Lines Matching refs:state
235 struct session_state *state = NULL;
238 (state = calloc(1, sizeof(*state))) == NULL ||
239 (state->input = sshbuf_new()) == NULL ||
240 (state->output = sshbuf_new()) == NULL ||
241 (state->outgoing_packet = sshbuf_new()) == NULL ||
242 (state->incoming_packet = sshbuf_new()) == NULL)
244 TAILQ_INIT(&state->outgoing);
247 state->connection_in = -1;
248 state->connection_out = -1;
249 state->max_packet_size = 32768;
250 state->packet_timeout_ms = -1;
251 state->p_send.packets = state->p_read.packets = 0;
252 state->initialized = 1;
257 state->rekeying = 1;
258 ssh->state = state;
261 if (state) {
262 sshbuf_free(state->input);
263 sshbuf_free(state->output);
264 sshbuf_free(state->incoming_packet);
265 sshbuf_free(state->outgoing_packet);
266 free(state);
275 ssh->state->hook_in = hook;
276 ssh->state->hook_in_ctx = ctx;
284 (ssh->state->rekeying || (ssh->kex != NULL && ssh->kex->done == 0));
294 struct session_state *state;
305 error("%s: cound not allocate state", __func__);
308 state = ssh->state;
309 state->connection_in = fd_in;
310 state->connection_out = fd_out;
311 if ((r = cipher_init(&state->send_context, none,
313 (r = cipher_init(&state->receive_context, none,
319 state->newkeys[MODE_IN] = state->newkeys[MODE_OUT] = NULL;
320 deattack_init(&state->deattack);
332 struct session_state *state = ssh->state;
335 state->packet_timeout_ms = -1;
339 state->packet_timeout_ms = INT_MAX;
341 state->packet_timeout_ms = timeout * count * 1000;
347 ssh->state->mux = 1;
348 ssh->state->rekeying = 0;
354 return ssh->state->mux;
379 struct session_state *state = ssh->state;
382 if (state->packet_discard_mac) {
386 if (dlen > state->packet_discard_mac_already)
387 dlen -= state->packet_discard_mac_already;
389 while (sshbuf_len(state->incoming_packet) < dlen)
390 if ((r = sshbuf_put(state->incoming_packet, buf,
393 (void) mac_compute(state->packet_discard_mac,
394 state->p_read.seqnr,
395 sshbuf_ptr(state->incoming_packet), dlen,
407 struct session_state *state = ssh->state;
420 state->packet_discard_mac = mac;
421 state->packet_discard_mac_already = mac_already;
423 if (sshbuf_len(state->input) >= discard)
425 state->packet_discard = discard - sshbuf_len(state->input);
434 struct session_state *state = ssh->state;
438 if (state->connection_in == -1 || state->connection_out == -1)
442 if (state->connection_in == state->connection_out)
446 if (getpeername(state->connection_in, (struct sockaddr *)&from,
451 if (getpeername(state->connection_out, (struct sockaddr *)&to,
465 *ibytes = ssh->state->p_read.bytes;
467 *obytes = ssh->state->p_send.bytes;
477 if (getsockname(ssh->state->connection_out, (struct sockaddr *)&to,
494 set_nonblock(ssh->state->connection_in);
496 if (ssh->state->connection_out != ssh->state->connection_in)
497 set_nonblock(ssh->state->connection_out);
505 return ssh->state->connection_in;
513 return ssh->state->connection_out;
524 const int sock = ssh->state->connection_in;
578 struct session_state *state = ssh->state;
581 if (!state->initialized)
583 state->initialized = 0;
584 if (state->connection_in == state->connection_out) {
585 shutdown(state->connection_out, SHUT_RDWR);
586 close(state->connection_out);
588 close(state->connection_in);
589 close(state->connection_out);
