(state->packet_discard_mac, in ssh_packet_stop_discard()
397 state->p_read.seqnr, in ssh_packet_stop_discard()
398 sshbuf_ptr(state->incoming_packet), dlen, in ssh_packet_stop_discard()
410 struct session_state *state = ssh->state; in ssh_packet_start_discard() local
413 if (enc == NULL || !cipher_is_cbc(enc->cipher) || (mac && mac->etm)) { in ssh_packet_start_discard()
422 if (mac && mac->enabled) { in ssh_packet_start_discard()
423 state->packet_discard_mac = mac; in ssh_packet_start_discard()
424 state->packet_discard_mac_already = mac_already; in ssh_packet_start_discard()
426 if (sshbuf_len(state->input) >= discard) in ssh_packet_start_discard()
428 state->packet_discard = discard - sshbuf_len(state->input); in ssh_packet_start_discard()
437 struct session_state *state; in ssh_packet_connection_is_on_socket() local
441 if (ssh == NULL || ssh->state == NULL) in ssh_packet_connection_is_on_socket()
444 state = ssh->state; in ssh_packet_connection_is_on_socket()
445 if (state->connection_in == -1 || state->connection_out == -1) in ssh_packet_connection_is_on_socket()
448 if (state->connection_in == state->connection_out) in ssh_packet_connection_is_on_socket()
452 if (getpeername(state->connection_in, (struct sockaddr *)&from, in ssh_packet_connection_is_on_socket()
453 &fromlen) == -1) in ssh_packet_connection_is_on_socket()
457 if (getpeername(state->connection_out, (struct sockaddr *)&to, in ssh_packet_connection_is_on_socket()
458 &tolen) == -1) in ssh_packet_connection_is_on_socket()
471 *ibytes = ssh->state->p_read.bytes; in ssh_packet_get_bytes()
473 *obytes = ssh->state->p_send.bytes; in ssh_packet_get_bytes()
479 return get_sock_af(ssh->state->connection_out); in ssh_packet_connection_af()
482 /* Sets the connection into non-blocking mode. */
487 /* Set the socket into non-blocking mode. */ in ssh_packet_set_nonblocking()
488 set_nonblock(ssh->state->connection_in); in ssh_packet_set_nonblocking()
490 if (ssh->state->connection_out != ssh->state->connection_in) in ssh_packet_set_nonblocking()
491 set_nonblock(ssh->state->connection_out); in ssh_packet_set_nonblocking()
499 return ssh->state->connection_in; in ssh_packet_get_connection_in()
507 return ssh->state->connection_out; in ssh_packet_get_connection_out()
511 * Returns the IP-address of the remote host as a string. The returned
521 if (ssh->remote_ipaddr == NULL) { in ssh_remote_ipaddr()
523 sock = ssh->state->connection_in; in ssh_remote_ipaddr()
524 ssh->remote_ipaddr = get_peer_ipaddr(sock); in ssh_remote_ipaddr()
525 ssh->remote_port = get_peer_port(sock); in ssh_remote_ipaddr()
526 ssh->local_ipaddr = get_local_ipaddr(sock); in ssh_remote_ipaddr()
527 ssh->local_port = get_local_port(sock); in ssh_remote_ipaddr()
529 ssh->remote_ipaddr = xstrdup("UNKNOWN"); in ssh_remote_ipaddr()
530 ssh->remote_port = 65535; in ssh_remote_ipaddr()
531 ssh->local_ipaddr = xstrdup("UNKNOWN"); in ssh_remote_ipaddr()
532 ssh->local_port = 65535; in ssh_remote_ipaddr()
535 return ssh->remote_ipaddr; in ssh_remote_ipaddr()
560 (struct sockaddr *)&from, &fromlen) == -1) { in ssh_remote_hostname()
580 * 1.1.1.10.in-addr.arpa. IN PTR 2.3.4.5 in ssh_remote_hostname()
613 for (ai = aitop; ai; ai = ai->ai_next) { in ssh_remote_hostname()
614 if (getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop2, in ssh_remote_hostname()
636 return ssh->remote_port; in ssh_remote_port()
640 * Returns the IP-address of the local host as a string. The returned
648 return ssh->local_ipaddr; in ssh_local_ipaddr()
657 return ssh->local_port; in ssh_local_port()
664 if (ssh->rdomain_in != NULL) in ssh_packet_rdomain_in()
665 return ssh->rdomain_in; in ssh_packet_rdomain_in()
668 ssh->rdomain_in = get_rdomain(ssh->state->connection_in); in ssh_packet_rdomain_in()
669 return ssh->rdomain_in; in ssh_packet_rdomain_in()
677 struct session_state *state = ssh->state; in ssh_packet_close_internal() local
680 if (!state->initialized) in ssh_packet_close_internal()
682 state->initialized = 0; in ssh_packet_close_internal()
684 if (state->connection_in == state->connection_out) { in ssh_packet_close_internal()
685 close(state->connection_out); in ssh_packet_close_internal()
687 close(state->connection_in); in ssh_packet_close_internal()
688 close(state->connection_out); in ssh_packet_close_internal()
691 sshbuf_free(state->input); in ssh_packet_close_internal()
692 sshbuf_free(state->output); in ssh_packet_close_internal()
693 sshbuf_free(state->outgoing_packet); in ssh_packet_close_internal()
694 sshbuf_free(state->incoming_packet); in ssh_packet_close_internal()
696 kex_free_newkeys(state->newkeys[mode]); /* current keys */ in ssh_packet_close_internal()
697 state->newkeys[mode] = NULL; in ssh_packet_close_internal()
701 /* compression state is in shared mem, so we can only release it once */ in ssh_packet_close_internal()
702 if (do_close && state->compression_buffer) { in ssh_packet_close_internal()
703 sshbuf_free(state->compression_buffer); in ssh_packet_close_internal()
704 if (state->compression_out_started) { in ssh_packet_close_internal()
705 z_streamp stream = &state->compression_out_stream; in ssh_packet_close_internal()
708 (unsigned long long)stream->total_in, in ssh_packet_close_internal()
709 (unsigned long long)stream->total_out, in ssh_packet_close_internal()
710 stream->total_in == 0 ? 0.0 : in ssh_packet_close_internal()
711 (double) stream->total_out / stream->total_in); in ssh_packet_close_internal()
712 if (state->compression_out_failures == 0) in ssh_packet_close_internal()
715 if (state->compression_in_started) { in ssh_packet_close_internal()
716 z_streamp stream = &state->compression_in_stream; in ssh_packet_close_internal()
719 (unsigned long long)stream->total_out, in ssh_packet_close_internal()
720 (unsigned long long)stream->total_in, in ssh_packet_close_internal()
721 stream->total_out == 0 ? 0.0 : in ssh_packet_close_internal()
722 (double) stream->total_in / stream->total_out); in ssh_packet_close_internal()
723 if (state->compression_in_failures == 0) in ssh_packet_close_internal()
728 cipher_free(state->send_context); in ssh_packet_close_internal()
729 cipher_free(state->receive_context); in ssh_packet_close_internal()
730 state->send_context = state->receive_context = NULL; in ssh_packet_close_internal()
732 free(ssh->local_ipaddr); in ssh_packet_close_internal()
733 ssh->local_ipaddr = NULL; in ssh_packet_close_internal()
734 free(ssh->remote_ipaddr); in ssh_packet_close_internal()
735 ssh->remote_ipaddr = NULL; in ssh_packet_close_internal()
736 free(ssh->state); in ssh_packet_close_internal()
737 ssh->state = NULL; in ssh_packet_close_internal()
738 kex_free(ssh->kex); in ssh_packet_close_internal()
739 ssh->kex = NULL; in ssh_packet_close_internal()
760 ssh->state->remote_protocol_flags = protocol_flags; in ssh_packet_set_protocol_flags()
768 return ssh->state->remote_protocol_flags; in ssh_packet_get_protocol_flags()
773 * Level is compression level 1 (fastest) - 9 (slow, best) as in gzip.
