PktOut *ssh2_portfwd_chanopen(
struct ssh2_connection_state *s, struct ssh2_channel *c,
const char *hostname, int port,
const char *description, const SocketPeerInfo *pi)
{
PacketProtocolLayer *ppl = &s->ppl; /* for ppl_logevent */
PktOut *pktout;
/*
* In server mode, this function is called by portfwdmgr in
* response to PortListeners that were set up by calling
* portfwdmgr_listen, which means that the hostname and port
* parameters will identify the listening socket on which a
* connection just came in.
*/
if (pi && pi->log_text)
ppl_logevent("Forwarding connection to listening port %s:%d from %s",
hostname, port, pi->log_text);
else
ppl_logevent("Forwarding connection to listening port %s:%d",
hostname, port);
pktout = ssh2_chanopen_init(c, "forwarded-tcpip");
put_stringz(pktout, hostname);
put_uint32(pktout, port);
put_stringz(pktout, (pi && pi->addr_text ? pi->addr_text : "0.0.0.0"));
put_uint32(pktout, (pi && pi->port >= 0 ? pi->port : 0));
return pktout;
}
void zmq::amqp_marshaller_t::queue_declare_ok (
uint16_t channel_,
const i_amqp::shortstr_t queue_,
uint32_t message_count_,
uint32_t consumer_count_)
{
unsigned char *args = (unsigned char*) malloc (i_amqp::frame_min_size);
assert (args);
size_t offset = 0;
assert (offset + sizeof (uint8_t) + queue_.size <=
i_amqp::frame_min_size);
put_uint8 (args + offset, queue_.size);
offset += sizeof (uint8_t);
memcpy (args + offset, queue_.data, queue_.size);
offset += queue_.size;
assert (offset + sizeof (uint32_t) <= i_amqp::frame_min_size);
put_uint32 (args + offset, message_count_);
offset += sizeof (uint32_t);
assert (offset + sizeof (uint32_t) <= i_amqp::frame_min_size);
put_uint32 (args + offset, consumer_count_);
offset += sizeof (uint32_t);
command_t cmd = {
channel_,
i_amqp::queue_id,
i_amqp::queue_declare_ok_id,
args,
offset
};
command_queue.push (cmd);
}
/*
* Read from a file. Returns the number of bytes read, or -1 on an
* error, or possibly 0 if EOF. (I'm not entirely sure whether it
* will return 0 on EOF, or return -1 and store SSH_FX_EOF in the
* error indicator. It might even depend on the SFTP server.)
*/
struct sftp_request *fxp_read_send(struct fxp_handle *handle,
uint64_t offset, int len)
{
struct sftp_request *req = sftp_alloc_request();
struct sftp_packet *pktout;
pktout = sftp_pkt_init(SSH_FXP_READ);
put_uint32(pktout, req->id);
put_string(pktout, handle->hstring, handle->hlen);
put_uint64(pktout, offset);
put_uint32(pktout, len);
sftp_send(pktout);
return req;
}
/*
* Open a file.
*/
struct sftp_request *fxp_open_send(const char *path, int type,
const struct fxp_attrs *attrs)
{
struct sftp_request *req = sftp_alloc_request();
struct sftp_packet *pktout;
pktout = sftp_pkt_init(SSH_FXP_OPEN);
put_uint32(pktout, req->id);
put_stringz(pktout, path);
put_uint32(pktout, type);
put_fxp_attrs(pktout, attrs ? *attrs : no_attrs);
sftp_send(pktout);
return req;
}
bool zmq::router_t::identify_peer (pipe_t *pipe_)
{
msg_t msg;
blob_t identity;
bool ok;
if (options.raw_sock) { // Always assign identity for raw-socket
unsigned char buf [5];
buf [0] = 0;
put_uint32 (buf + 1, next_peer_id++);
identity = blob_t (buf, sizeof buf);
unsigned int i = 0; // Store identity to allow use of raw socket as client
for (blob_t::iterator it = identity.begin(); it != identity.end(); it++) options.identity[i++] = *it;
options.identity_size = i;
}
else {
msg.init ();
ok = pipe_->read (&msg);
if (!ok)
return false;
if (msg.size () == 0) {
// Fall back on the auto-generation
unsigned char buf [5];
buf [0] = 0;
put_uint32 (buf + 1, next_peer_id++);
identity = blob_t (buf, sizeof buf);
msg.close ();
}
else {
identity = blob_t ((unsigned char*) msg.data (), msg.size ());
outpipes_t::iterator it = outpipes.find (identity);
msg.close ();
// Ignore peers with duplicate ID.
