upstream commit

add experimental api for packet layer; ok djm@
author: markus@openbsd.org <markus@openbsd.org> 2015-01-19 20:30:23 +0000
committer: Damien Miller <djm@mindrot.org> 2015-01-20 09:23:46 +1100
commit: f582f0e917bb0017b00944783cd5f408bf4b0b5e (patch)
tree: 4f5642958dd85b4b81937498dc47d79cba91d67b /ssh_api.h
parent: 48b3b2ba75181f11fca7f327058a591f4426cade (diff)
1 files changed, 136 insertions, 0 deletions
diff --git a/ssh_api.h b/ssh_api.h
new file mode 100644
index 000000000..a7e14e06e
--- /dev/null
+++ b/ssh_api.h
@@ -0,0 +1,136 @@
+/* $OpenBSD: ssh_api.h,v 1.1 2015/01/19 20:30:23 markus Exp $ */
+/*
+ * Copyright (c) 2012 Markus Friedl.  All rights reserved.
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+#ifndef API_H
+#define API_H
+#include <sys/queue.h>
+#include <sys/types.h>
+#include <signal.h>
+#include "cipher.h"
+#include "sshkey.h"
+#include "kex.h"
+#include "ssh.h"
+#include "ssh2.h"
+#include "packet.h"
+struct kex_params {
+        char *proposal[PROPOSAL_MAX];
+};
+/* public SSH API functions */
+/*
+ * ssh_init() create a ssh connection object with given (optional)
+ * key exchange parameters.
+ */
+int     ssh_init(struct ssh **, int is_server, struct kex_params *kex_params);
+/*
+ * release ssh connection state.
+ */
+void    ssh_free(struct ssh *);
+/*
+ * attach application specific data to the connection state
+ */
+void    ssh_set_app_data(struct ssh *, void *);
+void    *ssh_get_app_data(struct ssh *);
+/*
+ * ssh_add_hostkey() registers a private/public hostkey for an ssh
+ * connection.
+ * ssh_add_hostkey() needs to be called before a key exchange is
+ * initiated with ssh_packet_next().
+ * private hostkeys are required if we need to act as a server.
+ * public hostkeys are used to verify the servers hostkey.
+ */
+int     ssh_add_hostkey(struct ssh *ssh, struct sshkey *key);
+/*
+ * ssh_set_verify_host_key_callback() registers a callback function
+ * which should be called instead of the default verification. The
+ * function given must return 0 if the hostkey is ok, -1 if the
+ * verification has failed.
+ */
+int     ssh_set_verify_host_key_callback(struct ssh *ssh,
+    int (*cb)(struct sshkey *, struct ssh *));
+/*
+ * ssh_packet_next() advances to the next input packet and returns
+ * the packet type in typep.
+ * ssh_packet_next() works by processing an input byte-stream,
+ * decrypting the received data and hiding the key-exchange from
+ * the caller.
+ * ssh_packet_next() sets typep if there is no new packet available.
+ * in this case the caller must fill the input byte-stream by passing
+ * the data received over network to ssh_input_append().
+ * additinally, the caller needs to send the resulting output
+ * byte-stream back over the network. otherwise the key exchange
+ * would not proceed. the output byte-stream is accessed through
+ * ssh_output_ptr().
+ */
+int     ssh_packet_next(struct ssh *ssh, u_char *typep);
+/*
+ * ssh_packet_payload() returns a pointer to the raw payload data of
+ * the current input packet and the length of this payload.
+ * the payload is accessible until ssh_packet_next() is called again.
+ */
+const u_char    *ssh_packet_payload(struct ssh *ssh, size_t *lenp);
+/*
+ * ssh_packet_put() creates an encrypted packet with the given type
+ * and payload.
+ * the encrypted packet is appended to the output byte-stream.
+ */
+int     ssh_packet_put(struct ssh *ssh, int type, const u_char *data,
+    size_t len);
+/*
+ * ssh_input_space() checks if 'len' bytes can be appended to the
+ * input byte-stream.
+ */
+int     ssh_input_space(struct ssh *ssh, size_t len);
+/*
+ * ssh_input_append() appends data to the input byte-stream.
+ */
+int     ssh_input_append(struct ssh *ssh, const u_char *data, size_t len);
+/*
+ * ssh_output_space() checks if 'len' bytes can be appended to the
+ * output byte-stream. XXX
+ */
+int     ssh_output_space(struct ssh *ssh, size_t len);
+/*
+ * ssh_output_ptr() retrieves both a pointer and the length of the
+ * current output byte-stream. the bytes need to be sent over the
+ * network. the number of bytes that have been successfully sent can
+ * be removed from the output byte-stream with ssh_output_consume().
+ */
+const u_char    *ssh_output_ptr(struct ssh *ssh, size_t *len);
+/*
+ * ssh_output_consume() removes the given number of bytes from
+ * the output byte-stream.