779 if (!ssh->state->compression_buffer && in ssh_packet_init_compression()
780 ((ssh->state->compression_buffer = sshbuf_new()) == NULL)) in ssh_packet_init_compression()
792 if (ssh->state->compression_out_started == 1) in start_compression_out()
793 deflateEnd(&ssh->state->compression_out_stream); in start_compression_out()
794 switch (deflateInit(&ssh->state->compression_out_stream, level)) { in start_compression_out()
796 ssh->state->compression_out_started = 1; in start_compression_out()
809 if (ssh->state->compression_in_started == 1) in start_compression_in()
810 inflateEnd(&ssh->state->compression_in_stream); in start_compression_in()
811 switch (inflateInit(&ssh->state->compression_in_stream)) { in start_compression_in()
813 ssh->state->compression_in_started = 1; in start_compression_in()
830 if (ssh->state->compression_out_started != 1) in compress_buffer()
838 if ((ssh->state->compression_out_stream.next_in = in compress_buffer()
841 ssh->state->compression_out_stream.avail_in = sshbuf_len(in); in compress_buffer()
845 /* Set up fixed-size output buffer. */ in compress_buffer()
846 ssh->state->compression_out_stream.next_out = buf; in compress_buffer()
847 ssh->state->compression_out_stream.avail_out = sizeof(buf); in compress_buffer()
850 status = deflate(&ssh->state->compression_out_stream, in compress_buffer()
857 if ((r = sshbuf_put(out, buf, sizeof(buf) - in compress_buffer()
858 ssh->state->compression_out_stream.avail_out)) != 0) in compress_buffer()
863 ssh->state->compression_out_failures++; in compress_buffer()
866 } while (ssh->state->compression_out_stream.avail_out == 0); in compress_buffer()
876 if (ssh->state->compression_in_started != 1) in uncompress_buffer()
879 if ((ssh->state->compression_in_stream.next_in = in uncompress_buffer()
882 ssh->state->compression_in_stream.avail_in = sshbuf_len(in); in uncompress_buffer()
885 /* Set up fixed-size output buffer. */ in uncompress_buffer()
886 ssh->state->compression_in_stream.next_out = buf; in uncompress_buffer()
887 ssh->state->compression_in_stream.avail_out = sizeof(buf); in uncompress_buffer()
889 status = inflate(&ssh->state->compression_in_stream, in uncompress_buffer()
893 if ((r = sshbuf_put(out, buf, sizeof(buf) - in uncompress_buffer()
894 ssh->state->compression_in_stream.avail_out)) != 0) in uncompress_buffer()
910 ssh->state->compression_in_failures++; in uncompress_buffer()
947 if (ssh->kex && ssh->kex->newkeys[mode]) { in ssh_clear_newkeys()
948 kex_free_newkeys(ssh->kex->newkeys[mode]); in ssh_clear_newkeys()
949 ssh->kex->newkeys[mode] = NULL; in ssh_clear_newkeys()
956 struct session_state *state = ssh->state; in ssh_set_newkeys() local
970 ccp = &state->send_context; in ssh_set_newkeys()
972 ps = &state->p_send; in ssh_set_newkeys()
973 max_blocks = &state->max_blocks_out; in ssh_set_newkeys()
975 ccp = &state->receive_context; in ssh_set_newkeys()
977 ps = &state->p_read; in ssh_set_newkeys()
978 max_blocks = &state->max_blocks_in; in ssh_set_newkeys()
980 if (state->newkeys[mode] != NULL) { in ssh_set_newkeys()
983 (unsigned long long)state->p_read.bytes, in ssh_set_newkeys()
984 (unsigned long long)state->p_read.blocks, in ssh_set_newkeys()
985 (unsigned long long)state->p_send.bytes, in ssh_set_newkeys()
986 (unsigned long long)state->p_send.blocks); in ssh_set_newkeys()
987 kex_free_newkeys(state->newkeys[mode]); in ssh_set_newkeys()
988 state->newkeys[mode] = NULL; in ssh_set_newkeys()
991 ps->packets = ps->blocks = 0; in ssh_set_newkeys()
992 /* move newkeys from kex to state */ in ssh_set_newkeys()
993 if ((state->newkeys[mode] = ssh->kex->newkeys[mode]) == NULL) in ssh_set_newkeys()
995 ssh->kex->newkeys[mode] = NULL; in ssh_set_newkeys()
996 enc = &state->newkeys[mode]->enc; in ssh_set_newkeys()
997 mac = &state->newkeys[mode]->mac; in ssh_set_newkeys()
998 comp = &state->newkeys[mode]->comp; in ssh_set_newkeys()
999 if (cipher_authlen(enc->cipher) == 0) { in ssh_set_newkeys()
1003 mac->enabled = 1; in ssh_set_newkeys()
1007 if ((r = cipher_init(ccp, enc->cipher, enc->key, enc->key_len, in ssh_set_newkeys()
1008 enc->iv, enc->iv_len, crypt_type)) != 0) in ssh_set_newkeys()
1010 if (!state->cipher_warning_done && in ssh_set_newkeys()
1013 state->cipher_warning_done = 1; in ssh_set_newkeys()
1016 /* explicit_bzero(enc->iv, enc->block_size); in ssh_set_newkeys()
1017 explicit_bzero(enc->key, enc->key_len); in ssh_set_newkeys()
1018 explicit_bzero(mac->key, mac->key_len); */ in ssh_set_newkeys()
1019 if (((comp->type == COMP_DELAYED && state->after_authentication)) && in ssh_set_newkeys()
1020 comp->enabled == 0) { in ssh_set_newkeys()
1030 comp->enabled = 1; in ssh_set_newkeys()
1037 if (enc->block_size >= 16) in ssh_set_newkeys()
1038 *max_blocks = (u_int64_t)1 << (enc->block_size*2); in ssh_set_newkeys()
1040 *max_blocks = ((u_int64_t)1 << 30) / enc->block_size; in ssh_set_newkeys()
1041 if (state->rekey_limit) in ssh_set_newkeys()
1043 state->rekey_limit / enc->block_size); in ssh_set_newkeys()
1053 struct session_state *state = ssh->state; in ssh_packet_need_rekeying() local
1056 /* XXX client can't cope with rekeying pre-auth */ in ssh_packet_need_rekeying()
1057 if (!state->after_authentication) in ssh_packet_need_rekeying()
1065 if (ssh->compat & SSH_BUG_NOREKEY) in ssh_packet_need_rekeying()
1069 * Permit one packet in or out per rekey - this allows us to in ssh_packet_need_rekeying()
1072 if (state->p_send.packets == 0 && state->p_read.packets == 0) in ssh_packet_need_rekeying()
1075 /* Time-based rekeying */ in ssh_packet_need_rekeying()