if (it != outpipes.end ())
return false;
}
}
pipe_->set_identity (identity);
// Add the record into output pipes lookup table
outpipe_t outpipe = {pipe_, true};
ok = outpipes.insert (outpipes_t::value_type (identity, outpipe)).second;
zmq_assert (ok);
return true;
}
int zmq::gssapi_mechanism_base_t::produce_initiate (msg_t *msg_, void *token_value_, size_t token_length_)
{
zmq_assert (token_value_);
zmq_assert (token_length_ <= 0xFFFFFFFFUL);
const size_t command_size = 9 + 4 + token_length_;
const int rc = msg_->init_size (command_size);
errno_assert (rc == 0);
uint8_t *ptr = static_cast <uint8_t *> (msg_->data ());
// Add command string
memcpy (ptr, "\x08INITIATE", 9);
ptr += 9;
// Add token length
put_uint32 (ptr, static_cast <uint32_t> (token_length_));
ptr += 4;
// Add token value
memcpy (ptr, token_value_, token_length_);
ptr += token_length_;
return 0;
}
static void oaep_mask(const ssh_hashalg *h, void *seed, int seedlen,
void *vdata, int datalen)
{
unsigned char *data = (unsigned char *)vdata;
unsigned count = 0;
while (datalen > 0) {
int i, max = (datalen > h->hlen ? h->hlen : datalen);
ssh_hash *s;
unsigned char hash[MAX_HASH_LEN];
assert(h->hlen <= MAX_HASH_LEN);
s = ssh_hash_new(h);
put_data(s, seed, seedlen);
put_uint32(s, count);
ssh_hash_final(s, hash);
count++;
for (i = 0; i < max; i++)
data[i] ^= hash[i];
data += max;
datalen -= max;
}
}
static void rsa2_sign(ssh_key *key, ptrlen data,
unsigned flags, BinarySink *bs)
{
RSAKey *rsa = container_of(key, RSAKey, sshk);
unsigned char *bytes;
size_t nbytes;
mp_int *in, *out;
const ssh_hashalg *halg;
const char *sign_alg_name;
halg = rsa2_hash_alg_for_flags(flags, &sign_alg_name);
nbytes = (mp_get_nbits(rsa->modulus) + 7) / 8;
bytes = rsa_pkcs1_signature_string(nbytes, halg, data);
in = mp_from_bytes_be(make_ptrlen(bytes, nbytes));
smemclr(bytes, nbytes);
sfree(bytes);
out = rsa_privkey_op(in, rsa);
mp_free(in);
put_stringz(bs, sign_alg_name);
nbytes = (mp_get_nbits(out) + 7) / 8;
put_uint32(bs, nbytes);
for (size_t i = 0; i < nbytes; i++)
put_byte(bs, mp_get_byte(out, nbytes - 1 - i));
mp_free(out);
}
void zmq::stream_t::identify_peer (pipe_t *pipe_)
{
// Always assign identity for raw-socket
unsigned char buffer [5];
buffer [0] = 0;
blob_t identity;
if (connect_rid.length ()) {
identity = blob_t ((unsigned char*) connect_rid.c_str(),
connect_rid.length ());
connect_rid.clear ();
outpipes_t::iterator it = outpipes.find (identity);
zmq_assert (it == outpipes.end ());
}
else {
put_uint32 (buffer + 1, next_rid++);
identity = blob_t (buffer, sizeof buffer);
memcpy (options.identity, identity.data (), identity.size ());
options.identity_size = (unsigned char) identity.size ();
}
pipe_->set_identity (identity);
// Add the record into output pipes lookup table
outpipe_t outpipe = {pipe_, true};
const bool ok = outpipes.insert (
outpipes_t::value_type (identity, outpipe)).second;
zmq_assert (ok);
}
static void default_reply_name_count(SftpReplyBuilder *reply, unsigned count)
{
DefaultSftpReplyBuilder *d =
container_of(reply, DefaultSftpReplyBuilder, rb);
d->pkt->type = SSH_FXP_NAME;
put_uint32(d->pkt, count);
}
void zmq::amqp_marshaller_t::connection_tune_ok (
uint16_t channel_,
uint16_t channel_max_,
uint32_t frame_max_,
uint16_t heartbeat_)
{
unsigned char *args = (unsigned char*) malloc (i_amqp::frame_min_size);
