blob: 4190d3ca351ceb225db7fa45ce9cb0a6a54ac6b4 [file] [log] [blame]
/* Copyright (c) 2004, Sara Golemon <sarag@users.sourceforge.net>
* All rights reserved.
*
* Redistribution and use in source and binary forms,
* with or without modification, are permitted provided
* that the following conditions are met:
*
* Redistributions of source code must retain the above
* copyright notice, this list of conditions and the
* following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials
* provided with the distribution.
*
* Neither the name of the copyright holder nor the names
* of any other contributors may be used to endorse or
* promote products derived from this software without
* specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
* CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
* CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
* BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
* USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
* OF SUCH DAMAGE.
*/
#include "libssh2_priv.h"
#include <errno.h>
#include <fcntl.h>
#include <unistd.h>
#include <openssl/evp.h>
/* {{{ libssh2_packet_new
* Create a new packet and attach it to the brigade
*/
static int libssh2_packet_add(LIBSSH2_SESSION *session, unsigned char *data, size_t datalen, int macstate)
{
LIBSSH2_PACKET *packet;
unsigned long data_head = 0;
if (macstate == LIBSSH2_MAC_INVALID) {
if (session->macerror) {
if (LIBSSH2_MACERROR(session, data, datalen) == 0) {
/* Calling app has given the OK, Process it anyway */
macstate = LIBSSH2_MAC_CONFIRMED;
} else {
libssh2_error(session, LIBSSH2_ERROR_INVALID_MAC, "Invalid Message Authentication Code received", 0);
if (session->ssh_msg_disconnect) {
LIBSSH2_DISCONNECT(session, SSH_DISCONNECT_MAC_ERROR, "Invalid MAC received", sizeof("Invalid MAC received") - 1, "", 0);
}
return -1;
}
} else {
libssh2_error(session, LIBSSH2_ERROR_INVALID_MAC, "Invalid Message Authentication Code received", 0);
if (session->ssh_msg_disconnect) {
LIBSSH2_DISCONNECT(session, SSH_DISCONNECT_MAC_ERROR, "Invalid MAC received", sizeof("Invalid MAC received") - 1, "", 0);
}
return -1;
}
}
/* A couple exceptions to the packet adding rule: */
switch (data[0]) {
case SSH_MSG_DISCONNECT:
{
char *message, *language;
int reason, message_len, language_len;
reason = libssh2_ntohu32(data + 1);
message_len = libssh2_ntohu32(data + 5);
message = data + 9; /* packet_type(1) + reason(4) + message_len(4) */
language_len = libssh2_ntohu32(data + 9 + message_len);
/* This is where we hack on the data a little,
* Use the MSB of language_len to to a terminating NULL (In all liklihood it is already)
* Shift the language tag back a byte (In all likelihood it's zero length anyway
* Store a NULL in the last byte of the packet to terminate the language string
* With the lengths passed this isn't *REALLY* necessary, but it's "kind"
*/
message[message_len] = '\0';
language = data + 9 + message_len + 3;
if (language_len) {
memcpy(language, language + 1, language_len);
}
language[language_len] = '\0';
if (session->ssh_msg_disconnect) {
LIBSSH2_DISCONNECT(session, reason, message, message_len, language, language_len);
}
LIBSSH2_FREE(session, data);
session->socket_state = LIBSSH2_SOCKET_DISCONNECTED;
return -1;
}
break;
