1
1
Этот коммит содержится в:
Aris Adamantiadis 2009-09-26 00:29:53 +02:00
родитель 358647f5d9
Коммит 3a8d839e86
16 изменённых файлов: 202 добавлений и 122 удалений

Просмотреть файл

@ -1,7 +1,7 @@
/*
* This file is part of the SSH Library
*
* Copyright (c) 2003 by Aris Adamantiadis
* Copyright (c) 2003,2009 by Aris Adamantiadis
*
* The SSH Library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
@ -20,11 +20,13 @@
*/
/*
* crypto.h is an include file for internal structures of libssh
* It hasn't to be into the final development set of files (and btw
* the filename would cause problems on most systems).
* crypto.h is an include file for internal cryptographic structures of libssh
*/
#ifndef _CRYPTO_H_
#define _CRYPTO_H_
#include "config.h"
#ifdef cbc_encrypt
#undef cbc_encrypt
#endif
@ -32,7 +34,7 @@
#undef cbc_decrypt
#endif
#ifdef GCRYPT
#ifdef HAVE_LIBGCRYPT
#include <gcrypt.h>
#endif
@ -66,3 +68,4 @@ struct crypto_struct {
};
/* vim: set ts=2 sw=2 et cindent: */
#endif /* _CRYPTO_H_ */

52
include/libssh/options.h Обычный файл
Просмотреть файл

@ -0,0 +1,52 @@
/*
* This file is part of the SSH Library
*
* Copyright (c) 2009 by Aris Adamantiadis
*
* The SSH Library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or (at your
* option) any later version.
*
* The SSH Library is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with the SSH Library; see the file COPYING. If not, write to
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
* MA 02111-1307, USA.
*/
#ifndef OPTIONS_H_
#define OPTIONS_H_
struct ssh_options_struct {
struct error_struct error;
char *banner; /* explicit banner to send */
char *username;
char *host;
char *bindaddr;
int bindport;
char *identity;
char *ssh_dir;
char *known_hosts_file;
socket_t fd; /* specificaly wanted file descriptor, don't connect host */
int port;
int dont_verify_hostkey; /* Don't spare time, don't check host key ! unneeded to say it's dangerous and not safe */
int use_nonexisting_algo; /* if user sets a not supported algorithm for kex, don't complain */
char *wanted_methods[10]; /* the kex methods can be choosed. better use the kex fonctions to do that */
void *wanted_cookie; /* wants a specific cookie to be sent ? if null, generate a new one */
ssh_callbacks callbacks; /* Callbacks to user functions */
long timeout; /* seconds */
long timeout_usec;
int ssh2allowed;
int ssh1allowed;
char *dsakey;
char *rsakey; /* host key for server implementation */
int log_verbosity;
};
#endif /* OPTIONS_H_ */