assert (args);
size_t offset = 0;
assert (offset + sizeof (uint16_t) <= i_amqp::frame_min_size);
put_uint16 (args + offset, channel_max_);
offset += sizeof (uint16_t);
assert (offset + sizeof (uint32_t) <= i_amqp::frame_min_size);
put_uint32 (args + offset, frame_max_);
offset += sizeof (uint32_t);
assert (offset + sizeof (uint16_t) <= i_amqp::frame_min_size);
put_uint16 (args + offset, heartbeat_);
offset += sizeof (uint16_t);
command_t cmd = {
channel_,
i_amqp::connection_id,
i_amqp::connection_tune_ok_id,
args,
offset
};
command_queue.push (cmd);
}
void zmq::stream_t::identify_peer (pipe_t *pipe_)
{
// Always assign routing id for raw-socket
unsigned char buffer[5];
buffer[0] = 0;
blob_t routing_id;
if (connect_routing_id.length ()) {
routing_id.set ((unsigned char *) connect_routing_id.c_str (),
connect_routing_id.length ());
connect_routing_id.clear ();
outpipes_t::iterator it = outpipes.find (routing_id);
zmq_assert (it == outpipes.end ());
} else {
put_uint32 (buffer + 1, next_integral_routing_id++);
routing_id.set (buffer, sizeof buffer);
memcpy (options.routing_id, routing_id.data (), routing_id.size ());
options.routing_id_size = (unsigned char) routing_id.size ();
}
pipe_->set_router_socket_routing_id (routing_id);
// Add the record into output pipes lookup table
outpipe_t outpipe = {pipe_, true};
const bool ok =
outpipes.ZMQ_MAP_INSERT_OR_EMPLACE (ZMQ_MOVE (routing_id), outpipe)
.second;
zmq_assert (ok);
}
void zmq::amqp_marshaller_t::basic_qos (
uint16_t channel_,
uint32_t prefetch_size_,
uint16_t prefetch_count_,
bool global_)
{
unsigned char *args = (unsigned char*) malloc (i_amqp::frame_min_size);
assert (args);
size_t offset = 0;
assert (offset + sizeof (uint32_t) <= i_amqp::frame_min_size);
put_uint32 (args + offset, prefetch_size_);
offset += sizeof (uint32_t);
assert (offset + sizeof (uint16_t) <= i_amqp::frame_min_size);
put_uint16 (args + offset, prefetch_count_);
offset += sizeof (uint16_t);
assert (offset + sizeof (uint8_t) <= i_amqp::frame_min_size);
args [offset] = (
((global_ ? 1 : 0) << 0));
offset += sizeof (uint8_t);
command_t cmd = {
channel_,
i_amqp::basic_id,
i_amqp::basic_qos_id,
args,
offset
};
command_queue.push (cmd);
}
static void eddsa_openssh_blob(ssh_key *key, BinarySink *bs)
{
struct eddsa_key *ek = container_of(key, struct eddsa_key, sshk);
assert(ek->curve->type == EC_EDWARDS);
/* Encode the public and private points as strings */
strbuf *pub_sb = strbuf_new();
put_epoint(pub_sb, ek->publicKey, ek->curve, false);
ptrlen pub = make_ptrlen(pub_sb->s + 4, pub_sb->len - 4);
strbuf *priv_sb = strbuf_new_nm();
put_mp_le_unsigned(priv_sb, ek->privateKey);
ptrlen priv = make_ptrlen(priv_sb->s + 4, priv_sb->len - 4);
put_stringpl(bs, pub);
/* Encode the private key as the concatenation of the
* little-endian key integer and the public key again */
put_uint32(bs, priv.len + pub.len);
put_datapl(bs, priv);
put_datapl(bs, pub);
strbuf_free(pub_sb);
strbuf_free(priv_sb);
}
static void BinarySink_put_mp_le_unsigned(BinarySink *bs, mp_int *x)
{
size_t bytes = (mp_get_nbits(x) + 7) / 8;
put_uint32(bs, bytes);
for (size_t i = 0; i < bytes; ++i)
put_byte(bs, mp_get_byte(x, i));
}
static void default_reply_ok(SftpReplyBuilder *reply)
{
DefaultSftpReplyBuilder *d =
container_of(reply, DefaultSftpReplyBuilder, rb);
d->pkt->type = SSH_FXP_STATUS;