case SSH_MSG_IGNORE:
/* As with disconnect, back it up one and add a trailing NULL */
memcpy(data + 4, data + 5, datalen - 5);
data[datalen] = '\0';
if (session->ssh_msg_ignore) {
LIBSSH2_IGNORE(session, data + 4, datalen - 5);
}
LIBSSH2_FREE(session, data);
return 0;
break;
case SSH_MSG_DEBUG:
{
int always_display = data[0];
char *message, *language;
int message_len, language_len;
message_len = libssh2_ntohu32(data + 2);
message = data + 6; /* packet_type(1) + display(1) + message_len(4) */
language_len = libssh2_ntohu32(data + 6 + message_len);
/* This is where we hack on the data a little,
* Use the MSB of language_len to to a terminating NULL (In all liklihood it is already)
* Shift the language tag back a byte (In all likelihood it's zero length anyway
* Store a NULL in the last byte of the packet to terminate the language string
* With the lengths passed this isn't *REALLY* necessary, but it's "kind"
*/
message[message_len] = '\0';
language = data + 6 + message_len + 3;
if (language_len) {
memcpy(language, language + 1, language_len);
}
language[language_len] = '\0';
if (session->ssh_msg_debug) {
LIBSSH2_DEBUG(session, always_display, message, message_len, language, language_len);
}
LIBSSH2_FREE(session, data);
return 0;
}
break;
case SSH_MSG_CHANNEL_EXTENDED_DATA:
data_head += 4; /* streamid(4) */
case SSH_MSG_CHANNEL_DATA:
data_head += 9; /* packet_type(1) + channelno(4) + datalen(4) */
{
LIBSSH2_CHANNEL *channel = libssh2_channel_locate(session, libssh2_ntohu32(data + 1));
if (!channel) {
libssh2_error(session, LIBSSH2_ERROR_CHANNEL_UNKNOWN, "Packet received for unknown channel, ignoring", 0);
LIBSSH2_FREE(session, data);
return 0;
}
if (channel->remote.ignore_extended_data && (data[0] == SSH_MSG_CHANNEL_EXTENDED_DATA)) {
/* Pretend we didn't receive this */
LIBSSH2_FREE(session, data);
if (channel->remote.window_size_initial) {
/* Adjust the window based on the block we just freed */
unsigned char adjust[9];
adjust[0] = SSH_MSG_CHANNEL_WINDOW_ADJUST;
libssh2_htonu32(adjust + 1, channel->remote.id);
libssh2_htonu32(adjust + 5, datalen - 13);
if (libssh2_packet_write(channel->session, adjust, 9)) {
libssh2_error(channel->session, LIBSSH2_ERROR_SOCKET_SEND, "Unable to send transfer-window adjustment packet", 0);
}
}
return 0;
}
/* REMEMBER! remote means remote as source of data, NOT remote window! */
if (channel->remote.packet_size < (datalen - data_head)) {
/* Spec says we MAY ignore bytes sent beyond packet_size */
libssh2_error(session, LIBSSH2_ERROR_CHANNEL_PACKET_EXCEEDED, "Packet contains more data than we offered to receive, truncating", 0);
datalen = channel->remote.packet_size + data_head;
}
if (channel->remote.window_size_initial && (channel->remote.window_size <= 0)) {
/* Spec says we MAY ignore bytes sent beyond window_size */
libssh2_error(session, LIBSSH2_ERROR_CHANNEL_WINDOW_EXCEEDED, "The current receive window is full, data ignored", 0);
LIBSSH2_FREE(session, data);
return 0;
}
/* Reset EOF status */
channel->remote.eof = 0;
if (channel->remote.window_size_initial && ((datalen - data_head) > channel->remote.window_size)) {
libssh2_error(session, LIBSSH2_ERROR_CHANNEL_WINDOW_EXCEEDED, "Remote sent more data than current window allows, truncating", 0);
datalen = channel->remote.window_size + data_head;