Просмотреть файл

@ -47,7 +47,7 @@
#include "libssh/libssh.h"
#include "libssh/callback.h"
#include "libssh/crypto.h"
/* some constants */
#define MAX_PACKET_LEN 262144
#define ERROR_BUFFERLEN 1024
@ -61,85 +61,10 @@ enum public_key_types_e{
TYPE_RSA1
};
/* profiling constants. Don't touch them unless you know what you do */
#ifdef HAVE_LIBCRYPTO
#define OPENSSL_BIGNUMS
#endif
#ifdef __cplusplus
extern "C" {
#endif
/* wrapper things */
#ifdef HAVE_LIBGCRYPT
#include <gcrypt.h>
typedef gcry_md_hd_t SHACTX;
typedef gcry_md_hd_t MD5CTX;
typedef gcry_md_hd_t HMACCTX;
#ifdef MD5_DIGEST_LEN
#undef MD5_DIGEST_LEN
#endif
#define SHA_DIGEST_LEN 20
#define MD5_DIGEST_LEN 16
#define EVP_MAX_MD_SIZE 36
typedef gcry_mpi_t bignum;
#define bignum_new() gcry_mpi_new(0)
#define bignum_free(num) gcry_mpi_release(num)
#define bignum_set_word(bn,n) gcry_mpi_set_ui(bn,n)
#define bignum_bin2bn(bn,datalen,data) gcry_mpi_scan(data,GCRYMPI_FMT_USG,bn,datalen,NULL)
#define bignum_bn2dec(num) my_gcry_bn2dec(num)
#define bignum_dec2bn(num, data) my_gcry_dec2bn(data, num)
#define bignum_bn2hex(num,data) gcry_mpi_aprint(GCRYMPI_FMT_HEX,data,NULL,num)
#define bignum_hex2bn(num,datalen,data) gcry_mpi_scan(num,GCRYMPI_FMT_HEX,data,datalen,NULL)
#define bignum_rand(num,bits) gcry_mpi_randomize(num,bits,GCRY_STRONG_RANDOM),gcry_mpi_set_bit(num,bits-1),gcry_mpi_set_bit(num,0)
#define bignum_mod_exp(dest,generator,exp,modulo) gcry_mpi_powm(dest,generator,exp,modulo)
#define bignum_num_bits(num) gcry_mpi_get_nbits(num)
#define bignum_num_bytes(num) ((gcry_mpi_get_nbits(num)+7)/8)
#define bignum_is_bit_set(num,bit) gcry_mpi_test_bit(num,bit)
#define bignum_bn2bin(num,datalen,data) gcry_mpi_print(GCRYMPI_FMT_USG,data,datalen,NULL,num)
#define bignum_cmp(num1,num2) gcry_mpi_cmp(num1,num2)
#elif defined HAVE_LIBCRYPTO
#include <openssl/dsa.h>
#include <openssl/rsa.h>
#include <openssl/sha.h>
#include <openssl/md5.h>
#include <openssl/hmac.h>
typedef SHA_CTX* SHACTX;
typedef MD5_CTX* MD5CTX;
typedef HMAC_CTX* HMACCTX;
#ifdef MD5_DIGEST_LEN
#undef MD5_DIGEST_LEN
#endif
#define SHA_DIGEST_LEN SHA_DIGEST_LENGTH
#define MD5_DIGEST_LEN MD5_DIGEST_LENGTH
#endif /* OPENSSL_CRYPTO */
#ifdef OPENSSL_BIGNUMS
#include <openssl/bn.h>
typedef BIGNUM* bignum;
typedef BN_CTX* bignum_CTX;
#define bignum_new() BN_new()
#define bignum_free(num) BN_clear_free(num)
#define bignum_set_word(bn,n) BN_set_word(bn,n)
#define bignum_bin2bn(bn,datalen,data) BN_bin2bn(bn,datalen,data)
#define bignum_bn2dec(num) BN_bn2dec(num)
#define bignum_dec2bn(bn,data) BN_dec2bn(data,bn)
#define bignum_bn2hex(num) BN_bn2hex(num)
