74
75
-define(dbg(Debug, Fmt, As), ok).
79
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
81
%% BASIC transport messages
83
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
85
-define(SSH_MSG_DISCONNECT, 1).
86
-define(SSH_MSG_IGNORE, 2).
87
-define(SSH_MSG_UNIMPLEMENTED, 3).
88
-define(SSH_MSG_DEBUG, 4).
89
-define(SSH_MSG_SERVICE_REQUEST, 5).
90
-define(SSH_MSG_SERVICE_ACCEPT, 6).
92
-define(SSH_MSG_KEXINIT, 20).
93
-define(SSH_MSG_NEWKEYS, 21).
96
-record(ssh_msg_disconnect,
99
description, %% string
103
-record(ssh_msg_ignore,
108
-record(ssh_msg_unimplemented,
113
-record(ssh_msg_debug,
115
always_display, %% boolean
121
-record(ssh_msg_service_request,
123
name %% string (service name)
126
-record(ssh_msg_service_accept,
131
-record(ssh_msg_kexinit,
133
cookie, %% random(16)
134
kex_algorithms, %% string
135
server_host_key_algorithms, %% string
136
encryption_algorithms_client_to_server, %% string
137
encryption_algorithms_server_to_client, %% string
138
mac_algorithms_client_to_server, %% string
139
mac_algorithms_server_to_client, %% string
140
compression_algorithms_client_to_server, %% string
141
compression_algorithms_server_to_client, %% string
142
languages_client_to_server, %% string
143
languages_server_to_client, %% string
144
first_kex_packet_follows=false, %% boolean
145
%% (reserved for future extension)
146
reserved=0 %% uint32=0
149
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
153
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
155
%% diffie-hellman-group1-sha1
156
-define(SSH_MSG_KEXDH_INIT, 30).
157
-define(SSH_MSG_KEXDH_REPLY, 31).
159
-record(ssh_msg_kexdh_init,
164
-record(ssh_msg_kexdh_reply,
166
public_host_key, %% string (K_S)
168
h_sig %% string, signature of H
171
-record(ssh_msg_newkeys,
174
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
176
%% KEY DH GEX messages
178
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
180
%% diffie-hellman-group-exchange-sha1
181
-define(SSH_MSG_KEX_DH_GEX_REQUEST_OLD, 30).
182
-define(SSH_MSG_KEX_DH_GEX_REQUEST, 34).
183
-define(SSH_MSG_KEX_DH_GEX_GROUP, 31).
184
-define(SSH_MSG_KEX_DH_GEX_INIT, 32).
185
-define(SSH_MSG_KEX_DH_GEX_REPLY, 33).
187
-record(ssh_msg_kex_dh_gex_request,
194
-record(ssh_msg_kex_dh_gex_request_old,
199
-record(ssh_msg_kex_dh_gex_group,
205
-record(ssh_msg_kex_dh_gex_init,
210
-record(ssh_msg_kex_dh_gex_reply,
212
public_host_key, %% string (K_S)
218
78
-define(SSH_CIPHER_NONE, 0).
219
79
-define(SSH_CIPHER_3DES, 3).
220
80
-define(SSH_CIPHER_AUTHFILE, ?SSH_CIPHER_3DES).
84
%%state, %% what it's waiting for
86
role, %% client | server
87
peer, %% string version of peer address
89
c_vsn, %% client version {Major,Minor}
90
s_vsn, %% server version {Major,Minor}
92
c_version, %% client version string
93
s_version, %% server version string
95
c_keyinit, %% binary payload of kexinit packet
96
s_keyinit, %% binary payload of kexinit packet
100
kex, %% key exchange algorithm
101
hkey, %% host key algorithm
102
key_cb, %% Private/Public key callback module
103
io_cb, %% Interaction callback module
105
send_mac = none, %% send MAC algorithm
106
send_mac_key, %% key used in send MAC algorithm
109
recv_mac = none, %% recv MAC algorithm
110
recv_mac_key, %% key used in recv MAC algorithm
113
encrypt = none, %% encrypt algorithm
114
encrypt_keys, %% encrypt keys
115
encrypt_block_size = 8,
118
decrypt = none, %% decrypt algorithm
119
decrypt_keys, %% decrypt keys
120
decrypt_block_size = 8,
121
decrypt_ctx, %% Decryption context
128
c_lng=none, %% client to server languages
129
s_lng=none, %% server to client languages
131
user_ack = true, %% client
134
shared_secret, %% K from key exchange
135
exchanged_hash, %% H from key exchange
136
session_id, %% same as FIRST exchanged_hash
147
userauth_quiet_mode, % boolean()
148
userauth_supported_methods , %
232
-define(ssh_assert(Expr, Reason),
239
-define(SSH_DISCONNECT_HOST_NOT_ALLOWED_TO_CONNECT, 1).
240
-define(SSH_DISCONNECT_PROTOCOL_ERROR, 2).
241
-define(SSH_DISCONNECT_KEY_EXCHANGE_FAILED, 3).
242
-define(SSH_DISCONNECT_RESERVED, 4).
243
-define(SSH_DISCONNECT_MAC_ERROR, 5).
244
-define(SSH_DISCONNECT_COMPRESSION_ERROR, 6).
245
-define(SSH_DISCONNECT_SERVICE_NOT_AVAILABLE, 7).
246
-define(SSH_DISCONNECT_PROTOCOL_VERSION_NOT_SUPPORTED, 8).
247
-define(SSH_DISCONNECT_HOST_KEY_NOT_VERIFIABLE, 9).
248
-define(SSH_DISCONNECT_CONNECTION_LOST, 10).