1076 if (state->rekey_interval != 0 && in ssh_packet_need_rekeying()
1077 (int64_t)state->rekey_time + state->rekey_interval <= monotime()) in ssh_packet_need_rekeying()
1084 if (state->p_send.packets > MAX_PACKETS || in ssh_packet_need_rekeying()
1085 state->p_read.packets > MAX_PACKETS) in ssh_packet_need_rekeying()
1088 /* Rekey after (cipher-specific) maximum blocks */ in ssh_packet_need_rekeying()
1090 state->newkeys[MODE_OUT]->enc.block_size); in ssh_packet_need_rekeying()
1091 return (state->max_blocks_out && in ssh_packet_need_rekeying()
1092 (state->p_send.blocks + out_blocks > state->max_blocks_out)) || in ssh_packet_need_rekeying()
1093 (state->max_blocks_in && in ssh_packet_need_rekeying()
1094 (state->p_read.blocks > state->max_blocks_in)); in ssh_packet_need_rekeying()
1114 struct session_state *state = ssh->state; in ssh_packet_enable_delayed_compress() local
1122 state->after_authentication = 1; in ssh_packet_enable_delayed_compress()
1125 if (state->newkeys[mode] == NULL) in ssh_packet_enable_delayed_compress()
1127 comp = &state->newkeys[mode]->comp; in ssh_packet_enable_delayed_compress()
1128 if (comp && !comp->enabled && comp->type == COMP_DELAYED) { in ssh_packet_enable_delayed_compress()
1138 comp->enabled = 1; in ssh_packet_enable_delayed_compress()
1166 struct session_state *state = ssh->state; in ssh_packet_send2_wrapped() local
1176 if (state->newkeys[MODE_OUT] != NULL) { in ssh_packet_send2_wrapped()
1177 enc = &state->newkeys[MODE_OUT]->enc; in ssh_packet_send2_wrapped()
1178 mac = &state->newkeys[MODE_OUT]->mac; in ssh_packet_send2_wrapped()
1179 comp = &state->newkeys[MODE_OUT]->comp; in ssh_packet_send2_wrapped()
1181 if ((authlen = cipher_authlen(enc->cipher)) != 0) in ssh_packet_send2_wrapped()
1184 block_size = enc ? enc->block_size : 8; in ssh_packet_send2_wrapped()
1185 aadlen = (mac && mac->enabled && mac->etm) || authlen ? 4 : 0; in ssh_packet_send2_wrapped()
1187 type = (sshbuf_ptr(state->outgoing_packet))[5]; in ssh_packet_send2_wrapped()
1192 sshbuf_dump(state->outgoing_packet, stderr); in ssh_packet_send2_wrapped()
1195 if (comp && comp->enabled) { in ssh_packet_send2_wrapped()
1196 len = sshbuf_len(state->outgoing_packet); in ssh_packet_send2_wrapped()
1198 if ((r = sshbuf_consume(state->outgoing_packet, 5)) != 0) in ssh_packet_send2_wrapped()
1200 sshbuf_reset(state->compression_buffer); in ssh_packet_send2_wrapped()
1201 if ((r = compress_buffer(ssh, state->outgoing_packet, in ssh_packet_send2_wrapped()
1202 state->compression_buffer)) != 0) in ssh_packet_send2_wrapped()
1204 sshbuf_reset(state->outgoing_packet); in ssh_packet_send2_wrapped()
1205 if ((r = sshbuf_put(state->outgoing_packet, in ssh_packet_send2_wrapped()
1207 (r = sshbuf_putb(state->outgoing_packet, in ssh_packet_send2_wrapped()
1208 state->compression_buffer)) != 0) in ssh_packet_send2_wrapped()
1211 sshbuf_len(state->outgoing_packet))); in ssh_packet_send2_wrapped()
1215 len = sshbuf_len(state->outgoing_packet); in ssh_packet_send2_wrapped()
1221 len -= aadlen; /* packet length is not encrypted for EtM modes */ in ssh_packet_send2_wrapped()
1222 padlen = block_size - (len % block_size); in ssh_packet_send2_wrapped()
1225 if (state->extra_pad) { in ssh_packet_send2_wrapped()
1226 tmp = state->extra_pad; in ssh_packet_send2_wrapped()
1227 state->extra_pad = in ssh_packet_send2_wrapped()
1228 ROUNDUP(state->extra_pad, block_size); in ssh_packet_send2_wrapped()
1230 if (state->extra_pad < tmp) in ssh_packet_send2_wrapped()
1232 tmp = (len + padlen) % state->extra_pad; in ssh_packet_send2_wrapped()
1234 if (tmp > state->extra_pad) in ssh_packet_send2_wrapped()
1236 pad = state->extra_pad - tmp; in ssh_packet_send2_wrapped()
1238 pad, len, padlen, state->extra_pad)); in ssh_packet_send2_wrapped()
1244 state->extra_pad = 0; in ssh_packet_send2_wrapped()
1246 if ((r = sshbuf_reserve(state->outgoing_packet, padlen, &cp)) != 0) in ssh_packet_send2_wrapped()
1248 if (enc && !cipher_ctx_is_plaintext(state->send_context)) { in ssh_packet_send2_wrapped()
1256 len = sshbuf_len(state->outgoing_packet); in ssh_packet_send2_wrapped()
1257 cp = sshbuf_mutable_ptr(state->outgoing_packet); in ssh_packet_send2_wrapped()
1263 POKE_U32(cp, len - 4); in ssh_packet_send2_wrapped()
1269 if (mac && mac->enabled && !mac->etm) { in ssh_packet_send2_wrapped()
1270 if ((r = mac_compute(mac, state->p_send.seqnr, in ssh_packet_send2_wrapped()
1271 sshbuf_ptr(state->outgoing_packet), len, in ssh_packet_send2_wrapped()
1274 DBG(debug("done calc MAC out #%d", state->p_send.seqnr)); in ssh_packet_send2_wrapped()
1277 if ((r = sshbuf_reserve(state->output, in ssh_packet_send2_wrapped()
1278 sshbuf_len(state->outgoing_packet) + authlen, &cp)) != 0) in ssh_packet_send2_wrapped()
1280 if ((r = cipher_crypt(state->send_context, state->p_send.seqnr, cp, in ssh_packet_send2_wrapped()
1281 sshbuf_ptr(state->outgoing_packet), in ssh_packet_send2_wrapped()
1282 len - aadlen, aadlen, authlen)) != 0) in ssh_packet_send2_wrapped()
1285 if (mac && mac->enabled) { in ssh_packet_send2_wrapped()
1286 if (mac->etm) { in ssh_packet_send2_wrapped()
1288 if ((r = mac_compute(mac, state->p_send.seqnr, in ssh_packet_send2_wrapped()
1292 state->p_send.seqnr)); in ssh_packet_send2_wrapped()
1294 if ((r = sshbuf_put(state->output, macbuf, mac->mac_len)) != 0) in ssh_packet_send2_wrapped()
1299 sshbuf_dump(state->output, stderr); in ssh_packet_send2_wrapped()
1302 if (++state->p_send.seqnr == 0) { in ssh_packet_send2_wrapped()
1303 if ((ssh->kex->flags & KEX_INITIAL) != 0) { in ssh_packet_send2_wrapped()
1309 if (++state->p_send.packets == 0) in ssh_packet_send2_wrapped()
