github.com/olivere/camlistore@v0.0.0-20140121221811-1b7ac2da0199/third_party/code.google.com/p/go.crypto/ssh/messages.go (about) 1 // Copyright 2011 The Go Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style 3 // license that can be found in the LICENSE file. 4 5 package ssh 6 7 import ( 8 "bytes" 9 "io" 10 "math/big" 11 "reflect" 12 ) 13 14 // These are SSH message type numbers. They are scattered around several 15 // documents but many were taken from 16 // http://www.iana.org/assignments/ssh-parameters/ssh-parameters.xml#ssh-parameters-1 17 const ( 18 msgDisconnect = 1 19 msgIgnore = 2 20 msgUnimplemented = 3 21 msgDebug = 4 22 msgServiceRequest = 5 23 msgServiceAccept = 6 24 25 msgKexInit = 20 26 msgNewKeys = 21 27 28 msgKexDHInit = 30 29 msgKexDHReply = 31 30 31 msgUserAuthRequest = 50 32 msgUserAuthFailure = 51 33 msgUserAuthSuccess = 52 34 msgUserAuthBanner = 53 35 msgUserAuthPubKeyOk = 60 36 37 msgGlobalRequest = 80 38 msgRequestSuccess = 81 39 msgRequestFailure = 82 40 41 msgChannelOpen = 90 42 msgChannelOpenConfirm = 91 43 msgChannelOpenFailure = 92 44 msgChannelWindowAdjust = 93 45 msgChannelData = 94 46 msgChannelExtendedData = 95 47 msgChannelEOF = 96 48 msgChannelClose = 97 49 msgChannelRequest = 98 50 msgChannelSuccess = 99 51 msgChannelFailure = 100 52 ) 53 54 // SSH messages: 55 // 56 // These structures mirror the wire format of the corresponding SSH messages. 57 // They are marshaled using reflection with the marshal and unmarshal functions 58 // in this file. The only wrinkle is that a final member of type []byte with a 59 // ssh tag of "rest" receives the remainder of a packet when unmarshaling. 60 61 // See RFC 4253, section 11.1. 62 type disconnectMsg struct { 63 Reason uint32 64 Message string 65 Language string 66 } 67 68 // See RFC 4253, section 7.1. 69 type kexInitMsg struct { 70 Cookie [16]byte 71 KexAlgos []string 72 ServerHostKeyAlgos []string 73 CiphersClientServer []string 74 CiphersServerClient []string 75 MACsClientServer []string 76 MACsServerClient []string 77 CompressionClientServer []string 78 CompressionServerClient []string 79 LanguagesClientServer []string 80 LanguagesServerClient []string 81 FirstKexFollows bool 82 Reserved uint32 83 } 84 85 // See RFC 4253, section 8. 86 type kexDHInitMsg struct { 87 X *big.Int 88 } 89 90 type kexDHReplyMsg struct { 91 HostKey []byte 92 Y *big.Int 93 Signature []byte 94 } 95 96 // See RFC 4253, section 10. 97 type serviceRequestMsg struct { 98 Service string 99 } 100 101 // See RFC 4253, section 10. 102 type serviceAcceptMsg struct { 103 Service string 104 } 105 106 // See RFC 4252, section 5. 107 type userAuthRequestMsg struct { 108 User string 109 Service string 110 Method string 111 Payload []byte `ssh:"rest"` 112 } 113 114 // See RFC 4252, section 5.1 115 type userAuthFailureMsg struct { 116 Methods []string 117 PartialSuccess bool 118 } 119 120 // See RFC 4254, section 5.1. 121 type channelOpenMsg struct { 122 ChanType string 123 PeersId uint32 124 PeersWindow uint32 125 MaxPacketSize uint32 126 TypeSpecificData []byte `ssh:"rest"` 127 } 128 129 // See RFC 4254, section 5.1. 