+ */
+int     ssh_output_consume(struct ssh *ssh, size_t len);
+#endif
author	markus@openbsd.org <markus@openbsd.org>	2015-01-19 20:30:23 +0000
committer	Damien Miller <djm@mindrot.org>	2015-01-20 09:23:46 +1100
commit	f582f0e917bb0017b00944783cd5f408bf4b0b5e (patch)
tree	4f5642958dd85b4b81937498dc47d79cba91d67b /ssh_api.h
parent	48b3b2ba75181f11fca7f327058a591f4426cade (diff)

diff --git a/ssh_api.h b/ssh_api.h new file mode 100644 index 000000000..a7e14e06e --- /dev/null +++ b/ssh_api.h
@@ -0,0 +1,136 @@
	1	/* $OpenBSD: ssh_api.h,v 1.1 2015/01/19 20:30:23 markus Exp $ */
	2	/*
	3	* Copyright (c) 2012 Markus Friedl. All rights reserved.
	4	*
	5	* Permission to use, copy, modify, and distribute this software for any
	6	* purpose with or without fee is hereby granted, provided that the above
	7	* copyright notice and this permission notice appear in all copies.
	8	*
	9	* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
	10	* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
	11	* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
	12	* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
	13	* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
	14	* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
	15	* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
	16	*/
	17
	18	#ifndef API_H
	19	#define API_H
	20
	21	#include <sys/queue.h>
	22	#include <sys/types.h>
	23	#include <signal.h>
	24
	25	#include "cipher.h"
	26	#include "sshkey.h"
	27	#include "kex.h"
	28	#include "ssh.h"
	29	#include "ssh2.h"
	30	#include "packet.h"
	31
	32	struct kex_params {
	33	char *proposal[PROPOSAL_MAX];
	34	};
	35
	36	/* public SSH API functions */
	37
	38	/*
	39	* ssh_init() create a ssh connection object with given (optional)
	40	* key exchange parameters.
	41	*/
	42	int ssh_init(struct ssh *, int is_server, struct kex_params kex_params);
	43
	44	/*
	45	* release ssh connection state.
	46	*/
	47	void ssh_free(struct ssh *);
	48
	49	/*
	50	* attach application specific data to the connection state
	51	*/
	52	void ssh_set_app_data(struct ssh , void );
	53	void ssh_get_app_data(struct ssh );
	54
	55	/*
	56	* ssh_add_hostkey() registers a private/public hostkey for an ssh
	57	* connection.
	58	* ssh_add_hostkey() needs to be called before a key exchange is
	59	* initiated with ssh_packet_next().
	60	* private hostkeys are required if we need to act as a server.
	61	* public hostkeys are used to verify the servers hostkey.
	62	*/
	63	int ssh_add_hostkey(struct ssh ssh, struct sshkey key);
	64
	65	/*
	66	* ssh_set_verify_host_key_callback() registers a callback function
	67	* which should be called instead of the default verification. The
	68	* function given must return 0 if the hostkey is ok, -1 if the
	69	* verification has failed.
	70	*/
	71	int ssh_set_verify_host_key_callback(struct ssh *ssh,
	72	int (cb)(struct sshkey , struct ssh *));
	73
	74	/*
	75	* ssh_packet_next() advances to the next input packet and returns
	76	* the packet type in typep.
	77	* ssh_packet_next() works by processing an input byte-stream,
	78	* decrypting the received data and hiding the key-exchange from
	79	* the caller.
	80	* ssh_packet_next() sets typep if there is no new packet available.
	81	* in this case the caller must fill the input byte-stream by passing
	82	* the data received over network to ssh_input_append().
	83	* additinally, the caller needs to send the resulting output
	84	* byte-stream back over the network. otherwise the key exchange
	85	* would not proceed. the output byte-stream is accessed through
	86	* ssh_output_ptr().
	87	*/
	88	int ssh_packet_next(struct ssh ssh, u_char typep);
	89
	90	/*
	91	* ssh_packet_payload() returns a pointer to the raw payload data of
	92	* the current input packet and the length of this payload.
	93	* the payload is accessible until ssh_packet_next() is called again.
	94	*/
	95	const u_char ssh_packet_payload(struct ssh ssh, size_t *lenp);
	96
	97	/*
	98	* ssh_packet_put() creates an encrypted packet with the given type
	99	* and payload.
	100	* the encrypted packet is appended to the output byte-stream.
	101	*/
	102	int ssh_packet_put(struct ssh ssh, int type, const u_char data,
	103	size_t len);
	104
	105	/*
	106	* ssh_input_space() checks if 'len' bytes can be appended to the
	107	* input byte-stream.
	108	*/
	109	int ssh_input_space(struct ssh *ssh, size_t len);
	110
	111	/*
	112	* ssh_input_append() appends data to the input byte-stream.
	113	*/
	114	int ssh_input_append(struct ssh ssh, const u_char data, size_t len);
	115
	116	/*
	117	* ssh_output_space() checks if 'len' bytes can be appended to the
	118	* output byte-stream. XXX
	119	*/
	120	int ssh_output_space(struct ssh *ssh, size_t len);
	121
	122	/*
	123	* ssh_output_ptr() retrieves both a pointer and the length of the
	124	* current output byte-stream. the bytes need to be sent over the
	125	* network. the number of bytes that have been successfully sent can
	126	* be removed from the output byte-stream with ssh_output_consume().
	127	*/
	128	const u_char ssh_output_ptr(struct ssh ssh, size_t *len);
	129
	130	/*
	131	* ssh_output_consume() removes the given number of bytes from
	132	* the output byte-stream.
	133	*/
	134	int ssh_output_consume(struct ssh *ssh, size_t len);
	135
	136	#endif