1310 if (!(ssh->compat & SSH_BUG_NOREKEY)) in ssh_packet_send2_wrapped()
1312 state->p_send.blocks += len / block_size; in ssh_packet_send2_wrapped()
1313 state->p_send.bytes += len; in ssh_packet_send2_wrapped()
1314 sshbuf_reset(state->outgoing_packet); in ssh_packet_send2_wrapped()
1316 if (type == SSH2_MSG_NEWKEYS && ssh->kex->kex_strict) { in ssh_packet_send2_wrapped()
1317 debug_f("resetting send seqnr %u", state->p_send.seqnr); in ssh_packet_send2_wrapped()
1318 state->p_send.seqnr = 0; in ssh_packet_send2_wrapped()
1323 else if (type == SSH2_MSG_USERAUTH_SUCCESS && state->server_side) in ssh_packet_send2_wrapped()
1331 /* returns non-zero if the specified packet type is usec by KEX */
1346 struct session_state *state = ssh->state; in ssh_packet_send2() local
1351 if (sshbuf_len(state->outgoing_packet) < 6) in ssh_packet_send2()
1353 type = sshbuf_ptr(state->outgoing_packet)[5]; in ssh_packet_send2()
1355 ssh_packet_need_rekeying(ssh, sshbuf_len(state->outgoing_packet)); in ssh_packet_send2()
1361 if ((need_rekey || state->rekeying) && !ssh_packet_type_is_kex(type)) { in ssh_packet_send2()
1368 p->type = type; in ssh_packet_send2()
1369 p->payload = state->outgoing_packet; in ssh_packet_send2()
1370 TAILQ_INSERT_TAIL(&state->outgoing, p, next); in ssh_packet_send2()
1371 state->outgoing_packet = sshbuf_new(); in ssh_packet_send2()
1372 if (state->outgoing_packet == NULL) in ssh_packet_send2()
1387 state->rekeying = 1; in ssh_packet_send2()
1394 state->rekeying = 0; in ssh_packet_send2()
1395 state->rekey_time = monotime(); in ssh_packet_send2()
1396 while ((p = TAILQ_FIRST(&state->outgoing))) { in ssh_packet_send2()
1397 type = p->type; in ssh_packet_send2()
1401 * NB. re-enters this function via kex_start_rekex. in ssh_packet_send2()
1404 sshbuf_len(p->payload))) { in ssh_packet_send2()
1409 sshbuf_free(state->outgoing_packet); in ssh_packet_send2()
1410 state->outgoing_packet = p->payload; in ssh_packet_send2()
1411 TAILQ_REMOVE(&state->outgoing, p, next); in ssh_packet_send2()
1430 struct session_state *state = ssh->state; in ssh_packet_read_seqnr() local
1458 pfd.fd = state->connection_in; in ssh_packet_read_seqnr()
1461 if (state->packet_timeout_ms > 0) { in ssh_packet_read_seqnr()
1462 ms_remain = state->packet_timeout_ms; in ssh_packet_read_seqnr()
1467 if (state->packet_timeout_ms > 0) { in ssh_packet_read_seqnr()
1478 if (state->packet_timeout_ms <= 0) in ssh_packet_read_seqnr()
1491 len = read(state->connection_in, buf, sizeof(buf)); in ssh_packet_read_seqnr()
1496 if (len == -1) { in ssh_packet_read_seqnr()
1523 struct session_state *state = ssh->state; in ssh_packet_read_poll2_mux() local
1528 if (ssh->kex) in ssh_packet_read_poll2_mux()
1531 cp = sshbuf_ptr(state->input); in ssh_packet_read_poll2_mux()
1532 if (state->packlen == 0) { in ssh_packet_read_poll2_mux()
1533 if (sshbuf_len(state->input) < 4 + 1) in ssh_packet_read_poll2_mux()
1535 state->packlen = PEEK_U32(cp); in ssh_packet_read_poll2_mux()
1536 if (state->packlen < 4 + 1 || in ssh_packet_read_poll2_mux()
1537 state->packlen > PACKET_MAX_SIZE) in ssh_packet_read_poll2_mux()
1540 need = state->packlen + 4; in ssh_packet_read_poll2_mux()
1541 if (sshbuf_len(state->input) < need) in ssh_packet_read_poll2_mux()
1543 sshbuf_reset(state->incoming_packet); in ssh_packet_read_poll2_mux()
1544 if ((r = sshbuf_put(state->incoming_packet, cp + 4, in ssh_packet_read_poll2_mux()
1545 state->packlen)) != 0 || in ssh_packet_read_poll2_mux()
1546 (r = sshbuf_consume(state->input, need)) != 0 || in ssh_packet_read_poll2_mux()
1547 (r = sshbuf_get_u8(state->incoming_packet, NULL)) != 0 || in ssh_packet_read_poll2_mux()
1548 (r = sshbuf_get_u8(state->incoming_packet, typep)) != 0) in ssh_packet_read_poll2_mux()
1552 /* sshbuf_dump(state->incoming_packet, stderr); */ in ssh_packet_read_poll2_mux()
1554 state->packlen = 0; in ssh_packet_read_poll2_mux()
1561 struct session_state *state = ssh->state; in ssh_packet_read_poll2() local
1570 if (state->mux) in ssh_packet_read_poll2()
1575 if (state->packet_discard) in ssh_packet_read_poll2()
1578 if (state->newkeys[MODE_IN] != NULL) { in ssh_packet_read_poll2()
1579 enc = &state->newkeys[MODE_IN]->enc; in ssh_packet_read_poll2()
1580 mac = &state->newkeys[MODE_IN]->mac; in ssh_packet_read_poll2()
1581 comp = &state->newkeys[MODE_IN]->comp; in ssh_packet_read_poll2()
1583 if ((authlen = cipher_authlen(enc->cipher)) != 0) in ssh_packet_read_poll2()
1586 maclen = mac && mac->enabled ? mac->mac_len : 0; in ssh_packet_read_poll2()
1587 block_size = enc ? enc->block_size : 8; in ssh_packet_read_poll2()
1588 aadlen = (mac && mac->enabled && mac->etm) || authlen ? 4 : 0; in ssh_packet_read_poll2()
1590 if (aadlen && state->packlen == 0) { in ssh_packet_read_poll2()
1591 if (cipher_get_length(state->receive_context, in ssh_packet_read_poll2()
1592 &state->packlen, state->p_read.seqnr, in ssh_packet_read_poll2()
1593 sshbuf_ptr(state->input), sshbuf_len(state->input)) != 0) in ssh_packet_read_poll2()
1595 if (state->packlen < 1 + 4 || in ssh_packet_read_poll2()
1596 state->packlen > PACKET_MAX_SIZE) { in ssh_packet_read_poll2()
1598 sshbuf_dump(state->input, stderr); in ssh_packet_read_poll2()
1600 logit("Bad packet length %u.", state->packlen); in ssh_packet_read_poll2()
1605 sshbuf_reset(state->incoming_packet); in ssh_packet_read_poll2()
1606 } else if (state->packlen == 0) { in ssh_packet_read_poll2()
1611 if (sshbuf_len(state->input) < block_size) in ssh_packet_read_poll2()
1613 sshbuf_reset(state->incoming_packet); in ssh_packet_read_poll2()