591 sshbuf_free(state->input);
592 sshbuf_free(state->output);
593 sshbuf_free(state->outgoing_packet);
594 sshbuf_free(state->incoming_packet);
596 kex_free_newkeys(state->newkeys[mode]);
597 if (state->compression_buffer) {
598 sshbuf_free(state->compression_buffer);
599 if (state->compression_out_started) {
600 z_streamp stream = &state->compression_out_stream;
607 if (state->compression_out_failures == 0)
610 if (state->compression_in_started) {
611 z_streamp stream = &state->compression_out_stream;
618 if (state->compression_in_failures == 0)
622 cipher_free(state->send_context);
623 cipher_free(state->receive_context);
624 state->send_context = state->receive_context = NULL;
627 free(ssh->state);
628 ssh->state = NULL;
636 ssh->state->remote_protocol_flags = protocol_flags;
644 return ssh->state->remote_protocol_flags;
655 if (!ssh->state->compression_buffer &&
656 ((ssh->state->compression_buffer = sshbuf_new()) == NULL))
667 if (ssh->state->compression_out_started == 1)
668 deflateEnd(&ssh->state->compression_out_stream);
669 switch (deflateInit(&ssh->state->compression_out_stream, level)) {
671 ssh->state->compression_out_started = 1;
684 if (ssh->state->compression_in_started == 1)
685 inflateEnd(&ssh->state->compression_in_stream);
686 switch (inflateInit(&ssh->state->compression_in_stream)) {
688 ssh->state->compression_in_started = 1;
703 if (ssh->state->packet_compression && !compat20)
705 ssh->state->packet_compression = 1;
720 if (ssh->state->compression_out_started != 1)
728 if ((ssh->state->compression_out_stream.next_in =
731 ssh->state->compression_out_stream.avail_in = sshbuf_len(in);
736 ssh->state->compression_out_stream.next_out = buf;
737 ssh->state->compression_out_stream.avail_out = sizeof(buf);
740 status = deflate(&ssh->state->compression_out_stream,
748 ssh->state->compression_out_stream.avail_out)) != 0)
753 ssh->state->compression_out_failures++;
756 } while (ssh->state->compression_out_stream.avail_out == 0);
766 if (ssh->state->compression_in_started != 1)
769 if ((ssh->state->compression_in_stream.next_in =
772 ssh->state->compression_in_stream.avail_in = sshbuf_len(in);
776 ssh->state->compression_in_stream.next_out = buf;
777 ssh->state->compression_in_stream.avail_out = sizeof(buf);
779 status = inflate(&ssh->state->compression_in_stream,
784 ssh->state->compression_in_stream.avail_out)) != 0)
800 ssh->state->compression_in_failures++;
819 struct session_state *state = ssh->state;
830 memcpy(state->ssh1_key, key, keylen);
831 state->ssh1_keylen = keylen;
832 if ((r = cipher_init(&state->send_context, cipher, key, keylen,
834 (r = cipher_init(&state->receive_context, cipher, key, keylen,
837 if (!state->cipher_warning_done &&
838 ((wmsg = cipher_warning_message(state->send_context)) != NULL ||
839 (wmsg = cipher_warning_message(state->send_context)) != NULL)) {
841 state->cipher_warning_done = 1;
854 struct session_state *state = ssh->state;
863 if (state->packet_compression) {
864 sshbuf_reset(state->compression_buffer);
866 if ((r = sshbuf_consume(state->outgoing_packet, 8)) != 0)
869 if ((r = sshbuf_put(state->compression_buffer,
872 if ((r = compress_buffer(ssh, state->outgoing_packet,
873 state->compression_buffer)) != 0)
875 sshbuf_reset(state->outgoing_packet);