put_uint32(d->pkt, SSH_FX_OK);
put_stringz(d->pkt, "");
}
static void default_reply_error(
SftpReplyBuilder *reply, unsigned code, const char *msg)
{
DefaultSftpReplyBuilder *d =
container_of(reply, DefaultSftpReplyBuilder, rb);
d->pkt->type = SSH_FXP_STATUS;
put_uint32(d->pkt, code);
put_stringz(d->pkt, msg);
}
void zmq::amqp_marshaller_t::put_field_table (
unsigned char *args, size_t args_size, size_t &offset,
const i_amqp::field_table_t &table_)
{
// Skip field table size (to be filled in later)
assert (offset + sizeof (uint32_t) <= args_size);
offset += sizeof (uint32_t);
size_t table_size = 0;
for (i_amqp::field_table_t::const_iterator table_it = table_.begin();
table_it != table_.end(); table_it++ ) {
// Put field name
assert (offset + sizeof (uint8_t) + table_it->first.size () <=
i_amqp::frame_min_size);
put_uint8 (args + offset, table_it->first.size ());
offset += sizeof (uint8_t);
memcpy (args + offset, table_it->first.c_str (),
table_it->first.size ());
offset += table_it->first.size ();
// Put field type
assert (offset + sizeof (uint8_t) <= args_size);
put_uint8 (args + offset, 'S');
offset += sizeof (uint8_t);
// Put field value
assert (offset + sizeof (uint32_t) + table_it->second.size () <=
i_amqp::frame_min_size);
put_uint32 (args + offset, table_it->second.size ());
offset += sizeof (uint32_t);
memcpy (args + offset, table_it->second.c_str (),
table_it->second.size ());
offset += table_it->second.size ();
// Adjust actual table size
table_size += (sizeof (uint8_t) + table_it->first.size () +
sizeof (uint8_t) + sizeof (uint32_t) +
table_it->second.size ());
}
// Fill in the table size
put_uint32 (args + offset - table_size - sizeof (uint32_t), table_size);
}
void ssh2channel_send_exit_status(SshChannel *sc, int status)
{
struct ssh2_channel *c = container_of(sc, struct ssh2_channel, sc);
struct ssh2_connection_state *s = c->connlayer;
PktOut *pktout = ssh2_chanreq_init(c, "exit-status", NULL, NULL);
put_uint32(pktout, status);
pq_push(s->ppl.out_pq, pktout);
}
void zmq::amqp_marshaller_t::connection_start (
uint16_t channel_,
uint8_t version_major_,
uint8_t version_minor_,
const i_amqp::field_table_t &server_properties_,
const i_amqp::longstr_t mechanisms_,
const i_amqp::longstr_t locales_)
{
unsigned char *args = (unsigned char*) malloc (i_amqp::frame_min_size);
assert (args);
size_t offset = 0;
assert (offset + sizeof (uint8_t) <= i_amqp::frame_min_size);
put_uint8 (args + offset, version_major_);
offset += sizeof (uint8_t);
assert (offset + sizeof (uint8_t) <= i_amqp::frame_min_size);
put_uint8 (args + offset, version_minor_);
offset += sizeof (uint8_t);
put_field_table (args, i_amqp::frame_min_size, offset, server_properties_);
assert (offset + sizeof (uint32_t) + mechanisms_.size <=
i_amqp::frame_min_size);
put_uint32 (args + offset, mechanisms_.size);
offset += sizeof (uint32_t);
memcpy (args + offset, mechanisms_.data, mechanisms_.size);
offset += mechanisms_.size;
assert (offset + sizeof (uint32_t) + locales_.size <=
i_amqp::frame_min_size);
put_uint32 (args + offset, locales_.size);
offset += sizeof (uint32_t);
memcpy (args + offset, locales_.data, locales_.size);
offset += locales_.size;
command_t cmd = {
channel_,
i_amqp::connection_id,
i_amqp::connection_start_id,
args,
offset
};
command_queue.push (cmd);
}
/*
* Read from a directory.
