WebSVN – Kolibri OS – Diff – /programs/network/ssh/ssh.asm

 ;    along with this program.  If not, see .
 format binary as ""
-__DEBUG__       = 1
+__DEBUG__               = 1
+__DEBUG_LEVEL__         = 2             ; 1: Everything, including sensitive information, 2: Debugging, 3: Errors only
 __DEBUG_LEVEL__ = 3             ; 1: Everything, including sinsitive information, 2: Debugging, 3: Errors only
 BUFFERSIZE              = 64*1024       ; Must be at least 32K according rfc4253#section-6.1
+PACKETSIZE              = 32*1024       ; Must be at least 32K according rfc4253#section-6.1
+MAX_BITS                = 8192
+DH_PRIVATE_KEY_SIZE     = 256
+MAX_INPUT_LENGTH        = 255 ;;; WHAT WAS THIS AGAIN ?!
-BUFFERSIZE      = 4096
+MAX_USERNAME_LENGTH     = 256
-MAX_BITS        = 8192
+MAX_PASSWORD_LENGTH     = 256
 MAX_HOSTNAME_LENGTH     = 4096
 include '../../dll.inc'
 include '../../debug-fdo.inc'
 include '../../network.inc'
 include '../../develop/libraries/libcrash/trunk/libcrash.inc'
-include 'mcodes.inc'
-include 'ssh_transport.inc'
-include 'dh_gex.inc'
-include 'mpint.inc'
-include 'seed.inc'
-include 'random.inc'
-include 'aes256.inc'
-include 'aes256-ctr.inc'
-include 'aes256-cbc.inc'
-include 'blowfish.inc'
-include 'blowfish-ctr.inc'
-include 'blowfish-cbc.inc'
-include 'hmac_sha256.inc'
-include 'hmac_sha1.inc'
-include 'hmac_md5.inc'
 ; macros for network byte order
 macro dd_n op {
    dd 0 or (((op) and 0FF000000h) shr 24) or \
            (((op) and 000FF0000h) shr  8) or \
 macro dw_n op {
    dw 0 or (((op) and 0FF00h) shr 8) or \
            (((op) and 000FFh) shl 8)
+}
+macro str string {
+    local .start, .stop
+    dd_n (.stop-.start)
+    .start db string
+    .stop:
+}
 proc dump_hex _ptr, _length
 if __DEBUG_LEVEL__ <= 1
         pushad
         popad
 end if
         ret
 endp
+macro DEBUGM l, s, m {
+if __DEBUG__
+        DEBUGF  l, s
+  if l >=__DEBUG_LEVEL__
+        stdcall mpint_print, m
+  end if
+end if
-struct  ssh_connection
+}
+include 'mpint.inc'
+include 'seed.inc'
+include 'random.inc'
+include 'aes256.inc'
+include 'aes256-ctr.inc'
-; Connection
+include 'aes256-cbc.inc'
-        hostname                rb 1024
-        socketnum               dd ?
-        sockaddr                dw ?            ; Address family
-        port                    dw ?
-        ip                      dd ?
-                                rb 10
-; Encryption/Decryption
-        rx_crypt_proc           dd ?
-        tx_crypt_proc           dd ?
-        rx_crypt_ctx_ptr        dd ?
-        tx_crypt_ctx_ptr        dd ?
-        rx_crypt_blocksize      dd ?
-        tx_crypt_blocksize      dd ?
-; Padding
+include 'blowfish.inc'
-;        rx_padsize              dd ?    ; = Max(8, rx_crypt_blocksize)
-        tx_pad_size             dd ?    ; = Max(8, tx_crypt_blocksize)
-        tx_pad_proc             dd ?
-; Message authentication
-        rx_mac_proc             dd ?
-        tx_mac_proc             dd ?
-        rx_mac_ctx              hmac_sha256_context
-        tx_mac_ctx              hmac_sha256_context
-        rx_mac_length           dd ?
-        tx_mac_length           dd ?
-; Buffers
-        rx_seq                  dd ?            ; Packet sequence number for MAC
-        rx_buffer               ssh_packet_header
-                                rb BUFFERSIZE-sizeof.ssh_packet_header
-        tx_seq                  dd ?            ; Packet sequence number for MAC
-        tx_buffer               ssh_packet_header
+include 'blowfish-ctr.inc'
-                                rb BUFFERSIZE-sizeof.ssh_packet_header
-        send_data               dw ?
-; Output from key exchange
-        dh_K                    dd ?            ; Shared Secret (Big endian)
-                                rb MAX_BITS/8
-        dh_K_length             dd ?            ; Length in little endian
-        dh_H                    rb 32           ; Exchange Hash
-        session_id_prefix       db ?
-        session_id              rb 32
-        rx_iv                   rb 32           ; Rx initialisation vector
-        tx_iv                   rb 32           ; Tx initialisation vector
-        rx_enc_key              rb 32           ; Rx encryption key
-        tx_enc_key              rb 32           ; Tx encryption key
-        rx_int_key              rb 32           ; Rx integrity key
-        tx_int_key              rb 32           ; Tx integrity key
-; Diffie Hellman
-        dh_p                    dd ?
-                                rb MAX_BITS/8
-        dh_g                    dd ?
-                                rb MAX_BITS/8
-        dh_x                    dd ?
-                                rb MAX_BITS/8
-        dh_e                    dd ?
