]>
Commit | Line | Data |
---|---|---|
8efc0c15 | 1 | /* |
5260325f | 2 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
5260325f | 3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
4 | * All rights reserved | |
5260325f | 5 | * Interface for the packet protocol functions. |
6ae2364d | 6 | * |
bcbf86ec | 7 | * As far as I am concerned, the code I have written for this software |
8 | * can be used freely for any purpose. Any derived versions of this | |
9 | * software must be clearly marked as such, and if the derived work is | |
10 | * incompatible with the protocol description in the RFC file, it must be | |
11 | * called by a name other than "ssh" or "Secure Shell". | |
5260325f | 12 | */ |
8efc0c15 | 13 | |
08dcb5d7 | 14 | /* RCSID("$OpenBSD: packet.h,v 1.23 2001/05/28 23:58:35 markus Exp $"); */ |
8efc0c15 | 15 | |
16 | #ifndef PACKET_H | |
17 | #define PACKET_H | |
18 | ||
19 | #include <openssl/bn.h> | |
20 | ||
aa3378df | 21 | /* |
22 | * Sets the socket used for communication. Disables encryption until | |
23 | * packet_set_encryption_key is called. It is permissible that fd_in and | |
24 | * fd_out are the same descriptor; in that case it is assumed to be a socket. | |
25 | */ | |
5260325f | 26 | void packet_set_connection(int fd_in, int fd_out); |
8efc0c15 | 27 | |
28 | /* Puts the connection file descriptors into non-blocking mode. */ | |
5260325f | 29 | void packet_set_nonblocking(void); |
8efc0c15 | 30 | |
31 | /* Returns the file descriptor used for input. */ | |
5260325f | 32 | int packet_get_connection_in(void); |
8efc0c15 | 33 | |
34 | /* Returns the file descriptor used for output. */ | |
5260325f | 35 | int packet_get_connection_out(void); |
8efc0c15 | 36 | |
aa3378df | 37 | /* |
38 | * Closes the connection (both descriptors) and clears and frees internal | |
39 | * data structures. | |
40 | */ | |
5260325f | 41 | void packet_close(void); |
8efc0c15 | 42 | |
aa3378df | 43 | /* |
44 | * Causes any further packets to be encrypted using the given key. The same | |
45 | * key is used for both sending and reception. However, both directions are | |
46 | * encrypted independently of each other. Cipher types are defined in ssh.h. | |
47 | */ | |
6ae2364d | 48 | void |
1e3b8b07 | 49 | packet_set_encryption_key(const u_char *key, u_int keylen, |
5260325f | 50 | int cipher_type); |
8efc0c15 | 51 | |
aa3378df | 52 | /* |
53 | * Sets remote side protocol flags for the current connection. This can be | |
54 | * called at any time. | |
55 | */ | |
1e3b8b07 | 56 | void packet_set_protocol_flags(u_int flags); |
8efc0c15 | 57 | |
58 | /* Returns the remote protocol flags set earlier by the above function. */ | |
1e3b8b07 | 59 | u_int packet_get_protocol_flags(void); |
8efc0c15 | 60 | |
61 | /* Enables compression in both directions starting from the next packet. */ | |
5260325f | 62 | void packet_start_compression(int level); |
8efc0c15 | 63 | |
aa3378df | 64 | /* |
65 | * Informs that the current session is interactive. Sets IP flags for | |
66 | * optimal performance in interactive use. | |
67 | */ | |
b5c334cc | 68 | void packet_set_interactive(int interactive); |
8efc0c15 | 69 | |
70 | /* Returns true if the current connection is interactive. */ | |
5260325f | 71 | int packet_is_interactive(void); |
8efc0c15 | 72 | |
73 | /* Starts constructing a packet to send. */ | |
08dcb5d7 | 74 | void packet_start(u_char type); |
8efc0c15 | 75 | |
76 | /* Appends a character to the packet data. */ | |
