X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/aa3378df3cc7da00b8f93569d0c88f0c626ddb18..HEAD:/packet.h diff --git a/packet.h b/packet.h index 9b0bf91c..33523d75 100644 --- a/packet.h +++ b/packet.h @@ -1,201 +1,118 @@ +/* $OpenBSD: packet.h,v 1.52 2009/06/27 09:29:06 andreas Exp $ */ + /* - * - * packet.h - * * Author: Tatu Ylonen - * * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved - * - * Created: Sat Mar 18 02:02:14 1995 ylo - * * Interface for the packet protocol functions. - * + * + * As far as I am concerned, the code I have written for this software + * can be used freely for any purpose. Any derived versions of this + * software must be clearly marked as such, and if the derived work is + * incompatible with the protocol description in the RFC file, it must be + * called by a name other than "ssh" or "Secure Shell". */ -/* RCSID("$Id$"); */ - #ifndef PACKET_H #define PACKET_H -#include "config.h" +#include -#ifdef HAVE_OPENSSL #include -#endif -#ifdef HAVE_SSL -#include -#endif - -/* - * Sets the socket used for communication. Disables encryption until - * packet_set_encryption_key is called. It is permissible that fd_in and - * fd_out are the same descriptor; in that case it is assumed to be a socket. - */ -void packet_set_connection(int fd_in, int fd_out); - -/* Puts the connection file descriptors into non-blocking mode. */ -void packet_set_nonblocking(void); - -/* Returns the file descriptor used for input. */ -int packet_get_connection_in(void); - -/* Returns the file descriptor used for output. */ -int packet_get_connection_out(void); - -/* - * Closes the connection (both descriptors) and clears and frees internal - * data structures. - */ -void packet_close(void); - -/* - * Causes any further packets to be encrypted using the given key. The same - * key is used for both sending and reception. However, both directions are - * encrypted independently of each other. Cipher types are defined in ssh.h. - */ -void -packet_set_encryption_key(const unsigned char *key, unsigned int keylen, - int cipher_type); - -/* - * Sets remote side protocol flags for the current connection. This can be - * called at any time. - */ -void packet_set_protocol_flags(unsigned int flags); - -/* Returns the remote protocol flags set earlier by the above function. */ -unsigned int packet_get_protocol_flags(void); - -/* Enables compression in both directions starting from the next packet. */ -void packet_start_compression(int level); - -/* - * Informs that the current session is interactive. Sets IP flags for - * optimal performance in interactive use. - */ -void packet_set_interactive(int interactive, int keepalives); - -/* Returns true if the current connection is interactive. */ -int packet_is_interactive(void); - -/* Starts constructing a packet to send. */ -void packet_start(int type); - -/* Appends a character to the packet data. */ -void packet_put_char(int ch); - -/* Appends an integer to the packet data. */ -void packet_put_int(unsigned int value); - -/* Appends an arbitrary precision integer to packet data. */ -void packet_put_bignum(BIGNUM * value); - -/* Appends a string to packet data. */ -void packet_put_string(const char *buf, unsigned int len); - -/* - * Finalizes and sends the packet. If the encryption key has been set, - * encrypts the packet before sending. - */ -void packet_send(void); - -/* Waits until a packet has been received, and returns its type. */ -int packet_read(int *payload_len_ptr); -/* - * Waits until a packet has been received, verifies that its type matches - * that given, and gives a fatal error and exits if there is a mismatch. - */ -void packet_read_expect(int *payload_len_ptr, int type); - -/* - * Checks if a full packet is available in the data received so far via - * packet_process_incoming. If so, reads the packet; otherwise returns - * SSH_MSG_NONE. This does not wait for data from the connection. - * SSH_MSG_DISCONNECT is handled specially here. Also, SSH_MSG_IGNORE - * messages are skipped by this function and are never returned to higher - * levels. - */ -int packet_read_poll(int *packet_len_ptr); - -/* - * Buffers the given amount of input characters. This is intended to be used - * together with packet_read_poll. - */ -void packet_process_incoming(const char *buf, unsigned int len); - -/* Returns a character (0-255) from the packet data. */ -unsigned int packet_get_char(void); - -/* Returns an integer from the packet data. */ -unsigned int packet_get_int(void); - -/* - * Returns an arbitrary precision integer from the packet data. The integer - * must have been initialized before this call. - */ -void packet_get_bignum(BIGNUM * value, int *length_ptr); - -/* - * Returns a string from the packet data. The string is allocated using - * xmalloc; it is the responsibility of the calling program to free it when - * no longer needed. The length_ptr argument may be NULL, or point to an - * integer into which the length of the string is stored. - */ -char *packet_get_string(unsigned int *length_ptr); - -/* - * Logs the error in syslog using LOG_INFO, constructs and sends a disconnect - * packet, closes the connection, and exits. This function