130 type channelOpenConfirmMsg struct { 131 PeersId uint32 132 MyId uint32 133 MyWindow uint32 134 MaxPacketSize uint32 135 TypeSpecificData []byte `ssh:"rest"` 136 } 137 138 // See RFC 4254, section 5.1. 139 type channelOpenFailureMsg struct { 140 PeersId uint32 141 Reason uint32 142 Message string 143 Language string 144 } 145 146 type channelRequestMsg struct { 147 PeersId uint32 148 Request string 149 WantReply bool 150 RequestSpecificData []byte `ssh:"rest"` 151 } 152 153 // See RFC 4254, section 5.4. 154 type channelRequestSuccessMsg struct { 155 PeersId uint32 156 } 157 158 // See RFC 4254, section 5.4. 159 type channelRequestFailureMsg struct { 160 PeersId uint32 161 } 162 163 // See RFC 4254, section 5.3 164 type channelCloseMsg struct { 165 PeersId uint32 166 } 167 168 // See RFC 4254, section 5.3 169 type channelEOFMsg struct { 170 PeersId uint32 171 } 172 173 // See RFC 4254, section 4 174 type globalRequestMsg struct { 175 Type string 176 WantReply bool 177 } 178 179 // See RFC 4254, section 5.2 180 type windowAdjustMsg struct { 181 PeersId uint32 182 AdditionalBytes uint32 183 } 184 185 // See RFC 4252, section 7 186 type userAuthPubKeyOkMsg struct { 187 Algo string 188 PubKey string 189 } 190 191 // unmarshal parses the SSH wire data in packet into out using reflection. 192 // expectedType is the expected SSH message type. It either returns nil on 193 // success, or a ParseError or UnexpectedMessageError on error. 194 func unmarshal(out interface{}, packet []byte, expectedType uint8) error { 195 if len(packet) == 0 { 196 return ParseError{expectedType} 197 } 198 if packet[0] != expectedType { 199 return UnexpectedMessageError{expectedType, packet[0]} 200 } 201 packet = packet[1:] 202 203 v := reflect.ValueOf(out).Elem() 204 structType := v.Type() 205 var ok bool 206 for i := 0; i < v.NumField(); i++ { 207 field := v.Field(i) 208 t := field.Type() 209 switch t.Kind() { 210 case reflect.Bool: 211 if len(packet) < 1 { 212 return ParseError{expectedType} 213 } 214 field.SetBool(packet[0] != 0) 215 packet = packet[1:] 216 case reflect.Array: 217 if t.Elem().Kind() != reflect.Uint8 { 218 panic("array of non-uint8") 219 } 220 if len(packet) < t.Len() { 221 return ParseError{expectedType} 222 } 223 for j := 0; j < t.Len(); j++ { 224 field.Index(j).Set(reflect.ValueOf(packet[j])) 225 } 226 packet = packet[t.Len():] 227 case reflect.Uint32: 228 var u32 uint32 229 if u32, packet, ok = parseUint32(packet); !ok { 230 return ParseError{expectedType} 231 } 232 field.SetUint(uint64(u32)) 233 case reflect.String: 234 var s []byte 235 if s, packet, ok = parseString(packet); !ok { 236 return ParseError{expectedType} 237 } 238 field.SetString(string(s)) 239 case reflect.Slice: 240 switch t.Elem().Kind() { 241 case reflect.Uint8: 242 if structType.Field(i).Tag.Get("ssh") == "rest" { 243 field.Set(reflect.ValueOf(packet)) 244 packet = nil 245 } else { 246 var s []byte 247 if s, packet, ok = parseString(packet); !ok { 248 return ParseError{expectedType} 249 } 250 field.Set(reflect.ValueOf(s)) 251 } 252 case reflect.String: 253 var nl []string 254 if nl, packet, ok = parseNameList(packet); !ok { 255 return ParseError{expectedType} 256 } 257 field.Set(reflect.ValueOf(nl)) 