-                                rb MAX_BITS/8
-        dh_f                    dd ?
-                                rb MAX_BITS/8
+include 'blowfish-cbc.inc'
+include 'hmac_sha256.inc'
+include 'hmac_sha1.inc'
+include 'hmac_md5.inc'
+include 'sshlib.inc'
-        dh_signature            dd ?
-                                rb MAX_BITS/8
+include 'sshlib_mcodes.inc'
 include 'sshlib_transport.inc'
-        temp_ctx                crash_ctx
+include 'sshlib_connection.inc'
-        k_h_ctx                 crash_ctx
+include 'sshlib_dh_gex.inc'
 include 'sshlib_host.inc'
-        mpint_tmp               dd ?
+include 'sshlib_channel.inc'
-                                rb MAX_BITS/8
+include 'sshlib_userauth.inc'
-ends
+include 'encodings.inc'         ; Unfortunately, we dont have UTF-8 capable console yet :(
 start:
         mcall   68, 11          ; Init heap
-        DEBUGF  2, "SSH: Loading libraries\n"
-        stdcall dll.Load, @IMPORT
+        DEBUGF  2, "SSH: Loading libraries\n"
-        test    eax, eax
+        stdcall dll.Load, @IMPORT
-        jnz     exit
+        test    eax, eax
         jnz     main.fail
         DEBUGF  2, "SSH: Init PRNG\n"
-        call    create_seed
+        DEBUGF  2, "SSH: Init PRNG\n"
-        call    init_random
+        call    create_seed
+        call    init_random
+        DEBUGF  2, "SSH: Init Console\n"
-        DEBUGF  2, "SSH: Init Console\n"
+        invoke  con_start, 1
-        invoke  con_start, 1
+        invoke  con_init, 80, 25, 800, 250, title
         invoke  con_init, 80, 25, 80, 25, title
+        cmp     byte[params], 0
-; Check for parameters TODO
+        jne     main.connect
 ;        cmp     byte[params], 0
-;        jne     resolve
+main:
+        invoke  con_cls
-main:
+; Welcome user
-        invoke  con_cls
+        invoke  con_write_asciiz, str1a
-; Welcome user
-        invoke  con_write_asciiz, str1
-prompt:
-; write prompt
-        invoke  con_write_asciiz, str2
-; read string
-        mov     esi, con.hostname
-        invoke  con_gets, esi, 256
-; check for exit
-        test    eax, eax
-        jz      done
-        cmp     byte[esi], 10
-        jz      done
-resolve:
-        mov     [con.sockaddr], AF_INET4
-        mov     [con.port], 22 shl 8
-; delete terminating '\n'
-        mov     esi, con.hostname
-  @@:
-        lodsb
-        cmp     al, ':'
-        je      .do_port
-        cmp     al, 0x20
-        ja      @r
-        mov     byte[esi-1], 0
-        jmp     .done
-  .do_port:
-        xor     eax, eax
-        xor     ebx, ebx
-        mov     byte[esi-1], 0
-  .portloop:
-        lodsb
-        cmp     al, 0x20
-        jbe     .port_done
-        sub     al, '0'
-        jb      hostname_error
-        cmp     al, 9
-        ja      hostname_error
-        lea     ebx, [ebx*4+ebx]
-        shl     ebx, 1
-        add     ebx, eax
-        jmp     .portloop
-  .port_done:
-        xchg    bl, bh
-        mov     [con.port], bx
-  .done:
-; resolve name
-        push    esp     ; reserve stack place
-        push    esp
-        invoke  getaddrinfo, con.hostname, 0, 0
-        pop     esi
-; test for error
-        test    eax, eax
-        jnz     dns_error
-        invoke  con_write_asciiz, str3
-        invoke  con_write_asciiz, con.hostname
-; write results
-        invoke  con_write_asciiz, str8
-; convert IP address to decimal notation
-        mov     eax, [esi+addrinfo.ai_addr]
-        mov     eax, [eax+sockaddr_in.sin_addr]
-        mov     [con.ip], eax
-        invoke  inet_ntoa, eax
-; write result
-        invoke  con_write_asciiz, eax
-; free allocated memory
-        invoke  freeaddrinfo, esi
-        invoke  con_write_asciiz, str9
-        mcall   40, EVM_STACK + EVM_KEY
-; Create socket
-        mcall   socket, AF_INET4, SOCK_STREAM, 0
-        cmp     eax, -1
-        jz      socket_err
-        mov     [con.socketnum], eax
-; Connect
-        DEBUGF  2, "Connecting to server\n"
-        mcall   connect, [con.socketnum], con.sockaddr, 18
-        test    eax, eax
-        jnz     socket_err
-; Start calculating hash
-        invoke  sha256_init, con.temp_ctx
-; HASH: string  V_C, the client's version string (CR and NL excluded)
-        invoke  sha256_update, con.temp_ctx, ssh_ident_ha, ssh_ident.length+4-2