1614 if ((r = sshbuf_reserve(state->incoming_packet, block_size, in ssh_packet_read_poll2()
1617 if ((r = cipher_crypt(state->receive_context, in ssh_packet_read_poll2()
1618 state->p_send.seqnr, cp, sshbuf_ptr(state->input), in ssh_packet_read_poll2()
1621 state->packlen = PEEK_U32(sshbuf_ptr(state->incoming_packet)); in ssh_packet_read_poll2()
1622 if (state->packlen < 1 + 4 || in ssh_packet_read_poll2()
1623 state->packlen > PACKET_MAX_SIZE) { in ssh_packet_read_poll2()
1626 sshbuf_dump(state->input, stderr); in ssh_packet_read_poll2()
1628 sshbuf_dump(state->incoming_packet, stderr); in ssh_packet_read_poll2()
1630 logit("Bad packet length %u.", state->packlen); in ssh_packet_read_poll2()
1634 if ((r = sshbuf_consume(state->input, block_size)) != 0) in ssh_packet_read_poll2()
1637 DBG(debug("input: packet len %u", state->packlen+4)); in ssh_packet_read_poll2()
1641 need = state->packlen; in ssh_packet_read_poll2()
1647 need = 4 + state->packlen - block_size; in ssh_packet_read_poll2()
1655 PACKET_MAX_SIZE - block_size); in ssh_packet_read_poll2()
1665 if (sshbuf_len(state->input) < aadlen + need + authlen + maclen) in ssh_packet_read_poll2()
1669 sshbuf_dump(state->input, stderr); in ssh_packet_read_poll2()
1672 if (mac && mac->enabled && mac->etm) { in ssh_packet_read_poll2()
1673 if ((r = mac_check(mac, state->p_read.seqnr, in ssh_packet_read_poll2()
1674 sshbuf_ptr(state->input), aadlen + need, in ssh_packet_read_poll2()
1675 sshbuf_ptr(state->input) + aadlen + need + authlen, in ssh_packet_read_poll2()
1682 if ((r = sshbuf_reserve(state->incoming_packet, aadlen + need, in ssh_packet_read_poll2()
1685 if ((r = cipher_crypt(state->receive_context, state->p_read.seqnr, cp, in ssh_packet_read_poll2()
1686 sshbuf_ptr(state->input), need, aadlen, authlen)) != 0) in ssh_packet_read_poll2()
1688 if ((r = sshbuf_consume(state->input, aadlen + need + authlen)) != 0) in ssh_packet_read_poll2()
1690 if (mac && mac->enabled) { in ssh_packet_read_poll2()
1692 if (!mac->etm && (r = mac_check(mac, state->p_read.seqnr, in ssh_packet_read_poll2()
1693 sshbuf_ptr(state->incoming_packet), in ssh_packet_read_poll2()
1694 sshbuf_len(state->incoming_packet), in ssh_packet_read_poll2()
1695 sshbuf_ptr(state->input), maclen)) != 0) { in ssh_packet_read_poll2()
1702 sshbuf_len(state->incoming_packet), in ssh_packet_read_poll2()
1703 PACKET_MAX_SIZE - need - block_size); in ssh_packet_read_poll2()
1706 DBG(debug("MAC #%d ok", state->p_read.seqnr)); in ssh_packet_read_poll2()
1707 if ((r = sshbuf_consume(state->input, mac->mac_len)) != 0) in ssh_packet_read_poll2()
1712 *seqnr_p = state->p_read.seqnr; in ssh_packet_read_poll2()
1713 if (++state->p_read.seqnr == 0) { in ssh_packet_read_poll2()
1714 if ((ssh->kex->flags & KEX_INITIAL) != 0) { in ssh_packet_read_poll2()
1720 if (++state->p_read.packets == 0) in ssh_packet_read_poll2()
1721 if (!(ssh->compat & SSH_BUG_NOREKEY)) in ssh_packet_read_poll2()
1723 state->p_read.blocks += (state->packlen + 4) / block_size; in ssh_packet_read_poll2()
1724 state->p_read.bytes += state->packlen + 4; in ssh_packet_read_poll2()
1727 padlen = sshbuf_ptr(state->incoming_packet)[4]; in ssh_packet_read_poll2()
1738 if ((r = sshbuf_consume(state->incoming_packet, 4 + 1)) != 0 || in ssh_packet_read_poll2()
1739 ((r = sshbuf_consume_end(state->incoming_packet, padlen)) != 0)) in ssh_packet_read_poll2()
1742 DBG(debug("input: len before de-compress %zd", in ssh_packet_read_poll2()
1743 sshbuf_len(state->incoming_packet))); in ssh_packet_read_poll2()
1744 if (comp && comp->enabled) { in ssh_packet_read_poll2()
1745 sshbuf_reset(state->compression_buffer); in ssh_packet_read_poll2()
1746 if ((r = uncompress_buffer(ssh, state->incoming_packet, in ssh_packet_read_poll2()
1747 state->compression_buffer)) != 0) in ssh_packet_read_poll2()
1749 sshbuf_reset(state->incoming_packet); in ssh_packet_read_poll2()
1750 if ((r = sshbuf_putb(state->incoming_packet, in ssh_packet_read_poll2()
1751 state->compression_buffer)) != 0) in ssh_packet_read_poll2()
1753 DBG(debug("input: len after de-compress %zd", in ssh_packet_read_poll2()
1754 sshbuf_len(state->incoming_packet))); in ssh_packet_read_poll2()
1760 if ((r = sshbuf_get_u8(state->incoming_packet, typep)) != 0) in ssh_packet_read_poll2()
1771 if (state->hook_in != NULL && in ssh_packet_read_poll2()
1772 (r = state->hook_in(ssh, state->incoming_packet, typep, in ssh_packet_read_poll2()
1773 state->hook_in_ctx)) != 0) in ssh_packet_read_poll2()
1775 if (*typep == SSH2_MSG_USERAUTH_SUCCESS && !state->server_side) in ssh_packet_read_poll2()
1781 sshbuf_dump(state->incoming_packet, stderr); in ssh_packet_read_poll2()
1784 state->packlen = 0; in ssh_packet_read_poll2()
1785 if (*typep == SSH2_MSG_NEWKEYS && ssh->kex->kex_strict) { in ssh_packet_read_poll2()
1786 debug_f("resetting read seqnr %u", state->p_read.seqnr); in ssh_packet_read_poll2()
1787 state->p_read.seqnr = 0; in ssh_packet_read_poll2()
1799 struct session_state *state = ssh->state; in ssh_packet_read_poll_seqnr() local
1815 state->keep_alive_timeouts = 0; in ssh_packet_read_poll_seqnr()
1824 do_log2(ssh->state->server_side && in ssh_packet_read_poll_seqnr()
1840 if (ssh->kex != NULL && in ssh_packet_read_poll_seqnr()
1841 (ssh->kex->flags & KEX_INITIAL) && ssh->kex->kex_strict) in ssh_packet_read_poll_seqnr()
1843 /* Implicitly handle transport-level messages */ in ssh_packet_read_poll_seqnr()
1868 if (!ssh->state->after_authentication) { in ssh_packet_read_poll_seqnr()
1900 struct session_state *state = ssh->state; in ssh_packet_process_incoming() local