} else {
/* Now that we've received it, shrink our window */
channel->remote.window_size -= datalen - data_head;
}
}
break;
case SSH_MSG_CHANNEL_EOF:
{
LIBSSH2_CHANNEL *channel = libssh2_channel_locate(session, libssh2_ntohu32(data + 1));
if (!channel) {
/* We may have freed already, just quietly ignore this... */
LIBSSH2_FREE(session, data);
return 0;
}
channel->remote.eof = 1;
LIBSSH2_FREE(session, data);
return 0;
}
break;
case SSH_MSG_CHANNEL_CLOSE:
{
LIBSSH2_CHANNEL *channel = libssh2_channel_locate(session, libssh2_ntohu32(data + 1));
if (!channel) {
/* We may have freed already, just quietly ignore this... */
LIBSSH2_FREE(session, data);
return 0;
}
channel->remote.close = 1;
/* TODO: Add a callback for this */
LIBSSH2_FREE(session, data);
return 0;
}
break;
}
packet = LIBSSH2_ALLOC(session, sizeof(LIBSSH2_PACKET));
memset(packet, 0, sizeof(LIBSSH2_PACKET));
packet->data = data;
packet->data_len = datalen;
packet->data_head = data_head;
packet->mac = macstate;
packet->brigade = &session->packets;
packet->next = NULL;
if (session->packets.tail) {
packet->prev = session->packets.tail;
packet->prev->next = packet;
session->packets.tail = packet;
} else {
session->packets.head = packet;
session->packets.tail = packet;
packet->prev = NULL;
}
if (data[0] == SSH_MSG_KEXINIT && !session->exchanging_keys) {
/* Remote wants new keys
* Well, it's already in the brigade,
* let's just call back into ourselves
*/
libssh2_kex_exchange(session, 1);
/* If there was a key reexchange failure, let's just hope we didn't send NEWKEYS yet, otherwise remote will drop us like a rock */
}
return 0;
}
/* }}} */
/* {{{ libssh2_blocking_read
* Force a blocking read, regardless of socket settings
*/
static int libssh2_blocking_read(LIBSSH2_SESSION *session, unsigned char *buf, size_t count)
{
size_t bytes_read = 0;
int polls = 0;
while (bytes_read < count) {
int ret;
ret = read(session->socket_fd, buf + bytes_read, count - bytes_read);
if (ret < 0) {
if (errno == EAGAIN) {
if (polls++ > LIBSSH2_SOCKET_POLL_MAXLOOPS) {
return -1;
}
usleep(LIBSSH2_SOCKET_POLL_UDELAY);
continue;
}
if (errno == EINTR) {
continue;
}
if ((errno == EBADF) || (errno == EIO)) {
session->socket_state = LIBSSH2_SOCKET_DISCONNECTED;
}
return -1;
}
if (ret == 0) continue;
bytes_read += ret;
}
return bytes_read;
}
/* }}} */
/* {{{ libssh2_packet_read
* Collect a packet into the input brigade
* block only controls whether or not to wait for a packet to start,
* Once a packet starts, libssh2 will block until it is complete
* Returns packet type added to input brigade (0 if nothing added), or -1 on failure
*/
int libssh2_packet_read(LIBSSH2_SESSION *session, int should_block)
{
int packet_type = -1;
if (session->socket_state == LIBSSH2_SOCKET_DISCONNECTED) {
return 0;
}
fcntl(session->socket_fd, F_SETFL, O_NONBLOCK);
if (session->newkeys) {
unsigned char *block, *payload, *s, tmp[6];
long read_len;
unsigned long blocksize = session->remote.crypt->blocksize;
unsigned long packet_len, payload_len;
int padding_len;
int macstate;
int free_payload = 1;
/* Safely ignored in CUSTOM cipher mode */
EVP_CIPHER_CTX *ctx = (EVP_CIPHER_CTX *)session->remote.crypt_abstract;
/* Temporary Buffer */