-; >> Send our identification string
-        DEBUGF  2, "Sending ID string\n"
-        mcall   send, [con.socketnum], ssh_ident, ssh_ident.length, 0
-        cmp     eax, -1
-        je      socket_err
-; << Check protocol version of server
-        mcall   recv, [con.socketnum], con.rx_buffer, BUFFERSIZE, 0
-        cmp     eax, -1
-        je      socket_err
-        DEBUGF  2, "Received ID string\n"
-        cmp     dword[con.rx_buffer], "SSH-"
-        jne     proto_err
-        cmp     dword[con.rx_buffer+4], "2.0-"
-        jne     proto_err
-; HASH: string  V_S, the server's version string (CR and NL excluded)
-        lea     edx, [eax+2]
-        sub     eax, 2
-        bswap   eax
-        mov     dword[con.rx_buffer-4], eax
-        invoke  sha256_update, con.temp_ctx, con.rx_buffer-4, edx
-; >> Key Exchange init
-        mov     [con.rx_seq], 0
-        mov     [con.tx_seq], 0
-        mov     [con.rx_crypt_blocksize], 4             ; minimum blocksize
-        mov     [con.tx_crypt_blocksize], 4
-        mov     [con.rx_crypt_proc], 0
-        mov     [con.tx_crypt_proc], 0
-        mov     [con.rx_mac_proc], 0
-        mov     [con.tx_mac_proc], 0
-        mov     [con.rx_mac_length], 0
-        mov     [con.tx_mac_length], 0
-;        mov     [con.rx_padsize], 8                     ; minimum padsize
-        mov     [con.tx_pad_size], 8
-        mov     [con.tx_pad_proc], padding_zero
-        DEBUGF  2, "Sending KEX init\n"
-        mov     edi, ssh_kex.cookie
-        call    MBRandom
-        stosd
-        call    MBRandom
-        stosd
-        call    MBRandom
-        stosd
-        call    MBRandom
-        stosd
-        stdcall ssh_send_packet, con, ssh_kex, ssh_kex.length, 0
-        cmp     eax, -1
-        je      socket_err
-; HASH: string  I_C, the payload of the client's SSH_MSG_KEXINIT
-        mov     eax, dword[con.tx_buffer+ssh_packet_header.packet_length]
-        bswap   eax
-        movzx   ebx, [con.tx_buffer+ssh_packet_header.padding_length]
-        sub     eax, ebx
-        dec     eax
-        lea     edx, [eax+4]
-        bswap   eax
-        mov     dword[con.tx_buffer+1], eax
-        invoke  sha256_update, con.temp_ctx, con.tx_buffer+1, edx
-; << Check key exchange init of server
-        stdcall ssh_recv_packet, con, 0
-        cmp     eax, -1
-        je      socket_err
-        cmp     [con.rx_buffer.message_code], SSH_MSG_KEXINIT
-        jne     proto_err
-        DEBUGF  2, "Received KEX init\n"
-        lea     esi, [con.rx_buffer+sizeof.ssh_packet_header+16]
-        lodsd
-        bswap   eax
-        DEBUGF  1, "kex_algorithms: %s\n", esi
-        add     esi, eax
-        lodsd
-        bswap   eax
-        DEBUGF  1, "server_host_key_algorithms: %s\n", esi
-        add     esi, eax
-        lodsd
-        bswap   eax
-        DEBUGF  1, "encryption_algorithms_client_to_server: %s\n", esi
-        add     esi, eax
-        lodsd
-        bswap   eax
-        DEBUGF  1, "encryption_algorithms_server_to_client: %s\n", esi
-        add     esi, eax
-        lodsd
-        bswap   eax
-        DEBUGF  1, "mac_algorithms_client_to_server: %s\n", esi
-        add     esi, eax
-        lodsd
-        bswap   eax
-        DEBUGF  1, "mac_algorithms_server_to_client: %s\n", esi
-        add     esi, eax
-        lodsd
-        bswap   eax
-        DEBUGF  1, "compression_algorithms_client_to_server: %s\n", esi
-        add     esi, eax
-        lodsd
-        bswap   eax
-        DEBUGF  1, "compression_algorithms_server_to_client: %s\n", esi
-        add     esi, eax
-        lodsd
-        bswap   eax
-        DEBUGF  1, "languages_client_to_server: %s\n", esi
-        add     esi, eax
-        lodsd
-        bswap   eax
-        DEBUGF  1, "languages_server_to_client: %s\n", esi
-        add     esi, eax
-        lodsb
-        DEBUGF  1, "KEX First Packet Follows: %u\n", al
-; TODO: parse this structure and init procedures accordingly
-; HASH: string I_S, the payload of the servers's SSH_MSG_KEXINIT
-        mov     eax, dword[con.rx_buffer+ssh_packet_header.packet_length]
-        movzx   ebx, [con.rx_buffer+ssh_packet_header.padding_length]
-        sub     eax, ebx
-        dec     eax
-        lea     edx, [eax+4]
-        bswap   eax