*/
struct sftp_request *fxp_readdir_send(struct fxp_handle *handle)
{
struct sftp_request *req = sftp_alloc_request();
struct sftp_packet *pktout;
pktout = sftp_pkt_init(SSH_FXP_READDIR);
put_uint32(pktout, req->id);
put_string(pktout, handle->hstring, handle->hlen);
sftp_send(pktout);
return req;
}
void rsa_ssh1_public_blob(BinarySink *bs, RSAKey *key,
RsaSsh1Order order)
{
put_uint32(bs, mp_get_nbits(key->modulus));
if (order == RSA_SSH1_EXPONENT_FIRST) {
put_mp_ssh1(bs, key->exponent);
put_mp_ssh1(bs, key->modulus);
} else {
put_mp_ssh1(bs, key->modulus);
put_mp_ssh1(bs, key->exponent);
}
}
struct sftp_request *fxp_rmdir_send(const char *path)
{
struct sftp_request *req = sftp_alloc_request();
struct sftp_packet *pktout;
pktout = sftp_pkt_init(SSH_FXP_RMDIR);
put_uint32(pktout, req->id);
put_stringz(pktout, path);
sftp_send(pktout);
return req;
}
/*
* Retrieve the attributes of a file. We have fxp_stat which works
* on filenames, and fxp_fstat which works on open file handles.
*/
struct sftp_request *fxp_stat_send(const char *fname)
{
struct sftp_request *req = sftp_alloc_request();
struct sftp_packet *pktout;
pktout = sftp_pkt_init(SSH_FXP_STAT);
put_uint32(pktout, req->id);
put_stringz(pktout, fname);
sftp_send(pktout);
return req;
}
/*
* send Notification payload (for ISAKMP SA) in Informational exchange
*/
int
isakmp_info_send_n1(struct ph1handle *iph1, int type, rc_vchar_t *data)
{
rc_vchar_t *payload = NULL;
int tlen;
int error = 0;
struct isakmp_pl_n *n;
int spisiz;
/*
* note on SPI size: which description is correct? I have chosen
* this to be 0.
*
* RFC2408 3.1, 2nd paragraph says: ISAKMP SA is identified by
* Initiator/Responder cookie and SPI has no meaning, SPI size = 0.
* RFC2408 3.1, first paragraph on page 40: ISAKMP SA is identified
* by cookie and SPI has no meaning, 0 <= SPI size <= 16.
* RFC2407 4.6.3.3, INITIAL-CONTACT is required to set to 16.