1903 if (state->packet_discard) { in ssh_packet_process_incoming()
1904 state->keep_alive_timeouts = 0; /* ?? */ in ssh_packet_process_incoming()
1905 if (len >= state->packet_discard) { in ssh_packet_process_incoming()
1909 state->packet_discard -= len; in ssh_packet_process_incoming()
1912 if ((r = sshbuf_put(state->input, buf, len)) != 0) in ssh_packet_process_incoming()
1922 struct session_state *state = ssh->state; in ssh_packet_process_read() local
1926 if ((r = sshbuf_read(fd, state->input, PACKET_MAX_SIZE, &rlen)) != 0) in ssh_packet_process_read()
1929 if (state->packet_discard) { in ssh_packet_process_read()
1930 if ((r = sshbuf_consume_end(state->input, rlen)) != 0) in ssh_packet_process_read()
1932 state->keep_alive_timeouts = 0; /* ?? */ in ssh_packet_process_read()
1933 if (rlen >= state->packet_discard) { in ssh_packet_process_read()
1937 state->packet_discard -= rlen; in ssh_packet_process_read()
1946 return sshbuf_len(ssh->state->incoming_packet); in ssh_packet_remaining()
1964 if ((ssh->compat & SSH_BUG_DEBUG)) in ssh_packet_send_debug()
1986 ssh->log_preamble ? ssh->log_preamble : "", in sshpkt_fmt_connection_id()
1987 ssh->log_preamble ? " " : "", in sshpkt_fmt_connection_id()
1992 * Pretty-print connection-terminating errors and exit.
2009 ssh->state->server_side ? "from" : "to", remote_id); in sshpkt_vfatal()
2024 if (ssh->kex && ssh->kex->failed_choice) { in sshpkt_vfatal()
2030 ssh->kex->failed_choice); in sshpkt_vfatal()
2034 if (vasprintf(&tag, fmt, ap) == -1) { in sshpkt_vfatal()
2042 ssh->state->server_side ? "from" : "to", remote_id); in sshpkt_vfatal()
2110 struct session_state *state = ssh->state; in ssh_packet_write_poll() local
2111 int len = sshbuf_len(state->output); in ssh_packet_write_poll()
2115 len = write(state->connection_out, in ssh_packet_write_poll()
2116 sshbuf_ptr(state->output), len); in ssh_packet_write_poll()
2117 if (len == -1) { in ssh_packet_write_poll()
2125 if ((r = sshbuf_consume(state->output, len)) != 0) in ssh_packet_write_poll()
2141 struct session_state *state = ssh->state; in ssh_packet_write_wait() local
2147 pfd.fd = state->connection_out; in ssh_packet_write_wait()
2150 if (state->packet_timeout_ms > 0) { in ssh_packet_write_wait()
2151 ms_remain = state->packet_timeout_ms; in ssh_packet_write_wait()
2155 if (state->packet_timeout_ms > 0) { in ssh_packet_write_wait()
2164 if (state->packet_timeout_ms <= 0) in ssh_packet_write_wait()
2185 return sshbuf_len(ssh->state->output) != 0; in ssh_packet_have_data_to_write()
2193 if (ssh->state->interactive_mode) in ssh_packet_not_very_much_data_to_write()
2194 return sshbuf_len(ssh->state->output) < 16384; in ssh_packet_not_very_much_data_to_write()
2196 return sshbuf_len(ssh->state->output) < 128 * 1024; in ssh_packet_not_very_much_data_to_write()
2207 return ssh->state->interactive_mode && in ssh_packet_interactive_data_to_write()
2208 sshbuf_len(ssh->state->output) < 256; in ssh_packet_interactive_data_to_write()
2216 set_sock_tos(ssh->state->connection_in, tos); in ssh_packet_set_tos()
2224 struct session_state *state = ssh->state; in ssh_packet_set_interactive() local
2226 if (state->set_interactive_called) in ssh_packet_set_interactive()
2228 state->set_interactive_called = 1; in ssh_packet_set_interactive()
2231 state->interactive_mode = interactive; in ssh_packet_set_interactive()
2236 set_nodelay(state->connection_in); in ssh_packet_set_interactive()
2245 return ssh->state->interactive_mode; in ssh_packet_is_interactive()
2251 struct session_state *state = ssh->state; in ssh_packet_set_maxsize() local
2253 if (state->set_maxsize_called) { in ssh_packet_set_maxsize()
2255 state->max_packet_size, s); in ssh_packet_set_maxsize()
2256 return -1; in ssh_packet_set_maxsize()
2260 return -1; in ssh_packet_set_maxsize()
2262 state->set_maxsize_called = 1; in ssh_packet_set_maxsize()
2264 state->max_packet_size = s; in ssh_packet_set_maxsize()
2271 return ++ssh->state->keep_alive_timeouts; in ssh_packet_inc_alive_timeouts()
2277 ssh->state->keep_alive_timeouts = ka; in ssh_packet_set_alive_timeouts()
2283 return ssh->state->max_packet_size; in ssh_packet_get_maxsize()
2291 ssh->state->rekey_limit = bytes; in ssh_packet_set_rekey_limits()
2292 ssh->state->rekey_interval = seconds; in ssh_packet_set_rekey_limits()
2300 seconds = ssh->state->rekey_time + ssh->state->rekey_interval - in ssh_packet_get_rekey_timeout()
2308 ssh->state->server_side = 1; in ssh_packet_set_server()
2309 ssh->kex->server = 1; /* XXX unify? */ in ssh_packet_set_server()
2315 ssh->state->after_authentication = 1; in ssh_packet_set_authenticated()
2321 return (void *)ssh->state->input; in ssh_packet_get_input()
2327 return (void *)ssh->state->output; in ssh_packet_get_output()
2330 /* Reset after_authentication and reset compression in post-auth privsep */
2338 ssh->state->after_authentication = 1; in ssh_packet_set_postauth()
2339 ssh->state->rekeying = 0; in ssh_packet_set_postauth()
2345 /* Packet state (de-)serialization for privsep */
2347 /* turn kex into a blob for packet state serialization */
2353 if ((r = sshbuf_put_u32(m, kex->we_need)) != 0 || in kex_to_blob()
2354 (r = sshbuf_put_cstring(m, kex->hostkey_alg)) != 0 || in kex_to_blob()
2355 (r = sshbuf_put_u32(m, kex->hostkey_type)) != 0 || in kex_to_blob()
2356 (r = sshbuf_put_u32(m, kex->hostkey_nid)) != 0 || in kex_to_blob()
2357 (r = sshbuf_put_u32(m, kex->kex_type)) != 0 || in kex_to_blob()
2358 (r = sshbuf_put_u32(m, kex->kex_strict)) != 0 || in kex_to_blob()
2359 (r = sshbuf_put_stringb(m, kex->my)) != 0 || in kex_to_blob()