-        mov     dword[con.rx_buffer+sizeof.ssh_packet_header-5], eax
-        invoke  sha256_update, con.temp_ctx, con.rx_buffer+sizeof.ssh_packet_header-5, edx
-; Exchange keys with the server
-; TODO: host verification
-        stdcall dh_gex
-        test    eax, eax
-        jnz     exit
-; Set keys and initialize transport subroutines
-        DEBUGF  2, "SSH: Setting encryption keys\n"
-        stdcall aes256_ctr_init, con.rx_iv
-        mov     [con.rx_crypt_ctx_ptr], eax
-        stdcall aes256_set_encrypt_key, eax, con.rx_enc_key
-        mov     [con.rx_crypt_proc], aes256_ctr_crypt
-        mov     [con.rx_crypt_blocksize], AES256_BLOCKSIZE
-;        mov     [con.rx_pad_size], AES256_BLOCKSIZE
-        stdcall aes256_ctr_init, con.tx_iv
-        mov     [con.tx_crypt_ctx_ptr], eax
-        stdcall aes256_set_encrypt_key, eax, con.tx_enc_key
-        mov     [con.tx_crypt_proc], aes256_ctr_crypt
-        mov     [con.tx_crypt_blocksize], AES256_BLOCKSIZE
-        mov     [con.tx_pad_size], AES256_BLOCKSIZE
-        mov     [con.tx_pad_proc], MBRandom
-        stdcall hmac_sha256_setkey, con.rx_mac_ctx, con.rx_int_key, SHA256_HASH_SIZE
-        mov     [con.rx_mac_proc], hmac_sha256
-        mov     [con.rx_mac_length], SHA256_HASH_SIZE
-        stdcall hmac_sha256_setkey, con.tx_mac_ctx, con.tx_int_key, SHA256_HASH_SIZE
+  .prompt:
-        mov     [con.tx_mac_proc], hmac_sha256
-        mov     [con.tx_mac_length], SHA256_HASH_SIZE
-; Re-seed RNG for padding bytes
-        call    create_seed
+        invoke  con_write_asciiz, str1b
-        call    init_random
+; Reset window title
+        invoke  con_set_title, title
-; TODO: erase all keys from memory and free the memory
-; >> Request service (user-auth)
+; Write prompt
-        DEBUGF  2, "SSH: Requesting service\n"
-        stdcall ssh_send_packet, con, ssh_request_service, ssh_request_service.length, 0
+        invoke  con_write_asciiz, str2
-        cmp     eax, -1
+; read string
-        je      socket_err
+        mov     esi, params
+        invoke  con_gets, esi, MAX_HOSTNAME_LENGTH
-; << Check for service acceptance
+; check for exit
-        stdcall ssh_msg_handler, con, 0
+        test    eax, eax
-        cmp     eax, -1
-        je      socket_err
+        jz      .done
-        cmp     [con.rx_buffer.message_code], SSH_MSG_SERVICE_ACCEPT
+        cmp     byte[esi], 10
-        jne     proto_err
+        jz      .done
-; >> Request user authentication
+  .connect:
-        DEBUGF  2, "SSH: User authentication\n"
-        mcall   68, 12, 1024    ; FIXME
-        test    eax, eax
-        jz      done            ; FIXME
-        mov     edi, eax
-        mov     ebx, eax
-        mov     byte[edi], SSH_MSG_USERAUTH_REQUEST
-        inc     edi
-        ; Get username
-        add     edi, 4
-        invoke  con_write_asciiz, str12
-        invoke  con_gets, edi, 256      ; FIXME
-        test    eax, eax
-        jz      done            ; FIXME
-        mov     edx, eax
-        mov     ecx, 256
-        xor     al, al
-        repne   scasb
-        dec     edi             ; \0
-        dec     edi             ; \n
-        push    edi
-        sub     edi, edx
-        bswap   edi
+        stdcall sshlib_connect, ssh_con, params
-        mov     [edx-4], edi
-        pop     edi
+        cmp     eax, 0
-        mov     dword[edi], 0x0e000000  ; 14 Bswapped
+        jg      .prompt
-        mov     dword[edi+4], "ssh-"
+        jl      .error
-        mov     dword[edi+8], "conn"
+  .login:
-        mov     dword[edi+12], "ecti"
-        mov     word[edi+16], "on"
-        add     edi, 18
+        mcall   68, 12, (MAX_USERNAME_LENGTH + MAX_PASSWORD_LENGTH)
-        mov     dword[edi], 0x08000000  ; 8 Bswapped
-        mov     dword[edi+4], "pass"
-        mov     dword[edi+8], "word"
-        mov     byte[edi+12], 0         ; bool
-        add     edi, 13
-        ; Get password
-        add     edi, 4
-        invoke  con_write_asciiz, str13
-        push    eax
-        invoke  con_gets, edi, 256      ; FIXME
+        test    eax, eax
-        test    eax, eax
-        jz      done            ; FIXME
+        jz      .done   ; ERR_NOMEM
+        mov     esi, eax
-        mov     edx, eax
-        mov     ecx, 256
+        lea     edi, [eax + MAX_USERNAME_LENGTH]
-        xor     al, al
