libssh  0.9.5
The SSH library
session.h
1 /*
2  * This file is part of the SSH Library
3  *
4  * Copyright (c) 2009 by Aris Adamantiadis
5  *
6  * This library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 2.1 of the License, or (at your option) any later version.
10  *
11  * This library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public
17  * License along with this library; if not, write to the Free Software
18  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
19  */
20 
21 #ifndef SESSION_H_
22 #define SESSION_H_
23 #include <stdbool.h>
24 
25 #include "libssh/priv.h"
26 #include "libssh/kex.h"
27 #include "libssh/packet.h"
28 #include "libssh/pcap.h"
29 #include "libssh/auth.h"
30 #include "libssh/channels.h"
31 #include "libssh/poll.h"
32 #include "libssh/config.h"
33 #include "libssh/misc.h"
34 
35 /* These are the different states a SSH session can be into its life */
36 enum ssh_session_state_e {
37  SSH_SESSION_STATE_NONE=0,
38  SSH_SESSION_STATE_CONNECTING,
39  SSH_SESSION_STATE_SOCKET_CONNECTED,
40  SSH_SESSION_STATE_BANNER_RECEIVED,
41  SSH_SESSION_STATE_INITIAL_KEX,
42  SSH_SESSION_STATE_KEXINIT_RECEIVED,
43  SSH_SESSION_STATE_DH,
44  SSH_SESSION_STATE_AUTHENTICATING,
45  SSH_SESSION_STATE_AUTHENTICATED,
46  SSH_SESSION_STATE_ERROR,
47  SSH_SESSION_STATE_DISCONNECTED
48 };
49 
50 enum ssh_dh_state_e {
51  DH_STATE_INIT=0,
52  DH_STATE_GROUP_SENT,
53  DH_STATE_REQUEST_SENT,
54  DH_STATE_INIT_SENT,
55  DH_STATE_NEWKEYS_SENT,
56  DH_STATE_FINISHED
57 };
58 
59 enum ssh_pending_call_e {
60  SSH_PENDING_CALL_NONE = 0,
61  SSH_PENDING_CALL_CONNECT,
62  SSH_PENDING_CALL_AUTH_NONE,
63  SSH_PENDING_CALL_AUTH_PASSWORD,
64  SSH_PENDING_CALL_AUTH_OFFER_PUBKEY,
65  SSH_PENDING_CALL_AUTH_PUBKEY,
66  SSH_PENDING_CALL_AUTH_AGENT,
67  SSH_PENDING_CALL_AUTH_KBDINT_INIT,
68  SSH_PENDING_CALL_AUTH_KBDINT_SEND,
69  SSH_PENDING_CALL_AUTH_GSSAPI_MIC
70 };
71 
72 /* libssh calls may block an undefined amount of time */
73 #define SSH_SESSION_FLAG_BLOCKING 1
74 
75 /* Client successfully authenticated */
76 #define SSH_SESSION_FLAG_AUTHENTICATED 2
77 
78 /* codes to use with ssh_handle_packets*() */
79 /* Infinite timeout */
80 #define SSH_TIMEOUT_INFINITE -1
81 /* Use the timeout defined by user if any. Mostly used with new connections */
82 #define SSH_TIMEOUT_USER -2
83 /* Use the default timeout, depending on ssh_is_blocking() */
84 #define SSH_TIMEOUT_DEFAULT -3
85 /* Don't block at all */
86 #define SSH_TIMEOUT_NONBLOCKING 0
87 
88 /* options flags */
89 /* Authentication with *** allowed */
90 #define SSH_OPT_FLAG_PASSWORD_AUTH 0x1
91 #define SSH_OPT_FLAG_PUBKEY_AUTH 0x2
92 #define SSH_OPT_FLAG_KBDINT_AUTH 0x4
93 #define SSH_OPT_FLAG_GSSAPI_AUTH 0x8
94 
95 /* extensions flags */
96 /* negotiation enabled */
97 #define SSH_EXT_NEGOTIATION 0x01
98 /* server-sig-algs extension */
99 #define SSH_EXT_SIG_RSA_SHA256 0x02
100 #define SSH_EXT_SIG_RSA_SHA512 0x04
101 
102 /* members that are common to ssh_session and ssh_bind */
104  struct error_struct error;
105  ssh_callbacks callbacks; /* Callbacks to user functions */
106  int log_verbosity; /* verbosity of the log functions */
107 };
108 
110  struct ssh_common_struct common;
111  struct ssh_socket_struct *socket;
112  char *serverbanner;
113  char *clientbanner;
114  int protoversion;
115  int server;
116  int client;
117  int openssh;
118  uint32_t send_seq;
119  uint32_t recv_seq;
120  struct ssh_timestamp last_rekey_time;
121 
122  int connected;
123  /* !=0 when the user got a session handle */
124  int alive;
125  /* two previous are deprecated */
126  /* int auth_service_asked; */
127 
128  /* session flags (SSH_SESSION_FLAG_*) */
129  int flags;
130 
131  /* Extensions negotiated using RFC 8308 */
132  uint32_t extensions;
133 
134  ssh_string banner; /* that's the issue banner from
135  the server */
136  char *discon_msg; /* disconnect message from
137  the remote host */
138  ssh_buffer in_buffer;
139  PACKET in_packet;
140  ssh_buffer out_buffer;
141  struct ssh_list *out_queue; /* This list is used for delaying packets
142  when rekeying is required */
143 
144  /* the states are used by the nonblocking stuff to remember */
145  /* where it was before being interrupted */
146  enum ssh_pending_call_e pending_call_state;
147  enum ssh_session_state_e session_state;
148  enum ssh_packet_state_e packet_state;
149  enum ssh_dh_state_e dh_handshake_state;
150  enum ssh_channel_request_state_e global_req_state;
151  struct ssh_agent_state_struct *agent_state;
152 
153  struct {
154  struct ssh_auth_auto_state_struct *auto_state;
155  enum ssh_auth_service_state_e service_state;
156  enum ssh_auth_state_e state;
157  uint32_t supported_methods;
158  uint32_t current_method;
159  } auth;
160 
161  /*
162  * RFC 4253, 7.1: if the first_kex_packet_follows flag was set in
163  * the received SSH_MSG_KEXINIT, but the guess was wrong, this
164  * field will be set such that the following guessed packet will
165  * be ignored. Once that packet has been received and ignored,
166  * this field is cleared.