258 default: 259 panic("slice of unknown type") 260 } 261 case reflect.Ptr: 262 if t == bigIntType { 263 var n *big.Int 264 if n, packet, ok = parseInt(packet); !ok { 265 return ParseError{expectedType} 266 } 267 field.Set(reflect.ValueOf(n)) 268 } else { 269 panic("pointer to unknown type") 270 } 271 default: 272 panic("unknown type") 273 } 274 } 275 276 if len(packet) != 0 { 277 return ParseError{expectedType} 278 } 279 280 return nil 281 } 282 283 // marshal serializes the message in msg, using the given message type. 284 func marshal(msgType uint8, msg interface{}) []byte { 285 var out []byte 286 out = append(out, msgType) 287 288 v := reflect.ValueOf(msg) 289 structType := v.Type() 290 for i := 0; i < v.NumField(); i++ { 291 field := v.Field(i) 292 t := field.Type() 293 switch t.Kind() { 294 case reflect.Bool: 295 var v uint8 296 if field.Bool() { 297 v = 1 298 } 299 out = append(out, v) 300 case reflect.Array: 301 if t.Elem().Kind() != reflect.Uint8 { 302 panic("array of non-uint8") 303 } 304 for j := 0; j < t.Len(); j++ { 305 out = append(out, byte(field.Index(j).Uint())) 306 } 307 case reflect.Uint32: 308 u32 := uint32(field.Uint()) 309 out = append(out, byte(u32>>24)) 310 out = append(out, byte(u32>>16)) 311 out = append(out, byte(u32>>8)) 312 out = append(out, byte(u32)) 313 case reflect.String: 314 s := field.String() 315 out = append(out, byte(len(s)>>24)) 316 out = append(out, byte(len(s)>>16)) 317 out = append(out, byte(len(s)>>8)) 318 out = append(out, byte(len(s))) 319 out = append(out, s...) 320 case reflect.Slice: 321 switch t.Elem().Kind() { 322 case reflect.Uint8: 323 length := field.Len() 324 if structType.Field(i).Tag.Get("ssh") != "rest" { 325 out = append(out, byte(length>>24)) 326 out = append(out, byte(length>>16)) 327 out = append(out, byte(length>>8)) 328 out = append(out, byte(length)) 329 } 330 for j := 0; j < length; j++ { 331 out = append(out, byte(field.Index(j).Uint())) 332 } 333 case reflect.String: 334 var length int 335 for j := 0; j < field.Len(); j++ { 336 if j != 0 { 337 length++ /* comma */ 338 } 339 length += len(field.Index(j).String()) 340 } 341 342 out = append(out, byte(length>>24)) 343 out = append(out, byte(length>>16)) 344 out = append(out, byte(length>>8)) 345 out = append(out, byte(length)) 346 for j := 0; j < field.Len(); j++ { 347 if j != 0 { 348 out = append(out, ',') 349 } 350 out = append(out, field.Index(j).String()...) 351 } 352 default: 353 panic("slice of unknown type") 354 } 355 case reflect.Ptr: 356 if t == bigIntType { 357 var n *big.Int 358 nValue := reflect.ValueOf(&n) 359 nValue.Elem().Set(field) 360 needed := intLength(n) 361 oldLength := len(out) 362 363 if cap(out)-len(out) < needed { 364 newOut := make([]byte, len(out), 2*(len(out)+needed)) 365 copy(newOut, out) 366 out = newOut 367 } 368 out = out[:oldLength+needed] 369 marshalInt(out[oldLength:], n) 370 } else { 371 panic("pointer to unknown type") 372 } 373 } 374 } 375 376 return out 377 } 378 379 var bigOne = big.NewInt(1) 380 381 func parseString(in []byte) (out, rest []byte, ok bool) { 382 if len(in) < 4 { 383 return 384 } 385 length := uint32(in[0])<<24 | uint32(in[1])<<16 | uint32(in[2])<<8 | uint32(in[3]) 386 if uint32(len(in)) < 4+length { 387 return 388 } 389 out = in[4 : 4+length] 390 rest = in[4+length:] 391 ok = true 392 return 393 } 394 395 var ( 396 comma = []byte{','} 397 emptyNameList = []string{} 398 ) 399 400 func parseNameList(in []byte) (out []string, rest []byte, ok bool) { 401 contents, rest, ok := parseString(in) 402 if !ok { 403 return 404 } 405 if len(contents) == 0 { 406 out = emptyNameList 407 return 408 } 409 parts := bytes.Split(contents, comma) 410 out = make([]string, len(parts)) 411 for i, part := range parts { 412 out[i] = string(part) 413 } 414 return 415 } 416 417 func parseInt(in []byte) (out *big.Int, rest []byte, ok bool) { 418 contents, rest, ok := parseString(in) 419 if !ok { 420 return 421 } 422 out = new(big.Int) 423 424 if len(contents) > 0 && contents[0]&0x80 == 0x80 { 425 // This is a negative number 426 notBytes := make([]byte, len(contents)) 427 for i := range notBytes { 428 notBytes[i] = ^contents[i] 429 } 430 out.SetBytes(notBytes) 431 out.Add(out, bigOne) 432 out.Neg(out) 433 } else { 434 // Positive number 435 out.SetBytes(contents) 436 } 437 ok = true 438 return 439 } 440 441 func parseUint32(in []byte) (out uint32, rest []byte, ok bool) { 442 if len(in) < 4 { 443 return 444 } 445 out = uint32(in[0])<<24 | uint32(in[1])<<16 | uint32(in[2])<<8 | uint32(in[3]) 446 rest = in[4:] 447 ok = true 448 return 449 } 450 451 func nameListLength(namelist []string) int { 452 length := 4 /* uint32 length prefix */ 453 for i, name := range namelist { 454 if i != 0 { 455 length++ /* comma */ 456 } 457 length += len(name) 458 } 459 return length 460 } 461 462 func intLength(n *big.Int) int { 463 length := 4 /* length bytes */ 464 if n.Sign() < 0 { 465 nMinus1 := new(big.Int).Neg(n) 466 nMinus1.Sub(nMinus1, bigOne) 467 bitLen := nMinus1.BitLen() 468 if bitLen%8 == 0 { 469 // The number will need 0xff padding 470 length++ 471 } 472 length += (bitLen + 7) / 8 473 } else if n.Sign() == 0 { 474 // A zero is the zero length string 475 } else { 476 bitLen := n.BitLen() 477 if bitLen%8 == 0 { 478 // The number will need 0x00 padding 479 length++ 480 } 481 length += (bitLen + 7) / 8 482 } 483 484 return length 485 } 486 487 func marshalUint32(to []byte, n uint32) []byte { 488 to[0] = byte(n >> 24) 489 to[1] = byte(n >> 16) 490 to[2] = byte(n >> 8) 491 to[3] = byte(n) 492 return to[4:] 493 } 494 495 func marshalUint64(to []byte, n uint64) []byte { 496 to[0] = byte(n >> 56) 497 to[1] = byte(n >> 48) 498 to[2] = byte(n >> 40) 499 to[3] = byte(n >> 32) 500 to[4] = byte(n >> 24) 501 to[5] = byte(n >> 16) 502 to[6] = byte(n >> 8) 503 to[7] = byte(n) 504 return to[8:] 505 } 506 507 func marshalInt(to []byte, n *big.Int) []byte { 508 lengthBytes := to 509 to = to[4:] 510 length := 0 511 512 if n.Sign() < 0 { 513 // A negative number has to be converted to two's-complement 514 // form. So we'll subtract 1 and invert. If the 515 // most-significant-bit isn't set then we'll need to pad the 516 // beginning with 0xff in order to keep the number negative. 