-        repne scasb
+; Get username
+        invoke  con_write_asciiz, str12
         invoke  con_gets, esi, MAX_USERNAME_LENGTH
-        dec     edi             ; \0
+        test    eax, eax
-        dec     edi             ; \n
+;;        jz      .con_closed_must_clear
-        push    edi
-        sub     edi, edx
-        bswap   edi
-        mov     [edx-4], edi
+; Get password
-        pop     edi
-        sub     edi, ebx
-        push    ebx
-        stdcall ssh_send_packet, con, ebx, edi, 0
-        ; Clear used buffer and free
-        pop     edx
-        mov     edi, edx
-        push    eax
-        mov     ecx, 1024/4     ; FIXME
-        xor     eax, eax
-        rep stosd
+        invoke  con_write_asciiz, str13a
-        mcall   68, 13, edx
-        pop     eax
-        cmp     eax, -1
-        je      socket_err
-        invoke  con_write_asciiz, str14
-; << Check for userauth acceptance
-        stdcall ssh_msg_handler, con, 0
-        cmp     eax, -1
-        je      socket_err
-        cmp     [con.rx_buffer.message_code], SSH_MSG_USERAUTH_SUCCESS
-        jne     proto_err
-; >> Open channel
-        DEBUGF  2, "SSH: Open channel\n"
-        stdcall ssh_send_packet, con, ssh_channel_open, ssh_channel_open.length, 0
-        cmp     eax, -1
-        je      socket_err
-; << Check for channel open confirmation
-        stdcall ssh_msg_handler, con, 0
-        cmp     eax, -1
-        je      socket_err
-        cmp     [con.rx_buffer.message_code], SSH_MSG_CHANNEL_OPEN_CONFIRMATION
-        jne     proto_err
-; >> Channel request: pty
-        DEBUGF  2, "SSH: Request pty\n"
-        stdcall ssh_send_packet, con, ssh_channel_request, ssh_channel_request.length, 0
-        cmp     eax, -1
-        je      socket_err
-; << Check for channel request confirmation
-        stdcall ssh_msg_handler, con, 0
-        cmp     eax, -1
+        invoke  con_gets, edi, MAX_PASSWORD_LENGTH
-        je      socket_err
+        test    eax, eax
+;;        jz      .con_closed_must_clear
+        invoke  con_write_asciiz, str13b
+; Authenticate
-        cmp     [con.rx_buffer.message_code], SSH_MSG_CHANNEL_SUCCESS
+        stdcall sshlib_userauth_password, ssh_con, esi, edi
-        jne     proto_err
+; Clear and free username and password
   .clear:
+        push    eax
-; >> Channel request: shell
+        mov     edx, edi
+        xor     eax, eax
         mov     ecx, (MAX_USERNAME_LENGTH + MAX_PASSWORD_LENGTH)/4
-        DEBUGF  2, "SSH: Request shell\n"
+        rep     stosd
+        mcall   68, 13, edx
-        stdcall ssh_send_packet, con, ssh_shell_request, ssh_shell_request.length, 0
+        pop     eax
-        cmp     eax, -1
-        je      socket_err
+        cmp     eax, 0
+        jg      .login          ; Authentication failed
-; << Check for channel request confirmation (FIXME: this may not be first packet!)
+        jl      .error          ; An error occured
-; TODO
+; Open a channel
         stdcall sshlib_chan_open, ssh_con
-;        stdcall ssh_msg_handler, con, 0
+        cmp     eax, 0
-;        cmp     eax, -1
+        jg      .prompt         ; Authentication failed
-;        je      socket_err
+        jl      .error          ; An error occured
-;        cmp     [con.rx_buffer.message_code], SSH_MSG_CHANNEL_SUCCESS
+; Start console input handler thread without deactivating the current window
-;        jne     proto_err
+; Get active window ID
+        mcall   18, 7
+        push    eax
+; Create thread
+        mcall   51, 1, con_in_thread, mem - 2048
+; Activate window with given ID
+        pop     ecx
+        mcall   18, 3
+  .loop:
+        invoke  con_get_flags
+        test    eax, 0x200                      ; console window closed?
-; Launch network thread
+        jnz     .con_closed
-        mcall   18, 7
-        push    eax
+        stdcall sshlib_msg_handler, ssh_con, 0
+        cmp     eax, 0
-        mcall   51, 1, thread, mem - 2048
+        jle     .check_err
         pop     ecx
-        mcall   18, 3
+        cmp     [ssh_con.rx_buffer.message_code], SSH_MSG_CHANNEL_DATA
         jne     .dump
 mainloop:
-        call    [con_get_flags]
+        mov     eax, dword[ssh_con.rx_buffer.message_code+5]
-        test    eax, 0x200                      ; con window closed?
