X-Git-Url: https://asedeno.scripts.mit.edu/gitweb/?a=blobdiff_plain;f=ssh.h;h=f55136e9aa580a46a4f1d2cf61e7b4968021eb38;hb=941421b8fa669f729129e7462457c29911476b17;hp=ee629ee58d193485c02c7eb2827ef08d48c94373;hpb=01085358e43e662935598f588914867a731e963e;p=PuTTY.git

diff --git a/ssh.h b/ssh.h
index ee629ee5..f55136e9 100644
--- a/ssh.h
+++ b/ssh.h
@@ -8,12 +8,54 @@
 #include "misc.h"
 
 struct ssh_channel;
+typedef struct ssh_tag *Ssh;
 
 extern int sshfwd_write(struct ssh_channel *c, char *, int);
 extern void sshfwd_write_eof(struct ssh_channel *c);
 extern void sshfwd_unclean_close(struct ssh_channel *c, const char *err);
 extern void sshfwd_unthrottle(struct ssh_channel *c, int bufsize);
 Conf *sshfwd_get_conf(struct ssh_channel *c);
+void sshfwd_x11_sharing_handover(struct ssh_channel *c,
+                                 void *share_cs, void *share_chan,
+                                 const char *peer_addr, int peer_port,
+                                 int endian, int protomajor, int protominor,
+                                 const void *initial_data, int initial_len);
+void sshfwd_x11_is_local(struct ssh_channel *c);
+
+extern Socket ssh_connection_sharing_init(const char *host, int port,
+                                          Conf *conf, Ssh ssh, void **state);
+void share_got_pkt_from_server(void *ctx, int type,
+                               unsigned char *pkt, int pktlen);
+void share_activate(void *state, const char *server_verstring);
+void sharestate_free(void *state);
+int share_ndownstreams(void *state);
+
+void ssh_connshare_log(Ssh ssh, int event, const char *logtext,
+                       const char *ds_err, const char *us_err);
+unsigned ssh_alloc_sharing_channel(Ssh ssh, void *sharing_ctx);
+void ssh_delete_sharing_channel(Ssh ssh, unsigned localid);
+int ssh_alloc_sharing_rportfwd(Ssh ssh, const char *shost, int sport,
+                               void *share_ctx);
+void ssh_sharing_queue_global_request(Ssh ssh, void *share_ctx);
+struct X11FakeAuth *ssh_sharing_add_x11_display(Ssh ssh, int authtype,
+                                                void *share_cs,
+                                                void *share_chan);
+void ssh_sharing_remove_x11_display(Ssh ssh, struct X11FakeAuth *auth);
+void ssh_send_packet_from_downstream(Ssh ssh, unsigned id, int type,
+                                     const void *pkt, int pktlen,
+                                     const char *additional_log_text);
+void ssh_sharing_downstream_connected(Ssh ssh, unsigned id,
+                                      const char *peerinfo);
+void ssh_sharing_downstream_disconnected(Ssh ssh, unsigned id);
+void ssh_sharing_logf(Ssh ssh, unsigned id, const char *logfmt, ...);
+int ssh_agent_forwarding_permitted(Ssh ssh);
+void share_setup_x11_channel(void *csv, void *chanv,
+                             unsigned upstream_id, unsigned server_id,
+                             unsigned server_currwin, unsigned server_maxpkt,
+                             unsigned client_adjusted_window,
+                             const char *peer_addr, int peer_port, int endian,
+                             int protomajor, int protominor,
+                             const void *initial_data, int initial_len);
 
 /*
  * Useful thing.
@@ -372,24 +414,41 @@ struct X11Display {
     int port;
     char *realhost;
 
-    /* Auth details we invented for the virtual display on the SSH server. */
-    int remoteauthproto;
-    unsigned char *remoteauthdata;
-    int remoteauthdatalen;
-    char *remoteauthprotoname;
-    char *remoteauthdatastring;
-
     /* Our local auth details for talking to the real X display. */
     int localauthproto;
     unsigned char *localauthdata;
     int localauthdatalen;
+};
+struct X11FakeAuth {
+    /* Auth details we invented for a virtual display on the SSH server. */
+    int proto;
+    unsigned char *data;
+    int datalen;
+    char *protoname;
+    char *datastring;
+
+    /* The encrypted form of the first block, in XDM-AUTHORIZATION-1.
+     * Used as part of the key when these structures are organised
+     * into a tree. See x11_invent_fake_auth for explanation. */
+    unsigned char *xa1_firstblock;
 