#define bignum_rand(rnd, bits, top, bottom) BN_rand(rnd,bits,top,bottom)
#define bignum_ctx_new() BN_CTX_new()
#define bignum_ctx_free(num) BN_CTX_free(num)
#define bignum_mod_exp(dest,generator,exp,modulo,ctx) BN_mod_exp(dest,generator,exp,modulo,ctx)
#define bignum_num_bytes(num) BN_num_bytes(num)
#define bignum_num_bits(num) BN_num_bits(num)
#define bignum_is_bit_set(num,bit) BN_is_bit_set(num,bit)
#define bignum_bn2bin(num,ptr) BN_bn2bin(num,ptr)
#define bignum_cmp(num1,num2) BN_cmp(num1,num2)
#endif /* OPENSSL_BIGNUMS */
#ifdef HAVE_SYS_TIME_H
#include <sys/time.h>
@ -180,19 +105,6 @@ typedef struct ssh_pollfd_struct {
typedef unsigned long int nfds_t;
#endif /* HAVE_POLL */
/* wrapper.c */
MD5CTX md5_init(void);
void md5_update(MD5CTX c, const void *data, unsigned long len);
void md5_final(unsigned char *md,MD5CTX c);
SHACTX sha1_init(void);
void sha1_update(SHACTX c, const void *data, unsigned long len);
void sha1_final(unsigned char *md,SHACTX c);
void sha1(unsigned char *digest,int len,unsigned char *hash);
#define HMAC_SHA1 1
#define HMAC_MD5 2
HMACCTX hmac_init(const void *key,int len,int type);
void hmac_update(HMACCTX c, const void *data, unsigned long len);
void hmac_final(HMACCTX ctx,unsigned char *hashmacbuf,unsigned int *len);
/* i should remove it one day */
typedef struct packet_struct {
@ -206,6 +118,9 @@ typedef struct kex_struct {
char **methods;
} KEX;
/* TODO: remove that include */
#include "libssh/wrapper.h"
struct ssh_public_key_struct {
int type;
const char *type_c; /* Don't free it ! it is static */
@ -247,33 +162,6 @@ struct error_struct {
char error_buffer[ERROR_BUFFERLEN];
};
struct ssh_options_struct {
struct error_struct error;
char *banner; /* explicit banner to send */
char *username;
char *host;
char *bindaddr;
int bindport;
char *identity;
char *ssh_dir;
char *known_hosts_file;
socket_t fd; /* specificaly wanted file descriptor, don't connect host */
int port;
int dont_verify_hostkey; /* Don't spare time, don't check host key ! unneeded to say it's dangerous and not safe */
int use_nonexisting_algo; /* if user sets a not supported algorithm for kex, don't complain */
char *wanted_methods[10]; /* the kex methods can be choosed. better use the kex fonctions to do that */
void *wanted_cookie; /* wants a specific cookie to be sent ? if null, generate a new one */
ssh_callbacks callbacks; /* Callbacks to user functions */
long timeout; /* seconds */
long timeout_usec;
int ssh2allowed;
int ssh1allowed;
char *dsakey;
char *rsakey; /* host key for server implementation */
int log_verbosity;
};
struct ssh_crypto_struct {
bignum e,f,x,k,y;
unsigned char session_id[SHA_DIGEST_LEN];