+        bswap   eax
-        jnz     exit
+        DEBUGF  1, 'SSH: got %u bytes of data !\n', eax
-        stdcall ssh_msg_handler, con, 0
+        lea     esi, [ssh_con.rx_buffer.message_code+5+4]
-        cmp     eax, 0
+        lea     edx, [esi+eax]
+        lea     edi, [ssh_con.rx_buffer]
+  @@:
+        call    get_byte_utf8
+        stosb
+        cmp     esi, edx
+        jb      @r
+        xor     al, al
+        stosb
+        lea     esi, [ssh_con.rx_buffer]
+        DEBUGF  3, 'SSH msg: %s\n', esi
+        invoke  con_write_asciiz, esi
+        jmp     .loop
-        jbe     closed
+  .dump:
+        DEBUGF  3, "SSH: Unsupported message: "
+        lea     esi, [ssh_con.rx_buffer.message_code]
+        mov     ecx, eax
-        cmp     [con.rx_buffer.message_code], SSH_MSG_CHANNEL_DATA
+        pusha
+  @@:
+        lodsb
+        DEBUGF  3, "%x ", eax:2
+        dec     ecx
+        jnz     @r
+        popa
+        DEBUGF  3, "\n"
+        jmp     .loop
+  .check_err:
+        jz      .err_conn_closed
+        cmp     ebx, EWOULDBLOCK
-        jne     .dump
+        je      .loop
+        jmp     .err_sock
-        mov     eax, dword[con.rx_buffer.message_code+5]
+  .con_closed:
-        bswap   eax
+        ; Send close message on the active channel
-        DEBUGF  1, 'SSH: got %u bytes of data !\n', eax
         stdcall sshlib_send_packet, ssh_con, ssh_msg_channel_close, ssh_msg_channel_close.length, 0
-        lea     esi, [con.rx_buffer.message_code+5+4]
-        mov     ecx, eax
+        jmp     .done
-        lea     edi, [esi + eax]
+  .error:
+; TODO: proper cleanup after error
+        cmp     eax, SSHLIB_ERR_NOMEM
+        je      .done
+        cmp     eax, SSHLIB_ERR_SOCKET
+        je      .err_sock
+        cmp     eax, SSHLIB_ERR_PROTOCOL
-        mov     byte [edi], 0
+        je      .err_proto
-        invoke  con_write_asciiz, esi
+        cmp     eax, SSHLIB_ERR_HOSTNAME
-        jmp     mainloop
+        je      .err_hostname
         cmp     eax, SSHLIB_ERR_HKEY_VERIFY_FAIL
-  .dump:
+        je      .err_hostkey_fail
-        lea     esi, [con.rx_buffer]
+        cmp     eax, SSHLIB_ERR_HKEY_SIGNATURE
-        mov     ecx, eax
+        je      .err_hostkey_signature
-        pusha
+        cmp     eax, SSHLIB_ERR_HKEY_PUBLIC_KEY
+        je      .err_hostkey
+        jmp     .done
+  .err_proto:
+;        lea     eax, [ssh_con.rx_buffer]
+;        int3
+        invoke  con_write_asciiz, str7
+        jmp     .prompt
+  .err_sock:
-@@:
+        invoke  con_write_asciiz, str6
         lodsb
-        DEBUGF  1, "%x ", eax:2
+        mov     eax, str14
-        dec     ecx
+        cmp     ebx, ETIMEDOUT
-        jnz     @r
+        je      .err_sock_detail
+        mov     eax, str15
-        popa
+        cmp     ebx, ECONNREFUSED
-        DEBUGF  1, "\n"
-        jmp     mainloop
-proto_err:
-        mov     eax, con.rx_buffer
+        je      .err_sock_detail
-        int3
+        mov     eax, str16
+        cmp     ebx, ECONNRESET
+        je      .err_sock_detail
-        DEBUGF  3, "SSH: protocol error\n"
+        mov     eax, str17
+  .err_sock_detail:
+        invoke  con_write_asciiz, eax
-        invoke  con_write_asciiz, str7
+        jmp     .prompt
+  .err_hostname:
-        jmp     prompt
-socket_err:
-        DEBUGF  3, "SSH: socket error %d\n", ebx
+        invoke  con_write_asciiz, str10
-        invoke  con_write_asciiz, str6
-        jmp     prompt
-dns_error:
-        DEBUGF  3, "SSH: DNS error %d\n", eax
-        invoke  con_write_asciiz, str5
-        jmp     prompt
-hostname_error:
-        invoke  con_write_asciiz, str10
-        jmp     prompt
+        jmp     .prompt
+  .err_conn_closed:
-closed:
+        invoke  con_write_asciiz, str11
-        invoke  con_write_asciiz, str11
-        jmp     prompt
+        jmp     .prompt
-done:
+  .err_hostkey:
+        invoke  con_write_asciiz, str19
-        invoke  con_exit, 1
+        jmp     .prompt
-exit:
+  .err_hostkey_signature:
+        invoke  con_write_asciiz, str20
+        jmp     .prompt
-        DEBUGF  3, "SSH: Exiting\n"
+  .err_hostkey_fail:
+        invoke  con_write_asciiz, str21
-        mcall   close, [con.socketnum]
+        jmp     .prompt
+  .done:
+        invoke  con_exit, 1
+  .exit:
+        DEBUGF  3, "SSH: Exiting\n"
-        mcall   -1
+        mcall   close, [ssh_con.socketnum]
+  .fail:
+        mcall   -1
+proc sshlib_callback_connecting, con_ptr, connstring_sz
+        invoke  con_write_asciiz, str3
+        mov     eax, [con_ptr]
+        lea     eax, [eax+sshlib_connection.hostname_sz]
+        invoke  con_write_asciiz, eax
+        invoke  con_write_asciiz, str8
+        invoke  con_write_asciiz, [connstring_sz]
         invoke  con_write_asciiz, str9
+        ret
+endp
+proc sshlib_callback_hostkey_problem, con_ptr, problem_type, hostkey_sz
+        cmp     [problem_type], SSHLIB_HOSTKEY_PROBLEM_UNKNOWN
+        je      .unknown
+        cmp     [problem_type], SSHLIB_HOSTKEY_PROBLEM_MISMATCH
+        je      .mismatch
+        mov     eax, -1
+        ret
+  .unknown:
+        invoke  con_write_asciiz, str22
+        jmp     .ask
+  .mismatch:
+        invoke  con_write_asciiz, str23
+;        jmp     .ask
+  .ask:
+  ;;; TODO: print hostkey
+        invoke  con_write_asciiz, str24
+  .getansw:
+        invoke  con_getch2
+        or      al, 0x20        ; convert to lowercase
-thread:
+        cmp     al, 'a'
-        mcall   40, 0
+        je      .accept
-  .loop:
+        cmp     al, 'c'
-        invoke  con_getch2
+        je      .once
-        mov     [ssh_channel_data+9], al
+        cmp     al, 'x'
-        stdcall ssh_send_packet, con, ssh_channel_data, ssh_channel_data.length, MSG_DONTWAIT
+        je      .refuse
         jmp     .getansw
-        invoke  con_get_flags
-        test    eax, 0x200                      ; con window closed?