876 if ((r = sshbuf_putb(state->outgoing_packet,
877 state->compression_buffer)) != 0)
881 len = sshbuf_len(state->outgoing_packet) + 4 - 8;
885 if (!cipher_ctx_is_plaintext(state->send_context)) {
886 cp = sshbuf_mutable_ptr(state->outgoing_packet);
893 if ((r = sshbuf_consume(state->outgoing_packet, 8 - padding)) != 0)
897 checksum = ssh_crc32(sshbuf_ptr(state->outgoing_packet),
898 sshbuf_len(state->outgoing_packet));
900 if ((r = sshbuf_put(state->outgoing_packet, buf, 4)) != 0)
905 sshbuf_dump(state->outgoing_packet, stderr);
910 if ((r = sshbuf_put(state->output, buf, 4)) != 0)
912 if ((r = sshbuf_reserve(state->output,
913 sshbuf_len(state->outgoing_packet), &cp)) != 0)
915 if ((r = cipher_crypt(state->send_context, 0, cp,
916 sshbuf_ptr(state->outgoing_packet),
917 sshbuf_len(state->outgoing_packet), 0, 0)) != 0)
922 sshbuf_dump(state->output, stderr);
924 state->p_send.packets++;
925 state->p_send.bytes += len +
926 sshbuf_len(state->outgoing_packet);
927 sshbuf_reset(state->outgoing_packet);
942 struct session_state *state = ssh->state;
956 ccp = &state->send_context;
958 ps = &state->p_send;
959 max_blocks = &state->max_blocks_out;
962 ccp = &state->receive_context;
964 ps = &state->p_read;
965 max_blocks = &state->max_blocks_in;
967 if (state->newkeys[mode] != NULL) {
974 enc = &state->newkeys[mode]->enc;
975 mac = &state->newkeys[mode]->mac;
976 comp = &state->newkeys[mode]->comp;
987 free(state->newkeys[mode]);
991 /* move newkeys from kex to state */
992 if ((state->newkeys[mode] = ssh->kex->newkeys[mode]) == NULL)
995 enc = &state->newkeys[mode]->enc;
996 mac = &state->newkeys[mode]->mac;
997 comp = &state->newkeys[mode]->comp;
1007 if (!state->cipher_warning_done &&
1010 state->cipher_warning_done = 1;
1018 state->after_authentication)) && comp->enabled == 0) {
1038 if (state->rekey_limit)
1040 state->rekey_limit / enc->block_size);
1049 struct session_state *state = ssh->state;
1053 if (!state->after_authentication)
1068 if (state->p_send.packets == 0 && state->p_read.packets == 0)
1072 if (state->rekey_interval != 0 &&
1073 (int64_t)state->rekey_time + state->rekey_interval <= monotime())
1077 if (state->p_send.packets > MAX_PACKETS ||
1078 state->p_read.packets > MAX_PACKETS)
1083 state->newkeys[MODE_OUT]->enc.block_size);
1084 return (state->max_blocks_out &&
1085 (state->p_send.blocks + out_blocks > state->max_blocks_out)) ||
1086 (state->max_blocks_in &&
1087 (state->p_read.blocks > state->max_blocks_in));
1098 struct session_state *state = ssh->state;
1106 state->after_authentication = 1;
1109 if (state->newkeys[mode] == NULL)
1111 comp = &state->newkeys[mode]->comp;
1148 struct session_state *state = ssh->state;
1158 if (state->newkeys[MODE_OUT] != NULL) {
1159 enc = &state->newkeys[MODE_OUT]->enc;
1160 mac = &state->newkeys[MODE_OUT]->mac;
1161 comp = &state->newkeys[MODE_OUT]->comp;
1169 type = (sshbuf_ptr(state->outgoing_packet))[5];
1174 sshbuf_dump(state->outgoing_packet, stderr);
1178 len = sshbuf_len(state->outgoing_packet);
1180 if ((r = sshbuf_consume(state->outgoing_packet, 5)) != 0)
1182 sshbuf_reset(state->compression_buffer);
1183 if ((r = compress_buffer(ssh, state->outgoing_packet,
1184 state->compression_buffer)) != 0)
1186 sshbuf_reset(state->outgoing_packet);