110
include/libssh/wrapper.h Обычный файл
Просмотреть файл

@ -0,0 +1,110 @@
/*
* This file is part of the SSH Library
*
* Copyright (c) 2009 by Aris Adamantiadis
*
* The SSH Library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or (at your
* option) any later version.
*
* The SSH Library is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with the SSH Library; see the file COPYING. If not, write to
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
* MA 02111-1307, USA.
*/
#ifndef WRAPPER_H_
#define WRAPPER_H_
#include "config.h"
#ifdef MD5_DIGEST_LEN
#undef MD5_DIGEST_LEN
#endif
/* wrapper things */
#ifdef HAVE_LIBGCRYPT
#include <gcrypt.h>
typedef gcry_md_hd_t SHACTX;
typedef gcry_md_hd_t MD5CTX;
typedef gcry_md_hd_t HMACCTX;
#define SHA_DIGEST_LEN 20
#define MD5_DIGEST_LEN 16
#define EVP_MAX_MD_SIZE 36
typedef gcry_mpi_t bignum;
#define bignum_new() gcry_mpi_new(0)
#define bignum_free(num) gcry_mpi_release(num)
#define bignum_set_word(bn,n) gcry_mpi_set_ui(bn,n)
#define bignum_bin2bn(bn,datalen,data) gcry_mpi_scan(data,GCRYMPI_FMT_USG,bn,datalen,NULL)
#define bignum_bn2dec(num) my_gcry_bn2dec(num)
#define bignum_dec2bn(num, data) my_gcry_dec2bn(data, num)
#define bignum_bn2hex(num,data) gcry_mpi_aprint(GCRYMPI_FMT_HEX,data,NULL,num)
#define bignum_hex2bn(num,datalen,data) gcry_mpi_scan(num,GCRYMPI_FMT_HEX,data,datalen,NULL)
#define bignum_rand(num,bits) gcry_mpi_randomize(num,bits,GCRY_STRONG_RANDOM),gcry_mpi_set_bit(num,bits-1),gcry_mpi_set_bit(num,0)
#define bignum_mod_exp(dest,generator,exp,modulo) gcry_mpi_powm(dest,generator,exp,modulo)
#define bignum_num_bits(num) gcry_mpi_get_nbits(num)
#define bignum_num_bytes(num) ((gcry_mpi_get_nbits(num)+7)/8)
#define bignum_is_bit_set(num,bit) gcry_mpi_test_bit(num,bit)
#define bignum_bn2bin(num,datalen,data) gcry_mpi_print(GCRYMPI_FMT_USG,data,datalen,NULL,num)
#define bignum_cmp(num1,num2) gcry_mpi_cmp(num1,num2)
#elif defined HAVE_LIBCRYPTO
#include <openssl/dsa.h>
#include <openssl/rsa.h>
#include <openssl/sha.h>
#include <openssl/md5.h>
#include <openssl/hmac.h>
typedef SHA_CTX* SHACTX;
typedef MD5_CTX* MD5CTX;
typedef HMAC_CTX* HMACCTX;
#define SHA_DIGEST_LEN SHA_DIGEST_LENGTH
#define MD5_DIGEST_LEN MD5_DIGEST_LENGTH
#include <openssl/bn.h>
typedef BIGNUM* bignum;
typedef BN_CTX* bignum_CTX;
#define bignum_new() BN_new()
#define bignum_free(num) BN_clear_free(num)
#define bignum_set_word(bn,n) BN_set_word(bn,n)
#define bignum_bin2bn(bn,datalen,data) BN_bin2bn(bn,datalen,data)
#define bignum_bn2dec(num) BN_bn2dec(num)
#define bignum_dec2bn(bn,data) BN_dec2bn(data,bn)
#define bignum_bn2hex(num) BN_bn2hex(num)
#define bignum_rand(rnd, bits, top, bottom) BN_rand(rnd,bits,top,bottom)
#define bignum_ctx_new() BN_CTX_new()
#define bignum_ctx_free(num) BN_CTX_free(num)
#define bignum_mod_exp(dest,generator,exp,modulo,ctx) BN_mod_exp(dest,generator,exp,modulo,ctx)
#define bignum_num_bytes(num) BN_num_bytes(num)
#define bignum_num_bits(num) BN_num_bits(num)
#define bignum_is_bit_set(num,bit) BN_is_bit_set(num,bit)
#define bignum_bn2bin(num,ptr) BN_bn2bin(num,ptr)
#define bignum_cmp(num1,num2) BN_cmp(num1,num2)
#endif /* OPENSSL_CRYPTO */
/* wrapper.c */
MD5CTX md5_init(void);
void md5_update(MD5CTX c, const void *data, unsigned long len);
void md5_final(unsigned char *md,MD5CTX c);
SHACTX sha1_init(void);
void sha1_update(SHACTX c, const void *data, unsigned long len);
void sha1_final(unsigned char *md,SHACTX c);
void sha1(unsigned char *digest,int len,unsigned char *hash);
#define HMAC_SHA1 1
#define HMAC_MD5 2
HMACCTX hmac_init(const void *key,int len,int type);
void hmac_update(HMACCTX c, const void *data, unsigned long len);
void hmac_final(HMACCTX ctx,unsigned char *hashmacbuf,unsigned int *len);
#endif /* WRAPPER_H_ */

Просмотреть файл

@ -37,6 +37,7 @@
#include "libssh/keyfiles.h"
#include "libssh/packet.h"
#include "libssh/session.h"
#include "libssh/options.h"
/** \defgroup ssh_auth SSH Authentication functions
* \brief functions to authenticate to servers