block = LIBSSH2_ALLOC(session, 2 * (blocksize > session->remote.mac->mac_len ? blocksize : session->remote.mac->mac_len));
/* Note: If we add any cipher with a blocksize less than 6 we'll need to get more creative with this
* For now, all blocksize sizes are 8+
*/
if (should_block) {
read_len = libssh2_blocking_read(session, block, blocksize);
} else {
read_len = read(session->socket_fd, block, 1);
if (read_len <= 0) {
LIBSSH2_FREE(session, block);
return 0;
}
read_len += libssh2_blocking_read(session, block + read_len, blocksize - read_len);
}
if (read_len < blocksize) {
LIBSSH2_FREE(session, block);
return (session->socket_state == LIBSSH2_SOCKET_DISCONNECTED) ? 0 : -1;
}
if (session->remote.crypt->flags & LIBSSH2_CRYPT_METHOD_FLAG_EVP) {
EVP_Cipher(ctx, block + blocksize, block, blocksize);
memcpy(block, block + blocksize, blocksize);
} else {
if (session->remote.crypt->crypt(session, block, &session->remote.crypt_abstract)) {
libssh2_error(session, LIBSSH2_ERROR_DECRYPT, "Error decrypting packet preamble", 0);
LIBSSH2_FREE(session, block);
return -1;
}
}
packet_len = libssh2_ntohu32(block);
padding_len = block[4];
memcpy(tmp, block, 5); /* Use this for MAC later */
payload_len = packet_len - 1; /* padding_len(1) */
s = payload = LIBSSH2_ALLOC(session, payload_len);
memcpy(s, block + 5, blocksize - 5);
s += blocksize - 5;
while ((s - payload) < payload_len) {
read_len = libssh2_blocking_read(session, block, blocksize);
if (read_len < blocksize) {
LIBSSH2_FREE(session, block);
LIBSSH2_FREE(session, payload);
return -1;
}
if (session->remote.crypt->flags & LIBSSH2_CRYPT_METHOD_FLAG_EVP) {
EVP_Cipher(ctx, block + blocksize, block, blocksize);
memcpy(s, block + blocksize, blocksize);
} else {
if (session->remote.crypt->crypt(session, block, &session->remote.crypt_abstract)) {
libssh2_error(session, LIBSSH2_ERROR_DECRYPT, "Error decrypting packet preamble", 0);
LIBSSH2_FREE(session, block);
LIBSSH2_FREE(session, payload);
return -1;
}
memcpy(s, block, blocksize);
}
s += blocksize;
}
read_len = libssh2_blocking_read(session, block, session->remote.mac->mac_len);
if (read_len < session->remote.mac->mac_len) {
LIBSSH2_FREE(session, block);
LIBSSH2_FREE(session, payload);
return -1;
}
/* Calculate MAC hash */
session->remote.mac->hash(session, block + session->remote.mac->mac_len, session->remote.seqno, tmp, 5, payload, payload_len, &session->remote.mac_abstract);
macstate = (strncmp(block, block + session->remote.mac->mac_len, session->remote.mac->mac_len) == 0) ? LIBSSH2_MAC_CONFIRMED : LIBSSH2_MAC_INVALID;
/* SMG */
if (macstate == LIBSSH2_MAC_INVALID) libssh2_error(session, -255, "EEEK an error!", 0);
session->remote.seqno++;
LIBSSH2_FREE(session, block);
/* Ignore padding */
payload_len -= padding_len;
if (session->remote.comp &&
strcmp(session->remote.comp->name, "none")) {
/* Decompress */
unsigned char *data;
unsigned long data_len;
if (session->remote.comp->comp(session, 0, &data, &data_len, LIBSSH2_PACKET_MAXDECOMP, &free_payload, payload, payload_len, &session->remote.comp_abstract)) {
LIBSSH2_FREE(session, payload);
return -1;
}
if (free_payload) {
LIBSSH2_FREE(session, payload);
payload = data;
payload_len = data_len;
} else {
if (data == payload) {
/* It's not to be freed, because the compression layer reused payload,
* So let's do the same!
