--- /dev/null
+/*
+ * Routines to do cryptographic interaction with proxies in PuTTY.
+ * This is in a separate module from proxy.c, so that it can be
+ * conveniently removed in PuTTYtel by replacing this module with
+ * the stub version nocproxy.c.
+ */
+
+#include <assert.h>
+#include <ctype.h>
+#include <string.h>
+
+#define DEFINE_PLUG_METHOD_MACROS
+#include "putty.h"
+#include "ssh.h" /* For MD5 support */
+#include "network.h"
+#include "proxy.h"
+
+static void hmacmd5_chap(const unsigned char *challenge, int challen,
+ const char *passwd, unsigned char *response)
+{
+ void *hmacmd5_ctx;
+ int pwlen;
+
+ hmacmd5_ctx = hmacmd5_make_context();
+
+ pwlen = strlen(passwd);
+ if (pwlen>64) {
+ unsigned char md5buf[16];
+ MD5Simple(passwd, pwlen, md5buf);
+ hmacmd5_key(hmacmd5_ctx, md5buf, 16);
+ } else {
+ hmacmd5_key(hmacmd5_ctx, passwd, pwlen);
+ }
+
+ hmacmd5_do_hmac(hmacmd5_ctx, challenge, challen, response);
+ hmacmd5_free_context(hmacmd5_ctx);
+}
+
+void proxy_socks5_offerencryptedauth(char *command, int *len)
+{
+ command[*len] = 0x03; /* CHAP */
+ (*len)++;
+}
+
+int proxy_socks5_handlechap (Proxy_Socket p)
+{
+
+ /* CHAP authentication reply format:
+ * version number (1 bytes) = 1
+ * number of commands (1 byte)
+ *
+ * For each command:
+ * command identifier (1 byte)
+ * data length (1 byte)
+ */
+ unsigned char data[260];
+ unsigned char outbuf[20];
+
+ while(p->chap_num_attributes == 0 ||
+ p->chap_num_attributes_processed < p->chap_num_attributes) {
+ if (p->chap_num_attributes == 0 ||
+ p->chap_current_attribute == -1) {
+ /* CHAP normally reads in two bytes, either at the
+ * beginning or for each attribute/value pair. But if
+ * we're waiting for the value's data, we might not want
+ * to read 2 bytes.
+ */
+
+ if (bufchain_size(&p->pending_input_data) < 2)
+ return 1; /* not got anything yet */
+
+ /* get the response */
+ bufchain_fetch(&p->pending_input_data, data, 2);
+ bufchain_consume(&p->pending_input_data, 2);
+ }
+
+ if (p->chap_num_attributes == 0) {
+ /* If there are no attributes, this is our first msg
+ * with the server, where we negotiate version and
+ * number of attributes
+ */
+ if (data[0] != 0x01) {
+ plug_closing(p->plug, "Proxy error: SOCKS proxy wants"
+ " a different CHAP version",
+ PROXY_ERROR_GENERAL, 0);
+ return 1;
+ }
+ if (data[1] == 0x00) {
+ plug_closing(p->plug, "Proxy error: SOCKS proxy won't"
+ " negotiate CHAP with us",
+ PROXY_ERROR_GENERAL, 0);
+ return 1;
+ }
+ p->chap_num_attributes = data[1];
+ } else {
+ if (p->chap_current_attribute == -1) {
+ /* We have to read in each attribute/value pair -
+ * those we don't understand can be ignored, but
+ * there are a few we'll need to handle.
+ */
+ p->chap_current_attribute = data[0];
+ p->chap_current_datalen = data[1];
+ }
+ if (bufchain_size(&p->pending_input_data) <
+ p->chap_current_datalen)
+ return 1; /* not got everything yet */
+
+ /* get the response */
+ bufchain_fetch(&p->pending_input_data, data,
+ p->chap_current_datalen);
+
+ bufchain_consume(&p->pending_input_data,
+ p->chap_current_datalen);
+
+ switch (p->chap_current_attribute) {
+ case 0x00:
+ /* Successful authentication */
+ if (data[0] == 0x00)
+ p->state = 2;
+ else {
+ plug_closing(p->plug, "Proxy error: SOCKS proxy"
+ " refused CHAP authentication",
+ PROXY_ERROR_GENERAL, 0);
+ return 1;
+ }
+ break;
+ case 0x03:
+ outbuf[0] = 0x01; /* Version */
+ outbuf[1] = 0x01; /* One attribute */
+ outbuf[2] = 0x04; /* Response */
+ outbuf[3] = 0x10; /* Length */
+ hmacmd5_chap(data, p->chap_current_datalen,
+ p->cfg.proxy_password, &outbuf[4]);
+ sk_write(p->sub_socket, outbuf, 20);
+ break;
+ case 0x11:
+ /* Chose a protocol */
+ if (data[0] != 0x85) {
+ plug_closing(p->plug, "Proxy error: Server chose "
+ "CHAP of other than HMAC-MD5 but we "
+ "didn't offer it!",
+ PROXY_ERROR_GENERAL, 0);
+ return 1;
+ }
+ break;
+ }
+ p->chap_current_attribute = -1;
+ p->chap_num_attributes_processed++;
+ }
+ if (p->state == 8 &&
+ p->chap_num_attributes_processed >= p->chap_num_attributes) {
+ p->chap_num_attributes = 0;
+ p->chap_num_attributes_processed = 0;
+ p->chap_current_datalen = 0;
+ }
+ }
+ return 0;
+}
+
+int proxy_socks5_selectchap(Proxy_Socket p)
+{
+ if (p->cfg.proxy_username[0] || p->cfg.proxy_password[0]) {
+ char chapbuf[514];
+ int ulen;
+ chapbuf[0] = '\x01'; /* Version */
+ chapbuf[1] = '\x02'; /* Number of attributes sent */
+ chapbuf[2] = '\x11'; /* First attribute - algorithms list */
+ chapbuf[3] = '\x01'; /* Only one CHAP algorithm */
+ chapbuf[4] = '\x85'; /* ...and it's HMAC-MD5, the core one */
+ chapbuf[5] = '\x02'; /* Second attribute - username */
+
+ ulen = strlen(p->cfg.proxy_username);
+ if (ulen > 255) ulen = 255; if (ulen < 1) ulen = 1;
+
+ chapbuf[6] = ulen;
+ memcpy(chapbuf+7, p->cfg.proxy_username, ulen);
+
+ sk_write(p->sub_socket, chapbuf, ulen + 7);
+ p->chap_num_attributes = 0;
+ p->chap_num_attributes_processed = 0;
+ p->chap_current_attribute = -1;
+ p->chap_current_datalen = 0;
+
+ p->state = 8;
+ } else
+ plug_closing(p->plug, "Proxy error: Server chose "
+ "CHAP authentication but we didn't offer it!",
+ PROXY_ERROR_GENERAL, 0);
+ return 1;
+}
projects / PuTTY.git / blobdiff