5260325f | 77 | void packet_put_char(int ch); |
8efc0c15 | 78 | |
79 | /* Appends an integer to the packet data. */ | |
1e3b8b07 | 80 | void packet_put_int(u_int value); |
8efc0c15 | 81 | |
82 | /* Appends an arbitrary precision integer to packet data. */ | |
5260325f | 83 | void packet_put_bignum(BIGNUM * value); |
7e7327a1 | 84 | void packet_put_bignum2(BIGNUM * value); |
8efc0c15 | 85 | |
86 | /* Appends a string to packet data. */ | |
1e3b8b07 | 87 | void packet_put_string(const char *buf, u_int len); |
7e7327a1 | 88 | void packet_put_cstring(const char *str); |
1e3b8b07 | 89 | void packet_put_raw(const char *buf, u_int len); |
8efc0c15 | 90 | |
aa3378df | 91 | /* |
92 | * Finalizes and sends the packet. If the encryption key has been set, | |
93 | * encrypts the packet before sending. | |
94 | */ | |
5260325f | 95 | void packet_send(void); |
8efc0c15 | 96 | |
97 | /* Waits until a packet has been received, and returns its type. */ | |
5260325f | 98 | int packet_read(int *payload_len_ptr); |
8efc0c15 | 99 | |
aa3378df | 100 | /* |
101 | * Waits until a packet has been received, verifies that its type matches | |
102 | * that given, and gives a fatal error and exits if there is a mismatch. | |
103 | */ | |
5260325f | 104 | void packet_read_expect(int *payload_len_ptr, int type); |
8efc0c15 | 105 | |
aa3378df | 106 | /* |
107 | * Checks if a full packet is available in the data received so far via | |
108 | * packet_process_incoming. If so, reads the packet; otherwise returns | |
109 | * SSH_MSG_NONE. This does not wait for data from the connection. | |
110 | * SSH_MSG_DISCONNECT is handled specially here. Also, SSH_MSG_IGNORE | |
111 | * messages are skipped by this function and are never returned to higher | |
112 | * levels. | |
113 | */ | |
5260325f | 114 | int packet_read_poll(int *packet_len_ptr); |
8efc0c15 | 115 | |
aa3378df | 116 | /* |
117 | * Buffers the given amount of input characters. This is intended to be used | |
118 | * together with packet_read_poll. | |
119 | */ | |
1e3b8b07 | 120 | void packet_process_incoming(const char *buf, u_int len); |
8efc0c15 | 121 | |
122 | /* Returns a character (0-255) from the packet data. */ | |
1e3b8b07 | 123 | u_int packet_get_char(void); |
8efc0c15 | 124 | |
125 | /* Returns an integer from the packet data. */ | |
1e3b8b07 | 126 | u_int packet_get_int(void); |
8efc0c15 | 127 | |
aa3378df | 128 | /* |
129 | * Returns an arbitrary precision integer from the packet data. The integer | |
130 | * must have been initialized before this call. | |
131 | */ | |
5260325f | 132 | void packet_get_bignum(BIGNUM * value, int *length_ptr); |
7e7327a1 | 133 | void packet_get_bignum2(BIGNUM * value, int *length_ptr); |
134 | char *packet_get_raw(int *length_ptr); | |
8efc0c15 | 135 | |
aa3378df | 136 | /* |
137 | * Returns a string from the packet data. The string is allocated using | |
138 | * xmalloc; it is the responsibility of the calling program to free it when | |
139 | * no longer needed. The length_ptr argument may be NULL, or point to an | |
140 | * integer into which the length of the string is stored. | |
141 | */ | |
1e3b8b07 | 142 | char *packet_get_string(u_int *length_ptr); |
8efc0c15 | 143 | |
aa3378df | 144 | /* |
145 | * Logs the error in syslog using LOG_INFO, constructs and sends a disconnect | |
146 | * packet, closes the connection, and exits. This function never returns. | |
147 | * The error message should not contain a newline. The total length of the | |