*/
if (type == ISAKMP_NTYPE_INITIAL_CONTACT)
spisiz = sizeof(isakmp_index_t);
else
spisiz = 0;
tlen = sizeof(*n) + spisiz;
if (data)
tlen += data->l;
payload = rc_vmalloc(tlen);
if (payload == NULL) {
plog(PLOG_INTERR, PLOGLOC, NULL,
"failed to get buffer to send.\n");
return errno;
}
n = (struct isakmp_pl_n *)payload->v;
n->h.np = ISAKMP_NPTYPE_NONE;
put_uint16(&n->h.len, tlen);
put_uint32(&n->doi, ikev1_doitype(iph1->rmconf));
n->proto_id = IPSECDOI_PROTO_ISAKMP; /* XXX to be configurable ? */
n->spi_size = spisiz;
put_uint16(&n->type, type);
if (spisiz)
memcpy(n + 1, &iph1->index, sizeof(isakmp_index_t));
if (data)
memcpy((caddr_t)(n + 1) + spisiz, data->v, data->l);
error = isakmp_info_send_common(iph1, payload, ISAKMP_NPTYPE_N, iph1->flags);
rc_vfree(payload);
return error;
}
int zmq::gssapi_mechanism_base_t::encode_message (msg_t *msg_)
{
// Wrap the token value
int state;
gss_buffer_desc plaintext;
gss_buffer_desc wrapped;
uint8_t flags = 0;
if (msg_->flags () & msg_t::more)
flags |= 0x01;
if (msg_->flags () & msg_t::command)
flags |= 0x02;
uint8_t *plaintext_buffer = static_cast <uint8_t *>(malloc(msg_->size ()+1));
plaintext_buffer[0] = flags;
memcpy (plaintext_buffer+1, msg_->data(), msg_->size());
plaintext.value = plaintext_buffer;
plaintext.length = msg_->size ()+1;
maj_stat = gss_wrap(&min_stat, context, 1, GSS_C_QOP_DEFAULT,
&plaintext, &state, &wrapped);
zmq_assert (maj_stat == GSS_S_COMPLETE);
zmq_assert (state);
// Re-initialize msg_ for wrapped text
int rc = msg_->close ();
zmq_assert (rc == 0);
rc = msg_->init_size (8 + 4 + wrapped.length);
zmq_assert (rc == 0);
uint8_t *ptr = static_cast <uint8_t *> (msg_->data ());
// Add command string
memcpy (ptr, "\x07MESSAGE", 8);
ptr += 8;
// Add token length
put_uint32 (ptr, static_cast <uint32_t> (wrapped.length));
ptr += 4;
// Add wrapped token value
memcpy (ptr, wrapped.value, wrapped.length);
ptr += wrapped.length;
gss_release_buffer (&min_stat, &wrapped);
return 0;
}
void ssh2channel_send_exit_signal_numeric(
SshChannel *sc, int signum, bool core_dumped, ptrlen msg)
{
struct ssh2_channel *c = container_of(sc, struct ssh2_channel, sc);
struct ssh2_connection_state *s = c->connlayer;
PktOut *pktout = ssh2_chanreq_init(c, "exit-signal", NULL, NULL);
put_uint32(pktout, signum);
put_bool(pktout, core_dumped);
put_stringpl(pktout, msg);
put_stringz(pktout, ""); /* language tag */
pq_push(s->ppl.out_pq, pktout);
}
struct sftp_request *fxp_rename_send(const char *srcfname,
const char *dstfname)
{
struct sftp_request *req = sftp_alloc_request();
struct sftp_packet *pktout;
pktout = sftp_pkt_init(SSH_FXP_RENAME);
put_uint32(pktout, req->id);
put_stringz(pktout, srcfname);
put_stringz(pktout, dstfname);
sftp_send(pktout);
return req;
}
struct sftp_packet *sftp_pkt_init(int type)
{
struct sftp_packet *pkt;
pkt = snew(struct sftp_packet);
pkt->data = NULL;
pkt->savedpos = -1;
pkt->length = 0;
pkt->maxlen = 0;
pkt->type = type;
BinarySink_INIT(pkt, sftp_pkt_BinarySink_write);
put_uint32(pkt, 0); /* length field will be filled in later */
put_byte(pkt, 0); /* so will the type field */
return pkt;
}
struct sftp_request *fxp_fsetstat_send(struct fxp_handle *handle,
struct fxp_attrs attrs)
{
struct sftp_request *req = sftp_alloc_request();
struct sftp_packet *pktout;
pktout = sftp_pkt_init(SSH_FXP_FSETSTAT);
put_uint32(pktout, req->id);
put_string(pktout, handle->hstring, handle->hlen);
put_fxp_attrs(pktout, attrs);
sftp_send(pktout);
return req;
}