-        jz      .loop
+  .accept:
-        mcall   -1
+        mov     eax, SSHLIB_HOSTKEY_ACCEPT
         ret
+  .once:
-; Handle common messages and return from specific ones
+        mov     eax, SSHLIB_HOSTKEY_ONCE
-proc ssh_msg_handler, con, flags
+        ret
+  .refuse:
-  .recv:
+        mov     eax, SSHLIB_HOSTKEY_REFUSE
+        ret
+endp
+align 16
+con_in_thread:
+  .loop:
+; TODO: check if channel is still open somehow
+        invoke  con_get_input, ssh_msg_channel_data.data, MAX_INPUT_LENGTH
+        test    eax, eax
+        jz      .no_input
+        lea     ecx, [eax + ssh_msg_channel_data.data - ssh_msg_channel_data]
+        bswap   eax
-        stdcall ssh_recv_packet, [con], [flags]
+        mov     [ssh_msg_channel_data.len], eax
-        cmp     eax, -1
+        stdcall sshlib_send_packet, ssh_con, ssh_msg_channel_data, ecx, 0
-        je      .ret
+        cmp     eax, 0
+        jle     .exit
-        cmp     [con.rx_buffer.message_code], SSH_MSG_DISCONNECT
+  .no_input:
-        je      .disc
+        invoke  con_get_flags
-        cmp     [con.rx_buffer.message_code], SSH_MSG_IGNORE
+        test    eax, 0x200                      ; con window closed?
-        je      .ign
+        jz      .loop
         cmp     [con.rx_buffer.message_code], SSH_MSG_DEBUG
-        je      .dbg
+  .exit:
-        cmp     [con.rx_buffer.message_code], SSH_MSG_GLOBAL_REQUEST
-        je      .glob
+        mcall   -1
-  .ret:
-        ret
 ; data
-  .disc:
-        mov     eax, -1
+title   db 'Secure Shell',0
-        ret
+str1a   db 'SSHv2 client for KolibriOS',10,0
-  .ign:
+str1b   db 10,'Please enter URL of SSH server (hostname:port)',10,0
-        jmp     .recv
+str2    db '> ',0
-  .dbg:
+str3    db 'Connecting to ',0
-  .glob:
+str4    db 10,0
-        ; TODO
+str6    db 10, 27, '[2J',27,'[mA network error has occured.',10,0
-        jmp     .recv
+str7    db 10, 27, '[2J',27,'[mAn SSH protocol error has occured.',10,0
-endp
+str8    db ' (',0
 str9    db ')',10,0
-; data
-title   db      'Secure Shell',0
+str10   db 'Host does not exist.',10,10,0
-str1    db      'SSH client for KolibriOS',10,10,\
+str11   db 10, 27, '[2J',27,'[mThe remote host closed the connection.',10,0
-                'Please enter URL of SSH server (hostname:port)',10,10,0
-str2    db      '> ',0
+str12   db 'Login as: ',0
-str3    db      'Connecting to ',0
+str13a  db 'Password: ', 27, '[?25l', 27, '[30;40m', 0
-str4    db      10,0
-str5    db      'Name resolution failed.',10,10,0
+str13b  db 10, 27, '[?25h', 27, '[0m', 27, '[2J', 0
-str6    db      'A socket error occured.',10,10,0
+str14   db 'The connection timed out',10,0
-str7    db      'A protocol error occured.',10,10,0
+str15   db 'The connection was refused',10,0
-str8    db      ' (',0
+str16   db 'The connection was reset',10,0
-str9    db      ')',10,0
+str17   db 'No details available',10,0
-str10   db      'Invalid hostname.',10,10,0
+;str18   db 'User authentication failed',10,0;;;;
-str11   db      10,'Remote host closed the connection.',10,10,0
+str19   db "The remote host's public key is invalid.", 10, 0
-str12   db      'Login as: ',0
+str20   db "The remote host's signature is invalid.", 10, 0
-str13   db      'Password: ', 27, '[?25l', 27, '[30;40m', 0
+str21   db "The remote host failed to verify it's own public key.", 10, 0
-str14   db      10, 27, '[?25h', 27, '[0m', 0
+str22   db "The host key for the server was not found in the cache.", 10
         db "There is no guarantee to the servers identity !",10, 0
-ssh_ident_ha:
-        dd_n (ssh_ident.length-2)
+str23   db "The host key provided by the host does not match the cached one.", 10
-ssh_ident:
+        db "This may indicate that the remote server has been compromised!", 10, 0
-        db "SSH-2.0-KolibriOS_SSH_0.04",13,10
-  .length = $ - ssh_ident
+str24   db 10, "If you trust this host, press A to accept and store the (new) key.", 10
         db "Press C to connect to the host but don't store the (new) key.", 10
-ssh_kex:
-        db SSH_MSG_KEXINIT
+        db "Press X to abort.", 10, 0
-  .cookie:
-        rd 4
-  .kex_algorithms:
-        dd_n .server_host_key_algorithms - .kex_algorithms - 4
-        db "diffie-hellman-group-exchange-sha256" ; diffie-hellman-group-exchange-sha1
-  .server_host_key_algorithms:
-        dd_n .encryption_algorithms_client_to_server - .server_host_key_algorithms - 4