148 | * message must not exceed 1024 bytes. | |
149 | */ | |
610cd5c6 | 150 | void packet_disconnect(const char *fmt,...) __attribute__((format(printf, 1, 2))); |
8efc0c15 | 151 | |
aa3378df | 152 | /* |
153 | * Sends a diagnostic message to the other side. This message can be sent at | |
154 | * any time (but not while constructing another message). The message is | |
155 | * printed immediately, but only if the client is being executed in verbose | |
156 | * mode. These messages are primarily intended to ease debugging | |
157 | * authentication problems. The total length of the message must not exceed | |
158 | * 1024 bytes. This will automatically call packet_write_wait. If the | |
159 | * remote side protocol flags do not indicate that it supports SSH_MSG_DEBUG, | |
160 | * this will do nothing. | |
161 | */ | |
610cd5c6 | 162 | void packet_send_debug(const char *fmt,...) __attribute__((format(printf, 1, 2))); |
8efc0c15 | 163 | |
aa3378df | 164 | /* Checks if there is any buffered output, and tries to write some of the output. */ |
5260325f | 165 | void packet_write_poll(void); |
8efc0c15 | 166 | |
167 | /* Waits until all pending output data has been written. */ | |
5260325f | 168 | void packet_write_wait(void); |
8efc0c15 | 169 | |
170 | /* Returns true if there is buffered data to write to the connection. */ | |
5260325f | 171 | int packet_have_data_to_write(void); |
8efc0c15 | 172 | |
173 | /* Returns true if there is not too much data to write to the connection. */ | |
5260325f | 174 | int packet_not_very_much_data_to_write(void); |
8efc0c15 | 175 | |
9d6b7add | 176 | /* maximum packet size, requested by client with SSH_CMSG_MAX_PACKET_SIZE */ |
177 | extern int max_packet_size; | |
5260325f | 178 | int packet_set_maxsize(int s); |
9d6b7add | 179 | #define packet_get_maxsize() max_packet_size |
180 | ||
30dcc918 | 181 | /* Stores tty modes from the fd or tiop into current packet. */ |
182 | void tty_make_modes(int fd, struct termios *tiop); | |
8efc0c15 | 183 | |
184 | /* Parses tty modes for the fd from the current packet. */ | |
5260325f | 185 | void tty_parse_modes(int fd, int *n_bytes_ptr); |
8efc0c15 | 186 | |
187 | #define packet_integrity_check(payload_len, expected_len, type) \ | |
188 | do { \ | |
189 | int _p = (payload_len), _e = (expected_len); \ | |
190 | if (_p != _e) { \ | |
191 | log("Packet integrity error (%d != %d) at %s:%d", \ | |
192 | _p, _e, __FILE__, __LINE__); \ | |
193 | packet_disconnect("Packet integrity error. (%d)", (type)); \ | |
194 | } \ | |
195 | } while (0) | |
196 | ||
6ae2364d | 197 | #define packet_done() \ |
198 | do { \ | |
199 | int _len = packet_remaining(); \ | |
200 | if (_len > 0) { \ | |
201 | log("Packet integrity error (%d bytes remaining) at %s:%d", \ | |
202 | _len ,__FILE__, __LINE__); \ | |
203 | packet_disconnect("Packet integrity error."); \ | |
204 | } \ | |
205 | } while (0) | |
206 | ||
48e671d5 | 207 | /* remote host is connected via a socket/ipv4 */ |
208 | int packet_connection_is_on_socket(void); | |
209 | int packet_connection_is_ipv4(void); | |
210 | ||
6ae2364d | 211 | /* returns remaining payload bytes */ |
212 | int packet_remaining(void); | |
213 | ||
a6215e53 | 214 | /* append an ignore message */ |
95ce5599 | 215 | void packet_send_ignore(int nbytes); |
216 | ||
217 | /* add an ignore message and make sure size (current+ignore) = n*sumlen */ | |
a6215e53 | 218 | void packet_inject_ignore(int sumlen); |
219 | ||
5260325f | 220 | #endif /* PACKET_H */ |