Plan 9 from Bell Labs’s /usr/web/sources/contrib/blstuart/ssh/transport.c

Copyright © 2021 Plan 9 Foundation.
Distributed under the MIT License.
Download the Plan 9 distribution.


#include <u.h>
#include <libc.h>
#include <mp.h>
#include <fcall.h>
#include <thread.h>
#include <9p.h>
#include <libsec.h>
#include <ip.h>
#include "sshtun.h"

extern Cipher *cryptos[];

Packet *
new_packet(Conn *c)
{
	Packet *p;

	p = emalloc9p(sizeof(Packet));
	init_packet(p);
	p->c = c;
	return p;
}

void
init_packet(Packet *p)
{
	memset(p, 0, sizeof(Packet));
	p->rlength = 1;
}

void
add_byte(Packet *p, char c)
{
	p->payload[p->rlength-1] = c;
	p->rlength++;
}

void
add_uint32(Packet *p, ulong l)
{
	hnputl(p->payload+p->rlength-1, l);
	p->rlength += 4;
}

ulong
get_uint32(Packet *, uchar **data)
{
	ulong x;
	x = nhgetl(*data);
	*data += 4;
	return x;
}

int
add_packet(Packet *p, void *data, int len)
{
	if(p->rlength + len > 32768)
		return -1;
	memmove(p->payload + p->rlength - 1, data, len);
	p->rlength += len;
	return 0;
}

void
add_block(Packet *p, void *data, int len)
{
	hnputl(p->payload + p->rlength - 1, len);
	p->rlength += 4;
	add_packet(p, data, len);
}

void 
add_string(Packet *p, char *s)
{
	uchar *q;
	int n;
	uchar nn[4];

	n = strlen(s);
	hnputl(nn, n);
	q = p->payload + p->rlength - 1;
	memmove(q, nn, 4);
	memmove(q+4, s, n);
	p->rlength += n + 4;
}

uchar *
get_string(Packet *p, uchar *q, char *s, int lim, int *len)
{
	int n, m;

	if (p && q > p->payload + p->rlength)
		s[0] = '\0';
	m = nhgetl(q);
	q += 4;
	if(m < lim)
		n = m;
	else
		n = lim - 1;
	memmove(s, q, n);
	s[n] = '\0';
	q += m;
	if(len)
		*len = n;
	return q;
}

void
add_mp(Packet *p, mpint *x)
{
	uchar *q;
	int n;

	q = p->payload + p->rlength - 1;
	n = mptobe(x, q + 4, 35000 - p->rlength + 1 - 4, nil);
	if(q[4] & 0x80){
		memmove(q + 5, q + 4, n);
		q[4] = 0;
		n++;
	}
	hnputl(q, n);
	p->rlength += n + 4;
}

mpint *
get_mp(uchar *q)
{
	int n;

	n = nhgetl(q);
	q += 4;
	return betomp(q, n, nil);
}

int
finish_packet(Packet *p)
{
	Conn *c;
	uchar *q, *buf;
	int blklen, i, n2, n1, maclen;

	c = p->c;
	blklen = 8;
	if(debug > 1)
		fprint(2, "In finish packet: enc:%d outmac:%d len:%ld\n", c->encrypt, c->outmac, p->rlength);
	if(c && c->encrypt != -1){
		blklen = cryptos[c->encrypt]->blklen;
		if(blklen < 8)
			blklen = 8;
	}
	n1 = p->rlength - 1;
	n2 = blklen - ((n1 + 5) % blklen);
	if(n2 < 4)
		n2 += blklen;
	p->pad_len = n2;
	for(i = 0, q = p->payload + n1; i < n2; ++i, ++q)
		*q = fastrand();
	p->rlength = n1 + n2 + 1;
	hnputl(p->nlength, p->rlength);
	maclen = 0;
	if(c && c->outmac != -1){
		maclen = SHA1dlen;
		buf = emalloc9p(35000);
		hnputl(buf, c->outseq);
		memmove(buf + 4, p->nlength, p->rlength + 4);
		hmac_sha1(buf, p->rlength + 8, c->outik, maclen, q, nil);
		free(buf);
	}
	if(c && c->encrypt != -1)
		cryptos[c->encrypt]->encrypt(c->enccs, p->nlength, p->rlength + 4);
	c->outseq++;
	if(debug > 1)
		fprint(2, "leaving finish packet: len:%ld n1:%d n2:%d maclen:%d\n", p->rlength, n1, n2, maclen);
	return p->rlength + 4 + maclen;
}

/*
 * The first blklen bytes are already decrypted so we could find the
 * length.
 */
int
undo_packet(Packet *p)
{
	Conn *c;
	long nlength;
	int nb;
	uchar rmac[SHA1dlen], *buf;

	c = p->c;
	nb = 4;
	if(c->decrypt != -1)
		nb = cryptos[c->decrypt]->blklen;
	if(c->inmac != -1)
		p->rlength -= 20;
	nlength = nhgetl(p->nlength);
	if(c->decrypt != -1)
		cryptos[c->decrypt]->decrypt(c->deccs, p->nlength + nb, p->rlength + 4 - nb);
	if(c->inmac != -1){
		buf = emalloc9p(35000);
		hnputl(buf, c->inseq);
		memmove(buf + 4, p->nlength, nlength + 4);
		hmac_sha1(buf, nlength + 8, c->inik, SHA1dlen, rmac, nil);
		free(buf);
		if(memcmp(rmac, p->payload + nlength - 1, SHA1dlen) != 0){
			fprint(2, "Received MAC verification failed: seq=%d\n", c->inseq);
			return -1;
		}
	}
	c->inseq++;
	p->rlength -= p->pad_len;
	p->pad_len = 0;
	return p->rlength - 1;
}

void
dump_packet(Packet *p)
{
	int i;
	char *buf, *q, *e;

	fprint(2, "Length: %ld, Padding length: %d\n", p->rlength, p->pad_len);
	buf = emalloc9p(4096);
	e = buf + 4096;
	q = buf;
	for(i = 0; i < p->rlength - 1; ++i){
		q = seprint(q, e, " %02x", p->payload[i]);
		if(i % 16 == 15)
			q = seprint(q, e, "\n");
		if((q - buf) > 4092){
			fprint(2, "%s", buf);
			q = buf;
		}
	}
	fprint(2, "%s\n", buf);
	free(buf);
}

Bell Labs OSI certified Powered by Plan 9

(Return to Plan 9 Home Page)

Copyright © 2021 Plan 9 Foundation. All Rights Reserved.
Comments to [email protected].