1/*
2 * This file is part of the SSH Library
3 *
4 * Copyright (c) 2009 by Aris Adamantiadis
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
19 */
20
21#ifndef SESSION_H_
22#define SESSION_H_
23#include "libssh/priv.h"
24#include "libssh/kex.h"
25#include "libssh/packet.h"
26#include "libssh/pcap.h"
27#include "libssh/auth.h"
28#include "libssh/channels.h"
29#include "libssh/poll.h"
30
31/* These are the different states a SSH session can be into its life */
32enum ssh_session_state_e {
33 SSH_SESSION_STATE_NONE=0,
34 SSH_SESSION_STATE_CONNECTING,
35 SSH_SESSION_STATE_SOCKET_CONNECTED,
36 SSH_SESSION_STATE_BANNER_RECEIVED,
37 SSH_SESSION_STATE_INITIAL_KEX,
38 SSH_SESSION_STATE_KEXINIT_RECEIVED,
39 SSH_SESSION_STATE_DH,
40 SSH_SESSION_STATE_AUTHENTICATING,
41 SSH_SESSION_STATE_AUTHENTICATED,
42 SSH_SESSION_STATE_ERROR,
43 SSH_SESSION_STATE_DISCONNECTED
44};
45
46enum ssh_dh_state_e {
47 DH_STATE_INIT=0,
48 DH_STATE_INIT_SENT,
49 DH_STATE_NEWKEYS_SENT,
50 DH_STATE_FINISHED
51};
52
53enum ssh_pending_call_e {
54 SSH_PENDING_CALL_NONE = 0,
55 SSH_PENDING_CALL_CONNECT,
56 SSH_PENDING_CALL_AUTH_NONE,
57 SSH_PENDING_CALL_AUTH_PASSWORD,
58 SSH_PENDING_CALL_AUTH_OFFER_PUBKEY,
59 SSH_PENDING_CALL_AUTH_PUBKEY,
60 SSH_PENDING_CALL_AUTH_AGENT,
61 SSH_PENDING_CALL_AUTH_KBDINT_INIT,
62 SSH_PENDING_CALL_AUTH_KBDINT_SEND,
63 SSH_PENDING_CALL_AUTH_GSSAPI_MIC
64};
65
66/* libssh calls may block an undefined amount of time */
67#define SSH_SESSION_FLAG_BLOCKING 1
68
69/* Client successfully authenticated */
70#define SSH_SESSION_FLAG_AUTHENTICATED 2
71
72/* codes to use with ssh_handle_packets*() */
73/* Infinite timeout */
74#define SSH_TIMEOUT_INFINITE -1
75/* Use the timeout defined by user if any. Mostly used with new connections */
76#define SSH_TIMEOUT_USER -2
77/* Use the default timeout, depending on ssh_is_blocking() */
78#define SSH_TIMEOUT_DEFAULT -3
79/* Don't block at all */
80#define SSH_TIMEOUT_NONBLOCKING 0
81
82/* members that are common to ssh_session and ssh_bind */
83struct ssh_common_struct {
84 struct error_struct error;
85 ssh_callbacks callbacks; /* Callbacks to user functions */
86 int log_verbosity; /* verbosity of the log functions */
87};
88
89struct ssh_session_struct {
90 struct ssh_common_struct common;
91 struct ssh_socket_struct *socket;
92 char *serverbanner;
93 char *clientbanner;
94 int protoversion;
95 int server;
96 int client;
97 int openssh;
98 uint32_t send_seq;
99 uint32_t recv_seq;
100
101 int connected;
102 /* !=0 when the user got a session handle */
103 int alive;
104 /* two previous are deprecated */
105 /* int auth_service_asked; */
106
107 /* session flags (SSH_SESSION_FLAG_*) */
108 int flags;
109
110 ssh_string banner; /* that's the issue banner from
111 the server */
112 char *discon_msg; /* disconnect message from
113 the remote host */
114 ssh_buffer in_buffer;
115 PACKET in_packet;
116 ssh_buffer out_buffer;
117
118 /* the states are used by the nonblocking stuff to remember */
119 /* where it was before being interrupted */
120 enum ssh_pending_call_e pending_call_state;
121 enum ssh_session_state_e session_state;
122 int packet_state;
123 enum ssh_dh_state_e dh_handshake_state;
124 enum ssh_auth_service_state_e auth_service_state;
125 enum ssh_auth_state_e auth_state;
126 enum ssh_channel_request_state_e global_req_state;
127 struct ssh_agent_state_struct *agent_state;
128 struct ssh_auth_auto_state_struct *auth_auto_state;
129
130 /*
131 * RFC 4253, 7.1: if the first_kex_packet_follows flag was set in
132 * the received SSH_MSG_KEXINIT, but the guess was wrong, this
133 * field will be set such that the following guessed packet will
134 * be ignored. Once that packet has been received and ignored,
135 * this field is cleared.