Просмотреть файл

@ -35,6 +35,7 @@
#include "libssh/packet.h"
#include "libssh/socket.h"
#include "libssh/session.h"
#include "libssh/options.h"
#define set_status(opt,status) do {\
if (opt->callbacks && opt->callbacks->connect_status_function) \

Просмотреть файл

@ -26,6 +26,7 @@
#include <string.h>
#include "libssh/priv.h"
#include "libssh/options.h"
enum ssh_config_opcode_e {
SOC_UNSUPPORTED = -1,

Просмотреть файл

@ -21,6 +21,7 @@
* MA 02111-1307, USA.
*/
#include "config.h"
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
@ -38,6 +39,7 @@
#include "libssh/priv.h"
#include "libssh/crypto.h"
#include "libssh/session.h"
#include "libssh/wrapper.h"
uint32_t packet_decrypt_len(ssh_session session, char *crypted){
uint32_t decrypted;

Просмотреть файл

@ -40,6 +40,7 @@
* if everything went correctly, k and k' are equal
*/
#include "config.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@ -52,6 +53,8 @@
#include "libssh/crypto.h"
#include "libssh/buffer.h"
#include "libssh/session.h"
#include "libssh/options.h"
/* todo: remove it */
#include "libssh/string.h"
#ifdef HAVE_LIBCRYPTO

Просмотреть файл

@ -37,6 +37,8 @@
#include "libssh/buffer.h"
#include "libssh/packet.h"
#include "libssh/session.h"
#include "libssh/wrapper.h"
#include "libssh/options.h"
#ifdef HAVE_LIBGCRYPT
#define BLOWFISH "blowfish-cbc,"

Просмотреть файл

@ -22,6 +22,8 @@
* MA 02111-1307, USA.
*/
#include "config.h"
#include <ctype.h>
#include <errno.h>
#include <fcntl.h>
@ -39,9 +41,13 @@
#include "libssh/buffer.h"
#include "libssh/keyfiles.h"
#include "libssh/session.h"
#include "libssh/wrapper.h"
#include "libssh/options.h"
/*todo: remove this include */
#include "libssh/string.h"
#ifdef HAVE_LIBGCRYPT
#include <gcrypt.h>
#elif defined HAVE_LIBCRYPTO

Просмотреть файл

@ -27,6 +27,7 @@
#include "libssh/priv.h"
#include "libssh/session.h"
#include "libssh/options.h"
/**
* @defgroup ssh_log SSH Logging

Просмотреть файл

@ -22,6 +22,7 @@
* MA 02111-1307, USA.
*/
#include "config.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@ -32,6 +33,7 @@
#endif
#include <sys/types.h>
#include "libssh/priv.h"
#include "libssh/options.h"
/** \defgroup ssh_options SSH Options
* \brief options settings for a new SSH session

Просмотреть файл

@ -27,6 +27,8 @@
* @{
*/
#include "config.h"
#include <errno.h>
#include <fcntl.h>
#include <stdio.h>
@ -43,6 +45,7 @@
#include "libssh/socket.h"
#include "libssh/channels.h"
#include "libssh/session.h"
#include "libssh/options.h"
#ifdef _WIN32

Просмотреть файл

@ -21,6 +21,7 @@
* MA 02111-1307, USA.
*/
#include "config.h"
#include <string.h>
#include <stdlib.h>
#include "libssh/libssh.h"
@ -31,6 +32,8 @@
#include "libssh/agent.h"
#include "libssh/packet.h"
#include "libssh/session.h"
#include "libssh/options.h"
#define FIRST_CHANNEL 42 // why not ? it helps to find bugs.

Просмотреть файл

@ -31,17 +31,19 @@
* are welcome.
*/
#include "config.h"
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include "libssh/priv.h"
#include "libssh/session.h"
#include "libssh/crypto.h"
#include "libssh/wrapper.h"
#ifdef HAVE_LIBGCRYPT
#include <gcrypt.h>
#include "libssh/crypto.h"
static int alloc_key(struct crypto_struct *cipher) {
cipher->key = malloc(cipher->keylen);