2360 (r = sshbuf_put_stringb(m, kex->peer)) != 0 || in kex_to_blob()
2361 (r = sshbuf_put_stringb(m, kex->client_version)) != 0 || in kex_to_blob()
2362 (r = sshbuf_put_stringb(m, kex->server_version)) != 0 || in kex_to_blob()
2363 (r = sshbuf_put_stringb(m, kex->session_id)) != 0 || in kex_to_blob()
2364 (r = sshbuf_put_u32(m, kex->flags)) != 0) in kex_to_blob()
2369 /* turn key exchange results into a blob for packet state serialization */
2381 if ((newkey = ssh->state->newkeys[mode]) == NULL) in newkeys_to_blob()
2383 enc = &newkey->enc; in newkeys_to_blob()
2384 mac = &newkey->mac; in newkeys_to_blob()
2385 comp = &newkey->comp; in newkeys_to_blob()
2386 cc = (mode == MODE_OUT) ? ssh->state->send_context : in newkeys_to_blob()
2387 ssh->state->receive_context; in newkeys_to_blob()
2388 if ((r = cipher_get_keyiv(cc, enc->iv, enc->iv_len)) != 0) in newkeys_to_blob()
2392 if ((r = sshbuf_put_cstring(b, enc->name)) != 0 || in newkeys_to_blob()
2393 (r = sshbuf_put_u32(b, enc->enabled)) != 0 || in newkeys_to_blob()
2394 (r = sshbuf_put_u32(b, enc->block_size)) != 0 || in newkeys_to_blob()
2395 (r = sshbuf_put_string(b, enc->key, enc->key_len)) != 0 || in newkeys_to_blob()
2396 (r = sshbuf_put_string(b, enc->iv, enc->iv_len)) != 0) in newkeys_to_blob()
2398 if (cipher_authlen(enc->cipher) == 0) { in newkeys_to_blob()
2399 if ((r = sshbuf_put_cstring(b, mac->name)) != 0 || in newkeys_to_blob()
2400 (r = sshbuf_put_u32(b, mac->enabled)) != 0 || in newkeys_to_blob()
2401 (r = sshbuf_put_string(b, mac->key, mac->key_len)) != 0) in newkeys_to_blob()
2404 if ((r = sshbuf_put_u32(b, comp->type)) != 0 || in newkeys_to_blob()
2405 (r = sshbuf_put_cstring(b, comp->name)) != 0) in newkeys_to_blob()
2413 /* serialize packet state into a blob */
2417 struct session_state *state = ssh->state; in ssh_packet_get_state() local
2420 if ((r = kex_to_blob(m, ssh->kex)) != 0 || in ssh_packet_get_state()
2423 (r = sshbuf_put_u64(m, state->rekey_limit)) != 0 || in ssh_packet_get_state()
2424 (r = sshbuf_put_u32(m, state->rekey_interval)) != 0 || in ssh_packet_get_state()
2425 (r = sshbuf_put_u32(m, state->p_send.seqnr)) != 0 || in ssh_packet_get_state()
2426 (r = sshbuf_put_u64(m, state->p_send.blocks)) != 0 || in ssh_packet_get_state()
2427 (r = sshbuf_put_u32(m, state->p_send.packets)) != 0 || in ssh_packet_get_state()
2428 (r = sshbuf_put_u64(m, state->p_send.bytes)) != 0 || in ssh_packet_get_state()
2429 (r = sshbuf_put_u32(m, state->p_read.seqnr)) != 0 || in ssh_packet_get_state()
2430 (r = sshbuf_put_u64(m, state->p_read.blocks)) != 0 || in ssh_packet_get_state()
2431 (r = sshbuf_put_u32(m, state->p_read.packets)) != 0 || in ssh_packet_get_state()
2432 (r = sshbuf_put_u64(m, state->p_read.bytes)) != 0 || in ssh_packet_get_state()
2433 (r = sshbuf_put_stringb(m, state->input)) != 0 || in ssh_packet_get_state()
2434 (r = sshbuf_put_stringb(m, state->output)) != 0) in ssh_packet_get_state()
2440 /* restore key exchange results from blob for packet state de-serialization */
2461 enc = &newkey->enc; in newkeys_from_blob()
2462 mac = &newkey->mac; in newkeys_from_blob()
2463 comp = &newkey->comp; in newkeys_from_blob()
2465 if ((r = sshbuf_get_cstring(b, &enc->name, NULL)) != 0 || in newkeys_from_blob()
2466 (r = sshbuf_get_u32(b, (u_int *)&enc->enabled)) != 0 || in newkeys_from_blob()
2467 (r = sshbuf_get_u32(b, &enc->block_size)) != 0 || in newkeys_from_blob()
2468 (r = sshbuf_get_string(b, &enc->key, &keylen)) != 0 || in newkeys_from_blob()
2469 (r = sshbuf_get_string(b, &enc->iv, &ivlen)) != 0) in newkeys_from_blob()
2471 if ((enc->cipher = cipher_by_name(enc->name)) == NULL) { in newkeys_from_blob()
2475 if (cipher_authlen(enc->cipher) == 0) { in newkeys_from_blob()
2476 if ((r = sshbuf_get_cstring(b, &mac->name, NULL)) != 0) in newkeys_from_blob()
2478 if ((r = mac_setup(mac, mac->name)) != 0) in newkeys_from_blob()
2480 if ((r = sshbuf_get_u32(b, (u_int *)&mac->enabled)) != 0 || in newkeys_from_blob()
2481 (r = sshbuf_get_string(b, &mac->key, &maclen)) != 0) in newkeys_from_blob()
2483 if (maclen > mac->key_len) { in newkeys_from_blob()
2487 mac->key_len = maclen; in newkeys_from_blob()
2489 if ((r = sshbuf_get_u32(b, &comp->type)) != 0 || in newkeys_from_blob()
2490 (r = sshbuf_get_cstring(b, &comp->name, NULL)) != 0) in newkeys_from_blob()
2496 enc->key_len = keylen; in newkeys_from_blob()
2497 enc->iv_len = ivlen; in newkeys_from_blob()
2498 ssh->kex->newkeys[mode] = newkey; in newkeys_from_blob()
2507 /* restore kex from blob for packet state de-serialization */
2516 if ((r = sshbuf_get_u32(m, &kex->we_need)) != 0 || in kex_from_blob()
2517 (r = sshbuf_get_cstring(m, &kex->hostkey_alg, NULL)) != 0 || in kex_from_blob()
2518 (r = sshbuf_get_u32(m, (u_int *)&kex->hostkey_type)) != 0 || in kex_from_blob()
2519 (r = sshbuf_get_u32(m, (u_int *)&kex->hostkey_nid)) != 0 || in kex_from_blob()
2520 (r = sshbuf_get_u32(m, &kex->kex_type)) != 0 || in kex_from_blob()
2521 (r = sshbuf_get_u32(m, &kex->kex_strict)) != 0 || in kex_from_blob()
2522 (r = sshbuf_get_stringb(m, kex->my)) != 0 || in kex_from_blob()
2523 (r = sshbuf_get_stringb(m, kex->peer)) != 0 || in kex_from_blob()
2524 (r = sshbuf_get_stringb(m, kex->client_version)) != 0 || in kex_from_blob()
2525 (r = sshbuf_get_stringb(m, kex->server_version)) != 0 || in kex_from_blob()
2526 (r = sshbuf_get_stringb(m, kex->session_id)) != 0 || in kex_from_blob()
2527 (r = sshbuf_get_u32(m, &kex->flags)) != 0) in kex_from_blob()
2529 kex->server = 1; in kex_from_blob()
2530 kex->done = 1; in kex_from_blob()
2545 * Restore packet state from content of blob 'm' (de-serialization).