     /*
      * Used inside x11fwd.c to remember recently seen
      * XDM-AUTHORIZATION-1 strings, to avoid replay attacks.
      */
     tree234 *xdmseen;
+
+    /*
+     * What to do with an X connection matching this auth data.
+     */
+    struct X11Display *disp;
+    void *share_cs, *share_chan;
 };
+void *x11_make_greeting(int endian, int protomajor, int protominor,
+                        int auth_proto, const void *auth_data, int auth_len,
+                        const char *peer_ip, int peer_port,
+                        int *outlen);
+int x11_authcmp(void *av, void *bv); /* for putting X11FakeAuth in a tree234 */
 /*
  * x11_setup_display() parses the display variable and fills in an
  * X11Display structure. Some remote auth details are invented;
@@ -397,12 +456,12 @@ struct X11Display {
  * authorisation protocol to use at the remote end. The local auth
  * details are looked up by calling platform_get_x11_auth.
  */
-extern struct X11Display *x11_setup_display(char *display, int authtype,
-					    Conf *);
+extern struct X11Display *x11_setup_display(char *display, Conf *);
 void x11_free_display(struct X11Display *disp);
+struct X11FakeAuth *x11_invent_fake_auth(tree234 *t, int authtype);
+void x11_free_fake_auth(struct X11FakeAuth *auth);
 struct X11Connection;                  /* opaque outside x11fwd.c */
-extern char *x11_init(struct X11Connection **, struct X11Display *,
-                      void *, const char *, int);
+struct X11Connection *x11_init(tree234 *authtree, void *, const char *, int);
 extern void x11_close(struct X11Connection *);
 extern int x11_send(struct X11Connection *, char *, int);
 extern void x11_send_eof(struct X11Connection *s);
@@ -434,6 +493,8 @@ char *platform_get_x_display(void);
  */
 void x11_get_auth_from_authfile(struct X11Display *display,
 				const char *authfilename);
+int x11_identify_auth_proto(const char *proto);
+void *x11_dehexify(const char *hex, int *outlen);
 
 Bignum copybn(Bignum b);
 Bignum bn_power_2(int n);
@@ -476,6 +537,7 @@ void *dh_setup_group(const struct ssh_kex *kex);
 void *dh_setup_gex(Bignum pval, Bignum gval);
 void dh_cleanup(void *);
 Bignum dh_create_e(void *, int nbits);
+const char *dh_validate_f(void *handle, Bignum f);
 Bignum dh_find_K(void *, Bignum f);
 
 int loadrsakey(const Filename *filename, struct RSAKey *key,
@@ -574,6 +636,22 @@ int zlib_compress_block(void *, unsigned char *block, int len,
 int zlib_decompress_block(void *, unsigned char *block, int len,
 			  unsigned char **outblock, int *outlen);
 
+/*
+ * Connection-sharing API provided by platforms. This function must
+ * either:
+ *  - return SHARE_NONE and do nothing
+ *  - return SHARE_DOWNSTREAM and set *sock to a Socket connected to
+ *    downplug
+ *  - return SHARE_UPSTREAM and set *sock to a Socket connected to
+ *    upplug.
+ */
+enum { SHARE_NONE, SHARE_DOWNSTREAM, SHARE_UPSTREAM };
+int platform_ssh_share(const char *name, Conf *conf,
+                       Plug downplug, Plug upplug, Socket *sock,
+                       char **logtext, char **ds_err, char **us_err,
+                       int can_upstream, int can_downstream);
+void platform_ssh_share_cleanup(const char *name);
+
 /*
  * SSH-1 message type codes.
  */
@@ -643,7 +721,8 @@ int zlib_decompress_block(void *, unsigned char *block, int len,
 #define SSH2_MSG_NEWKEYS                          21	/* 0x15 */
 #define SSH2_MSG_KEXDH_INIT                       30	/* 0x1e */
 #define SSH2_MSG_KEXDH_REPLY                      31	/* 0x1f */
-#define SSH2_MSG_KEX_DH_GEX_REQUEST               30	/* 0x1e */
+#define SSH2_MSG_KEX_DH_GEX_REQUEST_OLD           30	/* 0x1e */
+#define SSH2_MSG_KEX_DH_GEX_REQUEST               34	/* 0x22 */
 #define SSH2_MSG_KEX_DH_GEX_GROUP                 31	/* 0x1f */
 #define SSH2_MSG_KEX_DH_GEX_INIT                  32	/* 0x20 */
 #define SSH2_MSG_KEX_DH_GEX_REPLY                 33	/* 0x21 */