*/
payload_len = data_len;
} else {
/* No comp_method actually lets this happen, but let's prepare for the future */
LIBSSH2_FREE(session, payload);
/* We need a freeable struct otherwise the brigade won't know what to do with it */
payload = LIBSSH2_ALLOC(session, data_len);
if (!payload) {
libssh2_error(session, LIBSSH2_ERROR_ALLOC, "Unable to allocate memory for copy of uncompressed data", 0);
LIBSSH2_FREE(session, block);
return -1;
}
memcpy(payload, data, data_len);
payload_len = data_len;
}
}
}
libssh2_packet_add(session, payload, payload_len, macstate);
packet_type = payload[0];
} else { /* No cipher active */
unsigned char *payload;
unsigned char buf[24];
unsigned long buf_len, payload_len;
unsigned long packet_length;
unsigned long padding_length;
if (should_block) {
buf_len = libssh2_blocking_read(session, buf, 5);
} else {
buf_len = read(session->socket_fd, buf, 1);
if (buf_len <= 0) {
return 0;
}
buf_len += libssh2_blocking_read(session, buf, 5 - buf_len);
}
if (buf_len < 5) {
/* Something bad happened */
return -1;
}
packet_length = libssh2_ntohu32(buf);
padding_length = buf[4];
payload_len = packet_length - padding_length - 1; /* padding_length(1) */
payload = LIBSSH2_ALLOC(session, payload_len);
if (libssh2_blocking_read(session, payload, payload_len) < payload_len) {
return (session->socket_state == LIBSSH2_SOCKET_DISCONNECTED) ? 0 : -1;
}
while (padding_length) {
/* Flush padding */
padding_length -= libssh2_blocking_read(session, buf, padding_length);
}
/* MACs don't exist in non-encrypted mode */
libssh2_packet_add(session, payload, payload_len, LIBSSH2_MAC_CONFIRMED);
session->remote.seqno++;
packet_type = payload[0];
}
return packet_type;
}
/* }}} */
/* {{{ libssh2_packet_ask
* Scan the brigade for a matching packet type, optionally poll the socket for a packet first
*/
int libssh2_packet_ask_ex(LIBSSH2_SESSION *session, unsigned char packet_type, unsigned char **data, unsigned long *data_len,
unsigned long match_ofs, const unsigned char *match_buf, unsigned long match_len, int poll_socket)
{
LIBSSH2_PACKET *packet = session->packets.head;
if (poll_socket) {
if (libssh2_packet_read(session, 0) < 0) {
return -1;
}
}
while (packet) {
if (packet->data[0] == packet_type &&
(packet->data_len >= (match_ofs + match_len)) &&
(!match_buf || (strncmp(packet->data + match_ofs, match_buf, match_len) == 0))) {
*data = packet->data;
*data_len = packet->data_len;
if (packet->prev) {
packet->prev->next = packet->next;
} else {
session->packets.head = packet->next;
}
if (packet->next) {
packet->next->prev = packet->prev;
} else {
session->packets.tail = packet->prev;
}
LIBSSH2_FREE(session, packet);
return 0;
}
packet = packet->next;
}
return -1;
}
/* }}} */
/* {{{ libssh2_packet_require
* Loops libssh2_packet_read() until the packet requested is available
* SSH_DISCONNECT will cause a bailout though
*/
int libssh2_packet_require_ex(LIBSSH2_SESSION *session, unsigned char packet_type, unsigned char **data, unsigned long *data_len,
unsigned long match_ofs, const unsigned char *match_buf, unsigned long match_len)
{
if (libssh2_packet_ask_ex(session, packet_type, data, data_len, match_ofs, match_buf, match_len, 0) == 0) {
/* A packet was available in the packet brigade */
return 0;
}
while (session->socket_state == LIBSSH2_SOCKET_CONNECTED) {
int ret = libssh2_packet_read(session, 1);
if (ret < 0) {
return -1;
}
if (ret == 0) continue;
if (packet_type == ret) {
/* Be lazy, let packet_ask pull it out of the brigade */
return libssh2_packet_ask_ex(session, packet_type, data, data_len, match_ofs, match_buf, match_len, 0);
}
}