517 nMinus1 := new(big.Int).Neg(n) 518 nMinus1.Sub(nMinus1, bigOne) 519 bytes := nMinus1.Bytes() 520 for i := range bytes { 521 bytes[i] ^= 0xff 522 } 523 if len(bytes) == 0 || bytes[0]&0x80 == 0 { 524 to[0] = 0xff 525 to = to[1:] 526 length++ 527 } 528 nBytes := copy(to, bytes) 529 to = to[nBytes:] 530 length += nBytes 531 } else if n.Sign() == 0 { 532 // A zero is the zero length string 533 } else { 534 bytes := n.Bytes() 535 if len(bytes) > 0 && bytes[0]&0x80 != 0 { 536 // We'll have to pad this with a 0x00 in order to 537 // stop it looking like a negative number. 538 to[0] = 0 539 to = to[1:] 540 length++ 541 } 542 nBytes := copy(to, bytes) 543 to = to[nBytes:] 544 length += nBytes 545 } 546 547 lengthBytes[0] = byte(length >> 24) 548 lengthBytes[1] = byte(length >> 16) 549 lengthBytes[2] = byte(length >> 8) 550 lengthBytes[3] = byte(length) 551 return to 552 } 553 554 func writeInt(w io.Writer, n *big.Int) { 555 length := intLength(n) 556 buf := make([]byte, length) 557 marshalInt(buf, n) 558 w.Write(buf) 559 } 560 561 func writeString(w io.Writer, s []byte) { 562 var lengthBytes [4]byte 563 lengthBytes[0] = byte(len(s) >> 24) 564 lengthBytes[1] = byte(len(s) >> 16) 565 lengthBytes[2] = byte(len(s) >> 8) 566 lengthBytes[3] = byte(len(s)) 567 w.Write(lengthBytes[:]) 568 w.Write(s) 569 } 570 571 func stringLength(s []byte) int { 572 return 4 + len(s) 573 } 574 575 func marshalString(to []byte, s []byte) []byte { 576 to[0] = byte(len(s) >> 24) 577 to[1] = byte(len(s) >> 16) 578 to[2] = byte(len(s) >> 8) 579 to[3] = byte(len(s)) 580 to = to[4:] 581 copy(to, s) 582 return to[len(s):] 583 } 584 585 var bigIntType = reflect.TypeOf((*big.Int)(nil)) 586 587 // Decode a packet into it's corresponding message. 588 func decode(packet []byte) interface{} { 589 var msg interface{} 590 switch packet[0] { 591 case msgDisconnect: 592 msg = new(disconnectMsg) 593 case msgServiceRequest: 594 msg = new(serviceRequestMsg) 595 case msgServiceAccept: 596 msg = new(serviceAcceptMsg) 597 case msgKexInit: 598 msg = new(kexInitMsg) 599 case msgKexDHInit: 600 msg = new(kexDHInitMsg) 601 case msgKexDHReply: 602 msg = new(kexDHReplyMsg) 603 case msgUserAuthRequest: 604 msg = new(userAuthRequestMsg) 605 case msgUserAuthFailure: 606 msg = new(userAuthFailureMsg) 607 case msgUserAuthPubKeyOk: 608 msg = new(userAuthPubKeyOkMsg) 609 case msgGlobalRequest: 610 msg = new(globalRequestMsg) 611 case msgRequestSuccess: 612 msg = new(channelRequestSuccessMsg) 613 case msgRequestFailure: 614 msg = new(channelRequestFailureMsg) 615 case msgChannelOpen: 616 msg = new(channelOpenMsg) 617 case msgChannelOpenConfirm: 618 msg = new(channelOpenConfirmMsg) 619 case msgChannelOpenFailure: 620 msg = new(channelOpenFailureMsg) 621 case msgChannelWindowAdjust: 622 msg = new(windowAdjustMsg) 623 case msgChannelEOF: 624 msg = new(channelEOFMsg) 625 case msgChannelClose: 626 msg = new(channelCloseMsg) 627 case msgChannelRequest: 628 msg = new(channelRequestMsg) 629 case msgChannelSuccess: 630 msg = new(channelRequestSuccessMsg) 631 case msgChannelFailure: 632 msg = new(channelRequestFailureMsg) 633 default: 634 return UnexpectedMessageError{0, packet[0]} 635 } 636 if err := unmarshal(msg, packet, packet[0]); err != nil { 637 return err 638 } 639 return msg 640 }