1187 if ((r = sshbuf_put(state->outgoing_packet,
1189 (r = sshbuf_putb(state->outgoing_packet,
1190 state->compression_buffer)) != 0)
1193 sshbuf_len(state->outgoing_packet)));
1197 len = sshbuf_len(state->outgoing_packet);
1207 if (state->extra_pad) {
1208 tmp = state->extra_pad;
1209 state->extra_pad =
1210 ROUNDUP(state->extra_pad, block_size);
1212 if (state->extra_pad < tmp)
1214 tmp = (len + padlen) % state->extra_pad;
1216 if (tmp > state->extra_pad)
1218 pad = state->extra_pad - tmp;
1220 __func__, pad, len, padlen, state->extra_pad));
1226 state->extra_pad = 0;
1228 if ((r = sshbuf_reserve(state->outgoing_packet, padlen, &cp)) != 0)
1230 if (enc && !cipher_ctx_is_plaintext(state->send_context)) {
1238 len = sshbuf_len(state->outgoing_packet);
1239 cp = sshbuf_mutable_ptr(state->outgoing_packet);
1252 if ((r = mac_compute(mac, state->p_send.seqnr,
1253 sshbuf_ptr(state->outgoing_packet), len,
1256 DBG(debug("done calc MAC out #%d", state->p_send.seqnr));
1259 if ((r = sshbuf_reserve(state->output,
1260 sshbuf_len(state->outgoing_packet) + authlen, &cp)) != 0)
1262 if ((r = cipher_crypt(state->send_context, state->p_send.seqnr, cp,
1263 sshbuf_ptr(state->outgoing_packet),
1270 if ((r = mac_compute(mac, state->p_send.seqnr,
1274 state->p_send.seqnr));
1276 if ((r = sshbuf_put(state->output, macbuf, mac->mac_len)) != 0)
1281 sshbuf_dump(state->output, stderr);
1284 if (++state->p_send.seqnr == 0)
1286 if (++state->p_send.packets == 0)
1289 state->p_send.blocks += len / block_size;
1290 state->p_send.bytes += len;
1291 sshbuf_reset(state->outgoing_packet);
1295 else if (type == SSH2_MSG_USERAUTH_SUCCESS && state->server_side)
1318 struct session_state *state = ssh->state;
1323 if (sshbuf_len(state->outgoing_packet) < 6)
1325 type = sshbuf_ptr(state->outgoing_packet)[5];
1327 ssh_packet_need_rekeying(ssh, sshbuf_len(state->outgoing_packet));
1333 if ((need_rekey || state->rekeying) && !ssh_packet_type_is_kex(type)) {
1341 p->payload = state->outgoing_packet;
1342 TAILQ_INSERT_TAIL(&state->outgoing, p, next);
1343 state->outgoing_packet = sshbuf_new();
1344 if (state->outgoing_packet == NULL)
1359 state->rekeying = 1;
1366 state->rekeying = 0;
1367 state->rekey_time = monotime();
1368 while ((p = TAILQ_FIRST(&state->outgoing))) {
1382 sshbuf_free(state->outgoing_packet);
1383 state->outgoing_packet = p->payload;
1384 TAILQ_REMOVE(&state->outgoing, p, next);
1403 struct session_state *state = ssh->state;
1411 setp = calloc(howmany(state->connection_in + 1,
1443 memset(setp, 0, howmany(state->connection_in + 1,
1445 FD_SET(state->connection_in, setp);
1447 if (state->packet_timeout_ms > 0) {
1448 ms_remain = state->packet_timeout_ms;
1453 if (state->packet_timeout_ms != -1) {
1457 if ((r = select(state->connection_in + 1, setp,
1463 if (state->packet_timeout_ms == -1)
1476 len = read(state->connection_in, buf, sizeof(buf));
1541 struct session_state *state = ssh->state;
1552 if (sshbuf_len(state->input) < 4 + 8)
1555 len = PEEK_U32(sshbuf_ptr(state->input));
1565 if (sshbuf_len(state->input) < 4 + padded_len)
1571 if ((r = sshbuf_consume(state->input, 4)) != 0)
1579 if (!cipher_ctx_is_plaintext(state->receive_context)) {
1581 switch (detect_attack(&state->deattack,
1582 sshbuf_ptr(state->input), padded_len)) {