167  */
168  int first_kex_follows_guess_wrong;
169 
170  ssh_buffer in_hashbuf;
171  ssh_buffer out_hashbuf;
172  struct ssh_crypto_struct *current_crypto;
173  struct ssh_crypto_struct *next_crypto; /* next_crypto is going to be used after a SSH2_MSG_NEWKEYS */
174 
175  struct ssh_list *channels; /* linked list of channels */
176  int maxchannel;
177  ssh_agent agent; /* ssh agent */
178 
179 /* keyb interactive data */
180  struct ssh_kbdint_struct *kbdint;
181  struct ssh_gssapi_struct *gssapi;
182 
183  /* server host keys */
184  struct {
185  ssh_key rsa_key;
186  ssh_key dsa_key;
187  ssh_key ecdsa_key;
188  ssh_key ed25519_key;
189  /* The type of host key wanted by client */
190  enum ssh_keytypes_e hostkey;
191  enum ssh_digest_e hostkey_digest;
192  } srv;
193 
194  /* auths accepted by server */
195  struct ssh_list *ssh_message_list; /* list of delayed SSH messages */
196  int (*ssh_message_callback)( struct ssh_session_struct *session, ssh_message msg, void *userdata);
197  void *ssh_message_callback_data;
198  ssh_server_callbacks server_callbacks;
199  void (*ssh_connection_callback)( struct ssh_session_struct *session);
200  struct ssh_packet_callbacks_struct default_packet_callbacks;
201  struct ssh_list *packet_callbacks;
202  struct ssh_socket_callbacks_struct socket_callbacks;
203  ssh_poll_ctx default_poll_ctx;
204  /* options */
205 #ifdef WITH_PCAP
206  ssh_pcap_context pcap_ctx; /* pcap debugging context */
207 #endif
208  struct {
209  struct ssh_list *identity;
210  char *username;
211  char *host;
212  char *bindaddr; /* bind the client to an ip addr */
213  char *sshdir;
214  char *knownhosts;
215  char *global_knownhosts;
216  char *wanted_methods[SSH_KEX_METHODS];
217  char *pubkey_accepted_types;
218  char *ProxyCommand;
219  char *custombanner;
220  unsigned long timeout; /* seconds */
221  unsigned long timeout_usec;
222  unsigned int port;
223  socket_t fd;
224  int StrictHostKeyChecking;
225  char compressionlevel;
226  char *gss_server_identity;
227  char *gss_client_identity;
228  int gss_delegate_creds;
229  int flags;
230  int nodelay;
231  bool config_processed;
232  uint8_t options_seen[SOC_MAX];
233  uint64_t rekey_data;
234  uint32_t rekey_time;
235  } opts;
236  /* counters */
237  ssh_counter socket_counter;
238  ssh_counter raw_counter;
239 };
240 
246 typedef int (*ssh_termination_function)(void *user);
247 int ssh_handle_packets(ssh_session session, int timeout);
248 int ssh_handle_packets_termination(ssh_session session,
249  long timeout,
250  ssh_termination_function fct,
251  void *user);
252 void ssh_socket_exception_callback(int code, int errno_code, void *user);
253 
254 #endif /* SESSION_H_ */
ssh_socket_callbacks_struct
Definition: callbacks.h:378
ssh_key_struct
Definition: pki.h:50
ssh_callbacks_struct
Definition: callbacks.h:142
ssh_poll_ctx_struct
Definition: poll.c:76
ssh_auth_auto_state_struct
Definition: auth.c:971
ssh_counter_struct
Definition: libssh.h:93
ssh_gssapi_struct
Definition: gssapi.c:48
ssh_kbdint_struct
Definition: auth.h:37
ssh_message_struct
Definition: messages.h:84
packet_struct
Definition: packet.h:29
ssh_crypto_struct
Definition: crypto.h:106
ssh_buffer_struct
Definition: buffer.c:47
ssh_socket_struct
Definition: socket.c:78
ssh_common_struct
Definition: session.h:103
ssh_agent_struct
Definition: agent.h:73
ssh_session_struct
Definition: session.h:109
ssh_agent_state_struct
Definition: auth.c:833
ssh_timestamp
Definition: misc.h:49
ssh_string_struct
Definition: string.h:29
ssh_packet_callbacks_struct
Definition: callbacks.h:530
ssh_server_callbacks_struct
Definition: callbacks.h:304
error_struct
Definition: priv.h:254
ssh_list
Definition: misc.h:39