/* Only reached if the socket died */
return -1;
}
/* }}} */
/* {{{ libssh2_packet_write
* Send a packet, encrypting it and adding a MAC code if necessary
* Returns 0 on success, non-zero on failure
*/
int libssh2_packet_write(LIBSSH2_SESSION *session, unsigned char *data, unsigned long data_len)
{
unsigned long packet_length = data_len + 1;
unsigned long block_size = (session->newkeys) ? session->local.crypt->blocksize : 8;
/* At this point packet_length doesn't include the packet_len field itself */
unsigned long padding_length;
int free_data = 0;
unsigned char buf[246]; /* 6 byte header plus max padding size(240) */
int i;
if (session->newkeys &&
strcmp(session->local.comp->name, "none")) {
if (session->local.comp->comp(session, 1, &data, &data_len, LIBSSH2_PACKET_MAXCOMP, &free_data, data, data_len, &session->local.comp_abstract)) {
return -1;
}
}
fcntl(session->socket_fd, F_SETFL, 0);
packet_length = data_len + 1; /* padding_length(1) -- MAC doesn't count -- Padding to be added soon */
padding_length = block_size - ((packet_length + 4) % block_size);
if (padding_length < 4) {
padding_length += block_size;
}
/* TODO: Maybe add 1 or 2 times block_size to padding_length randomly -- shake things up a bit... */
packet_length += padding_length;
libssh2_htonu32(buf, packet_length);
buf[4] = padding_length;
for (i = 0; i < padding_length; i++) {
/* Make random */
buf[5 + i] = '\0';
}
if (session->newkeys) {
/* Encryption is in effect */
unsigned char *encbuf, *s;
int ret;
/* Safely ignored in CUSTOM cipher mode */
EVP_CIPHER_CTX *ctx = (EVP_CIPHER_CTX *)session->local.crypt_abstract;
/* include packet_length(4) itself and room for the hash at the end */
encbuf = LIBSSH2_ALLOC(session, 4 + packet_length + session->local.mac->mac_len);
if (!encbuf) {
libssh2_error(session, LIBSSH2_ERROR_ALLOC, "Unable to allocate encryption buffer", 0);
if (free_data) {
LIBSSH2_FREE(session, data);
}
return -1;
}
/* Copy packet to encoding buffer */
memcpy(encbuf, buf, 5);
memcpy(encbuf + 5, data, data_len);
memcpy(encbuf + 5 + data_len, buf + 5, padding_length);
if (free_data) {
LIBSSH2_FREE(session, data);
}
/* Calculate MAC hash */
session->local.mac->hash(session, encbuf + 4 + packet_length , session->local.seqno, encbuf, 4 + packet_length, NULL, 0, &session->local.mac_abstract);
/* Encrypt data */
for(s = encbuf; (s - encbuf) < (4 + packet_length) ; s += session->local.crypt->blocksize) {
if (session->local.crypt->flags & LIBSSH2_CRYPT_METHOD_FLAG_EVP) {
EVP_Cipher(ctx, buf, s, session->local.crypt->blocksize);
memcpy(s, buf, session->local.crypt->blocksize);
} else {
session->local.crypt->crypt(session, s, &session->local.crypt_abstract);
}
}
session->local.seqno++;
/* Send It */
ret = ((4 + packet_length + session->local.mac->mac_len) == write(session->socket_fd, encbuf, 4 + packet_length + session->local.mac->mac_len)) ? 0 : -1;
/* Cleanup environment */
LIBSSH2_FREE(session, encbuf);
return ret;
} else { /* LIBSSH2_ENDPOINT_CRYPT_NONE */
/* Simplified write for non-encrypted mode */
struct iovec data_vector[3];
/* Using vectors means we don't have to alloc a new buffer -- a byte saved is a byte earned
* No MAC during unencrypted phase
*/
data_vector[0].iov_base = buf;
data_vector[0].iov_len = 5;
data_vector[1].iov_base = (char*)data;
data_vector[1].iov_len = data_len;
data_vector[2].iov_base = buf + 5;
data_vector[2].iov_len = padding_length;
session->local.seqno++;
/* Ignore this, it can't actually happen :) */
if (free_data) {
LIBSSH2_FREE(session, data);
}
return ((packet_length + 4) == writev(session->socket_fd, data_vector, 3)) ? 0 : 1;
}
}
/* }}} */