never returns. - * The error message should not contain a newline. The total length of the - * message must not exceed 1024 bytes. - */ -void packet_disconnect(const char *fmt,...); - -/* - * Sends a diagnostic message to the other side. This message can be sent at - * any time (but not while constructing another message). The message is - * printed immediately, but only if the client is being executed in verbose - * mode. These messages are primarily intended to ease debugging - * authentication problems. The total length of the message must not exceed - * 1024 bytes. This will automatically call packet_write_wait. If the - * remote side protocol flags do not indicate that it supports SSH_MSG_DEBUG, - * this will do nothing. - */ -void packet_send_debug(const char *fmt,...); - -/* Checks if there is any buffered output, and tries to write some of the output. */ -void packet_write_poll(void); - -/* Waits until all pending output data has been written. */ -void packet_write_wait(void); - -/* Returns true if there is buffered data to write to the connection. */ -int packet_have_data_to_write(void); - -/* Returns true if there is not too much data to write to the connection. */ -int packet_not_very_much_data_to_write(void); - -/* maximum packet size, requested by client with SSH_CMSG_MAX_PACKET_SIZE */ -extern int max_packet_size; -int packet_set_maxsize(int s); -#define packet_get_maxsize() max_packet_size +void packet_set_connection(int, int); +void packet_set_timeout(int, int); +void packet_set_nonblocking(void); +int packet_get_connection_in(void); +int packet_get_connection_out(void); +void packet_close(void); +void packet_set_encryption_key(const u_char *, u_int, int); +u_int packet_get_encryption_key(u_char *); +void packet_set_protocol_flags(u_int); +u_int packet_get_protocol_flags(void); +void packet_start_compression(int); +void packet_set_interactive(int); +int packet_is_interactive(void); +void packet_set_server(void); +void packet_set_authenticated(void); + +void packet_start(u_char); +void packet_put_char(int ch); +void packet_put_int(u_int value); +void packet_put_int64(u_int64_t value); +void packet_put_bignum(BIGNUM * value); +void packet_put_bignum2(BIGNUM * value); +void packet_put_string(const void *buf, u_int len); +void packet_put_cstring(const char *str); +void packet_put_raw(const void *buf, u_int len); +void packet_send(void); + +int packet_read(void); +void packet_read_expect(int type); +int packet_read_poll(void); +void packet_process_incoming(const char *buf, u_int len); +int packet_read_seqnr(u_int32_t *seqnr_p); +int packet_read_poll_seqnr(u_int32_t *seqnr_p); + +u_int packet_get_char(void); +u_int packet_get_int(void); +u_int64_t packet_get_int64(void); +void packet_get_bignum(BIGNUM * value); +void packet_get_bignum2(BIGNUM * value); +void *packet_get_raw(u_int *length_ptr); +void *packet_get_string(u_int *length_ptr); +void *packet_get_string_ptr(u_int *length_ptr); +void packet_disconnect(const char *fmt,...) __attribute__((format(printf, 1, 2))); +void packet_send_debug(const char *fmt,...) __attribute__((format(printf, 1, 2))); + +void set_newkeys(int mode); +int packet_get_keyiv_len(int); +void packet_get_keyiv(int, u_char *, u_int); +int packet_get_keycontext(int, u_char *); +void packet_set_keycontext(int, u_char *); +void packet_get_state(int, u_int32_t *, u_int64_t *, u_int32_t *, u_int64_t *); +void packet_set_state(int, u_int32_t, u_int64_t, u_int32_t, u_int64_t); +int packet_get_ssh1_cipher(void); +void packet_set_iv(int, u_char *); +void *packet_get_newkeys(int); + +void packet_write_poll(void); +void packet_write_wait(void); +int packet_have_data_to_write(void); +int packet_not_very_much_data_to_write(void); + +int packet_connection_is_on_socket(void); +int packet_connection_is_ipv4(void); +int packet_remaining(void); +void packet_send_ignore(int); +void packet_add_padding(u_char); + +void tty_make_modes(int, struct termios *); +void tty_parse_modes(int, int *); + +void packet_set_alive_timeouts(int); +int packet_inc_alive_timeouts(void); +int packet_set_maxsize(u_int); +u_int packet_get_maxsize(void); + +/* don't allow remaining bytes after the end of the message */ +#define packet_check_eom() \ +do { \ + int _len = packet_remaining(); \ + if (_len > 0) { \ + logit("Packet integrity error (%d bytes remaining) at %s:%d", \ + _len ,__FILE__, __LINE__); \ + packet_disconnect("Packet integrity error."); \ + } \ +} while (0) -/* Stores tty modes from the fd into current packet. */ -void tty_make_modes(int fd); +int packet_need_rekeying(void); +void packet_set_rekey_limit(u_int32_t); -/* Parses tty modes for the fd from the current packet. */ -void tty_parse_modes(int fd, int *n_bytes_ptr); +void packet_backup_state(void); +void packet_restore_state(void); -#define packet_integrity_check(payload_len, expected_len, type) \ -do { \ - int _p = (payload_len), _e = (expected_len); \ - if (_p != _e) { \ - log("Packet integrity error (%d != %d) at %s:%d", \ - _p, _e, __FILE__, __LINE__); \ - packet_disconnect("Packet integrity error. (%d)", (type)); \ - } \ -} while (0) +void *packet_get_input(void); +void *packet_get_output(void); #endif /* PACKET_H */