2551 struct session_state *state = ssh->state; in ssh_packet_set_state() local
2556 if ((r = kex_from_blob(m, &ssh->kex)) != 0 || in ssh_packet_set_state()
2559 (r = sshbuf_get_u64(m, &state->rekey_limit)) != 0 || in ssh_packet_set_state()
2560 (r = sshbuf_get_u32(m, &state->rekey_interval)) != 0 || in ssh_packet_set_state()
2561 (r = sshbuf_get_u32(m, &state->p_send.seqnr)) != 0 || in ssh_packet_set_state()
2562 (r = sshbuf_get_u64(m, &state->p_send.blocks)) != 0 || in ssh_packet_set_state()
2563 (r = sshbuf_get_u32(m, &state->p_send.packets)) != 0 || in ssh_packet_set_state()
2564 (r = sshbuf_get_u64(m, &state->p_send.bytes)) != 0 || in ssh_packet_set_state()
2565 (r = sshbuf_get_u32(m, &state->p_read.seqnr)) != 0 || in ssh_packet_set_state()
2566 (r = sshbuf_get_u64(m, &state->p_read.blocks)) != 0 || in ssh_packet_set_state()
2567 (r = sshbuf_get_u32(m, &state->p_read.packets)) != 0 || in ssh_packet_set_state()
2568 (r = sshbuf_get_u64(m, &state->p_read.bytes)) != 0) in ssh_packet_set_state()
2571 * We set the time here so that in post-auth privsep child we in ssh_packet_set_state()
2574 state->rekey_time = monotime(); in ssh_packet_set_state()
2583 sshbuf_reset(state->input); in ssh_packet_set_state()
2584 sshbuf_reset(state->output); in ssh_packet_set_state()
2587 (r = sshbuf_put(state->input, input, ilen)) != 0 || in ssh_packet_set_state()
2588 (r = sshbuf_put(state->output, output, olen)) != 0) in ssh_packet_set_state()
2604 return sshbuf_put(ssh->state->outgoing_packet, v, len); in sshpkt_put()
2610 return sshbuf_putb(ssh->state->outgoing_packet, b); in sshpkt_putb()
2616 return sshbuf_put_u8(ssh->state->outgoing_packet, val); in sshpkt_put_u8()
2622 return sshbuf_put_u32(ssh->state->outgoing_packet, val); in sshpkt_put_u32()
2628 return sshbuf_put_u64(ssh->state->outgoing_packet, val); in sshpkt_put_u64()
2634 return sshbuf_put_string(ssh->state->outgoing_packet, v, len); in sshpkt_put_string()
2640 return sshbuf_put_cstring(ssh->state->outgoing_packet, v); in sshpkt_put_cstring()
2646 return sshbuf_put_stringb(ssh->state->outgoing_packet, v); in sshpkt_put_stringb()
2654 return sshbuf_put_ec(ssh->state->outgoing_packet, v, g); in sshpkt_put_ec()
2660 return sshbuf_put_ec_pkey(ssh->state->outgoing_packet, pkey); in sshpkt_put_ec_pkey()
2667 return sshbuf_put_bignum2(ssh->state->outgoing_packet, v); in sshpkt_put_bignum2()
2676 return sshbuf_get(ssh->state->incoming_packet, valp, len); in sshpkt_get()
2682 return sshbuf_get_u8(ssh->state->incoming_packet, valp); in sshpkt_get_u8()
2688 return sshbuf_get_u32(ssh->state->incoming_packet, valp); in sshpkt_get_u32()
2694 return sshbuf_get_u64(ssh->state->incoming_packet, valp); in sshpkt_get_u64()
2700 return sshbuf_get_string(ssh->state->incoming_packet, valp, lenp); in sshpkt_get_string()
2706 return sshbuf_get_string_direct(ssh->state->incoming_packet, valp, lenp); in sshpkt_get_string_direct()
2712 return sshbuf_peek_string_direct(ssh->state->incoming_packet, valp, lenp); in sshpkt_peek_string_direct()
2718 return sshbuf_get_cstring(ssh->state->incoming_packet, valp, lenp); in sshpkt_get_cstring()
2724 return sshbuf_froms(ssh->state->incoming_packet, valp); in sshpkt_getb_froms()
2732 return sshbuf_get_ec(ssh->state->incoming_packet, v, g); in sshpkt_get_ec()
2739 return sshbuf_get_bignum2(ssh->state->incoming_packet, valp); in sshpkt_get_bignum2()
2746 if (sshbuf_len(ssh->state->incoming_packet) > 0) in sshpkt_get_end()
2755 *lenp = sshbuf_len(ssh->state->incoming_packet); in sshpkt_ptr()
2756 return sshbuf_ptr(ssh->state->incoming_packet); in sshpkt_ptr()
2768 buf[sizeof(buf) - 1] = type; in sshpkt_start()
2769 sshbuf_reset(ssh->state->outgoing_packet); in sshpkt_start()
2770 return sshbuf_put(ssh->state->outgoing_packet, buf, sizeof(buf)); in sshpkt_start()
2776 struct session_state *state = ssh->state; in ssh_packet_send_mux() local
2781 if (ssh->kex) in ssh_packet_send_mux()
2783 len = sshbuf_len(state->outgoing_packet); in ssh_packet_send_mux()
2786 cp = sshbuf_mutable_ptr(state->outgoing_packet); in ssh_packet_send_mux()
2793 POKE_U32(cp, len - 4); in ssh_packet_send_mux()
2794 if ((r = sshbuf_putb(state->output, in ssh_packet_send_mux()
2795 state->outgoing_packet)) != 0) in ssh_packet_send_mux()
2797 /* sshbuf_dump(state->output, stderr); */ in ssh_packet_send_mux()
2799 sshbuf_reset(state->outgoing_packet); in ssh_packet_send_mux()
2839 if (ssh->state && ssh->state->mux) in sshpkt_send()
2869 ssh->state->extra_pad = pad; in sshpkt_add_padding()