136 */
137 int first_kex_follows_guess_wrong;
138
139 ssh_buffer in_hashbuf;
140 ssh_buffer out_hashbuf;
141 struct ssh_crypto_struct *current_crypto;
142 struct ssh_crypto_struct *next_crypto; /* next_crypto is going to be used after a SSH2_MSG_NEWKEYS */
143
144 struct ssh_list *channels; /* linked list of channels */
145 int maxchannel;
146 int exec_channel_opened; /* version 1 only. more
147 info in channels1.c */
148 ssh_agent agent; /* ssh agent */
149
150/* keyb interactive data */
151 struct ssh_kbdint_struct *kbdint;
152 struct ssh_gssapi_struct *gssapi;
153 int version; /* 1 or 2 */
154 /* server host keys */
155 struct {
156 ssh_key rsa_key;
157 ssh_key dsa_key;
158 ssh_key ecdsa_key;
159 ssh_key ed25519_key;
160 /* The type of host key wanted by client */
161 enum ssh_keytypes_e hostkey;
162 } srv;
163 /* auths accepted by server */
164 int auth_methods;
165 struct ssh_list *ssh_message_list; /* list of delayed SSH messages */
166 int (*ssh_message_callback)( struct ssh_session_struct *session, ssh_message msg, void *userdata);
167 void *ssh_message_callback_data;
168 ssh_server_callbacks server_callbacks;
169 void (*ssh_connection_callback)( struct ssh_session_struct *session);
170 struct ssh_packet_callbacks_struct default_packet_callbacks;
171 struct ssh_list *packet_callbacks;
172 struct ssh_socket_callbacks_struct socket_callbacks;
173 ssh_poll_ctx default_poll_ctx;
174 /* options */
175#ifdef WITH_PCAP
176 ssh_pcap_context pcap_ctx; /* pcap debugging context */
177#endif
178 struct {
179 struct ssh_list *identity;
180 char *username;
181 char *host;
182 char *bindaddr; /* bind the client to an ip addr */
183 char *sshdir;
184 char *knownhosts;
185 char *wanted_methods[10];
186 char *ProxyCommand;
187 char *custombanner;
188 unsigned long timeout; /* seconds */
189 unsigned long timeout_usec;
190 unsigned int port;
191 socket_t fd;
192 int StrictHostKeyChecking;
193 int ssh2;
194 int ssh1;
195 char compressionlevel;
196 char *gss_server_identity;
197 char *gss_client_identity;
198 int gss_delegate_creds;
199 } opts;
200 /* counters */
201 ssh_counter socket_counter;
202 ssh_counter raw_counter;
203};
204
205/** @internal
206 * @brief a termination function evaluates the status of an object
207 * @param user[in] object to evaluate
208 * @returns 1 if the polling routine should terminate, 0 instead
209 */
210typedef int (*ssh_termination_function)(void *user);
211int ssh_handle_packets(ssh_session session, int timeout);
212int ssh_handle_packets_termination(ssh_session session, int timeout,
213 ssh_termination_function fct, void *user);
214void ssh_socket_exception_callback(int code, int errno_code, void *user);
215
216#endif /* SESSION_H_ */
217