249
-define(SSH_DISCONNECT_BY_APPLICATION, 11).
250
-define(SSH_DISCONNECT_TOO_MANY_CONNECTIONS, 12).
251
-define(SSH_DISCONNECT_AUTH_CANCELLED_BY_USER, 13).
252
-define(SSH_DISCONNECT_NO_MORE_AUTH_METHODS_AVAILABLE, 14).
253
-define(SSH_DISCONNECT_ILLEGAL_USER_NAME, 15).
255
%%%----------------------------------------------------------------------
257
%%% Description: Oakley group 14 prime numbers and generator. Used in
258
%%% diffie-hellman-group1-sha1 key exchange method.
259
%%%----------------------------------------------------------------------
260
%%%----------------------------------------------------------------------
262
%%% Description: Prime for this group
263
%%%----------------------------------------------------------------------
266
<<000,000,000,129,000,255,255,255,255,255,255,255,255,201,015,218,
267
162,033,104,194,052,196,198,098,139,128,220,028,209,041,002,078,
268
008,138,103,204,116,002,011,190,166,059,019,155,034,081,074,008,
269
121,142,052,004,221,239,149,025,179,205,058,067,027,048,043,010,
270
109,242,095,020,055,079,225,053,109,109,081,194,069,228,133,181,
271
118,098,094,126,198,244,076,066,233,166,055,237,107,011,255,092,
272
182,244,006,183,237,238,056,107,251,090,137,159,165,174,159,036,
273
017,124,075,031,230,073,040,102,081,236,230,083,129,255,255,255,
274
255,255,255,255,255>>).
276
%%%----------------------------------------------------------------------
278
%%% Description: Generator for DH_14_P.
279
%%%----------------------------------------------------------------------
281
-define(DH_14_G, <<0,0,0,1,2>>).
283
%%%----------------------------------------------------------------------
285
%%% Description: Group order (DH_14_P - 1) / 2.
286
%%%----------------------------------------------------------------------
289
<<000,000,000,128,127,255,255,255,255,255,255,255,228,135,237,081,
290
016,180,097,026,098,099,049,069,192,110,014,104,148,129,039,004,
291
069,051,230,058,001,005,223,083,029,137,205,145,040,165,004,060,
292
199,026,002,110,247,202,140,217,230,157,033,141,152,021,133,054,
293
249,047,138,027,167,240,154,182,182,168,225,034,242,066,218,187,
294
049,047,063,099,122,038,033,116,211,027,246,181,133,255,174,091,
295
122,003,091,246,247,028,053,253,173,068,207,210,215,079,146,008,
296
190,037,143,243,036,148,051,040,246,115,041,192,255,255,255,255,
299
%%%----------------------------------------------------------------------
301
%%% Description: The default server port to connect to.
302
%%%----------------------------------------------------------------------
304
-define(SSH_PORT, 22).
306
%%%----------------------------------------------------------------------
308
%%% Description: The SSH transport protocol version we implement.
309
%%%----------------------------------------------------------------------
311
-define(SSH_VERSION, "2.0").
313
%%%----------------------------------------------------------------------
314
%%% # COMPATIBLE_VERSIONS
315
%%% Description: The SSH transport protocol versions compatible with our
317
%%%----------------------------------------------------------------------
319
-define(SSH_COMPATIBLE_VERSIONS, ["2.0","1.99"]).
321
%%%----------------------------------------------------------------------
322
%%% # SOFTWARE_VERSION
323
%%% Description: The SSH transport protocol versions compatible with our
325
%%%----------------------------------------------------------------------
327
-define(SSH_SOFTWARE_VERSION, "Erlang/OTP").
329
%%%----------------------------------------------------------------------
330
%%% # SSH_VERSION_STRING
331
%%% Description: The string we send when connecting to SSH server.
332
%%%----------------------------------------------------------------------
334
-define(SSH_VERSION_STRING,
335
"SSH-" ++ ?SSH_VERSION ++ "-" ++ ?SSH_SOFTWARE_VERSION).
337
%%%----------------------------------------------------------------------
339
%%% Description: This is what we use to terminate lines in our version of
340
%%% the SSH transport protocol.
341
%%%----------------------------------------------------------------------
343
-define(SSH_LINE_TERM, "\r\n").
345
%%%----------------------------------------------------------------------
346
%%% # SSH_FALSE SSH_TRUE
347
%%% Description: The representation of boolean values in the SSH protocol.
348
%%%----------------------------------------------------------------------
350
-define(SSH_FALSE, 0).
351
-define(SSH_TRUE, 1).
353
%%%----------------------------------------------------------------------
355
%%% Description: The names of algorithms we support.
356
%%%----------------------------------------------------------------------
358
-define(SSH_ALG_KEX_DH_GROUP1, "diffie-hellman-group1-sha1").
359
-define(SSH_ALG_PUB_KEY_DSS, "ssh-dss").
360
-define(SSH_ALG_PUB_KEY_RSA, "ssh-rsa").
361
-define(SSH_ALG_HMAC_SHA1, "hmac-sha1").
362
-define(SSH_ALG_HMAC_MD5, "hmac-md5").
363
-define(SSH_ALG_3DES_CBC, "3des-cbc").
364
-define(SSH_ALG_AES128_CBC, "aes128-cbc").
366
%%%----------------------------------------------------------------------
367
%%% #2.2 DEFINITION OF RECORDS
368
%%%----------------------------------------------------------------------
370
-record(sftp_file_attrs, {size = '_',
377
175
-record(ssh_pty, {term = "", % e.g. "xterm"
added
removed
lib/ssh/src/ssh.hrl