-        db "ssh-rsa"                    ;,ssh-dss
-  .encryption_algorithms_client_to_server:
-        dd_n .encryption_algorithms_server_to_client - .encryption_algorithms_client_to_server - 4
-        db "aes256-ctr"                 ;,aes256-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128"
-  .encryption_algorithms_server_to_client:
-        dd_n .mac_algorithms_client_to_server - .encryption_algorithms_server_to_client - 4
-        db "aes256-ctr"                 ;,aes256-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128"
-  .mac_algorithms_client_to_server:
-        dd_n .mac_algorithms_server_to_client - .mac_algorithms_client_to_server - 4
-        db "hmac-sha2-256"              ;,hmac-sha1,hmac-sha1-96,hmac-md5"
+ssh_ident_ha:
-  .mac_algorithms_server_to_client:
+        dd_n (ssh_msg_ident.length-2)
+ssh_msg_ident:
+        db "SSH-2.0-KolibriOS_SSH_0.05",13,10
+  .length = $ - ssh_msg_ident
+ssh_msg_kex:
+        db SSH_MSG_KEXINIT
-        dd_n .compression_algorithms_client_to_server - .mac_algorithms_server_to_client - 4
+  .cookie:
-        db "hmac-sha2-256"              ;,hmac-sha1,hmac-sha1-96,hmac-md5"
+        rd 4
-  .compression_algorithms_client_to_server:
-        dd_n .compression_algorithms_server_to_client - .compression_algorithms_client_to_server - 4
-        db "none"                       ;,zlib"
+  .kex_algorithms:
+        str "diffie-hellman-group-exchange-sha256" ; diffie-hellman-group-exchange-sha1
-  .compression_algorithms_server_to_client:
+  .server_host_key_algorithms:
-        dd_n .languages_client_to_server - .compression_algorithms_server_to_client - 4
+        str "ssh-rsa"                    ;,ssh-dss
-        db "none"                       ;,zlib"
+  .encryption_algorithms_client_to_server:
-  .languages_client_to_server:
-        dd_n .languages_server_to_client - .languages_client_to_server - 4
+        str "aes256-ctr"                 ;,aes256-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128"
-        db ""
+  .encryption_algorithms_server_to_client:
-  .languages_server_to_client:
-        dd_n .first_kex_packet_follows - .languages_server_to_client - 4
+        str "aes256-ctr"                 ;,aes256-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128"
-        db ""
+  .mac_algorithms_client_to_server:
-  .first_kex_packet_follows:
+        str "hmac-sha2-256"              ;,hmac-sha1,hmac-sha1-96,hmac-md5"
-        db 0
+  .mac_algorithms_server_to_client:
-  .reserved:
+        str "hmac-sha2-256"              ;,hmac-sha1,hmac-sha1-96,hmac-md5"
-        dd_n 0
+  .compression_algorithms_client_to_server:
-  .length = $ - ssh_kex
+        str "none"                       ;,zlib"
+  .compression_algorithms_server_to_client:
+        str "none"                       ;,zlib"
   .languages_client_to_server:
-ssh_gex_req:
+        str ""
-        db SSH_MSG_KEX_DH_GEX_REQUEST
-        dd_n 4096/4                      ; DH GEX min
+  .languages_server_to_client:
-        dd_n 4096/2                      ; DH GEX number of bits
+        str ""
-        dd_n 4096                        ; DH GEX Max
+  .first_kex_packet_follows:
+        db 0
-  .length = $ - ssh_gex_req
+  .reserved:
         dd_n 0
   .length = $ - ssh_msg_kex
-ssh_new_keys:
+ssh_msg_gex_req:
+        db SSH_MSG_KEX_DH_GEX_REQUEST
+        dd_n 4096/4                      ; DH GEX min
+        dd_n 4096/2                      ; DH GEX number of bits
+        dd_n 4096                        ; DH GEX Max
-        db SSH_MSG_NEWKEYS
+  .length = $ - ssh_msg_gex_req
-  .length = $ - ssh_new_keys
 ssh_msg_new_keys:
         con_write_asciiz, 'con_write_asciiz', \
         con_exit, 'con_exit', \
         con_gets, 'con_gets', \
         con_cls, 'con_cls', \
         con_getch2, 'con_getch2', \
-        con_set_cursor_pos, 'con_set_cursor_pos', \
-        con_write_string, 'con_write_string', \
-        con_get_flags,  'con_get_flags', \
+        con_get_flags, 'con_get_flags', \
+        con_set_title, 'con_set_title', \
-        con_set_flags,  'con_set_flags'
+        con_get_input, 'con_get_input'
 import  libcrash, \
         sha256_init, 'sha256_init', \
         sha256_update, 'sha256_update', \
 i_end:
 IncludeUGlobals
 params          rb MAX_HOSTNAME_LENGTH

Subversion Repositories Kolibri OS

(root)/programs/network/ssh/ssh.asm – Rev 9071 → 9106