1605 sshbuf_reset(state->incoming_packet);
1606 if ((r = sshbuf_reserve(state->incoming_packet, padded_len, &p)) != 0)
1608 if ((r = cipher_crypt(state->receive_context, 0, p,
1609 sshbuf_ptr(state->input), padded_len, 0, 0)) != 0)
1612 if ((r = sshbuf_consume(state->input, padded_len)) != 0)
1617 sshbuf_dump(state->incoming_packet, stderr);
1621 checksum = ssh_crc32(sshbuf_ptr(state->incoming_packet),
1622 sshbuf_len(state->incoming_packet) - 4);
1625 if ((r = sshbuf_consume(state->incoming_packet, 8 - len % 8)) != 0)
1629 if (len != sshbuf_len(state->incoming_packet)) {
1631 len, sshbuf_len(state->incoming_packet));
1638 cp = sshbuf_ptr(state->incoming_packet) + len - 4;
1647 if ((r = sshbuf_consume_end(state->incoming_packet, 4)) < 0)
1650 if (state->packet_compression) {
1651 sshbuf_reset(state->compression_buffer);
1652 if ((r = uncompress_buffer(ssh, state->incoming_packet,
1653 state->compression_buffer)) != 0)
1655 sshbuf_reset(state->incoming_packet);
1656 if ((r = sshbuf_putb(state->incoming_packet,
1657 state->compression_buffer)) != 0)
1660 state->p_read.packets++;
1661 state->p_read.bytes += padded_len + 4;
1662 if ((r = sshbuf_get_u8(state->incoming_packet, typep)) != 0)
1679 struct session_state *state = ssh->state;
1687 cp = sshbuf_ptr(state->input);
1688 if (state->packlen == 0) {
1689 if (sshbuf_len(state->input) < 4 + 1)
1691 state->packlen = PEEK_U32(cp);
1692 if (state->packlen < 4 + 1 ||
1693 state->packlen > PACKET_MAX_SIZE)
1696 need = state->packlen + 4;
1697 if (sshbuf_len(state->input) < need)
1699 sshbuf_reset(state->incoming_packet);
1700 if ((r = sshbuf_put(state->incoming_packet, cp + 4,
1701 state->packlen)) != 0 ||
1702 (r = sshbuf_consume(state->input, need)) != 0 ||
1703 (r = sshbuf_get_u8(state->incoming_packet, NULL)) != 0 ||
1704 (r = sshbuf_get_u8(state->incoming_packet, typep)) != 0)
1708 /* sshbuf_dump(state->incoming_packet, stderr); */
1710 state->packlen = 0;
1717 struct session_state *state = ssh->state;
1726 if (state->mux)
1731 if (state->packet_discard)
1734 if (state->newkeys[MODE_IN] != NULL) {
1735 enc = &state->newkeys[MODE_IN]->enc;
1736 mac = &state->newkeys[MODE_IN]->mac;
1737 comp = &state->newkeys[MODE_IN]->comp;
1746 if (aadlen && state->packlen == 0) {
1747 if (cipher_get_length(state->receive_context,
1748 &state->packlen, state->p_read.seqnr,
1749 sshbuf_ptr(state->input), sshbuf_len(state->input)) != 0)
1751 if (state->packlen < 1 + 4 ||
1752 state->packlen > PACKET_MAX_SIZE) {
1754 sshbuf_dump(state->input, stderr);
1756 logit("Bad packet length %u.", state->packlen);
1761 sshbuf_reset(state->incoming_packet);
1762 } else if (state->packlen == 0) {
1767 if (sshbuf_len(state->input) < block_size)
1769 sshbuf_reset(state->incoming_packet);
1770 if ((r = sshbuf_reserve(state->incoming_packet, block_size,
1773 if ((r = cipher_crypt(state->receive_context,
1774 state->p_send.seqnr, cp, sshbuf_ptr(state->input),
1777 state->packlen = PEEK_U32(sshbuf_ptr(state->incoming_packet));
1778 if (state->packlen < 1 + 4 ||
1779 state->packlen > PACKET_MAX_SIZE) {
1782 sshbuf_dump(state->input, stderr);
1784 sshbuf_dump(state->incoming_packet, stderr);
1786 logit("Bad packet length %u.", state->packlen);
1790 if ((r = sshbuf_consume(state->input, block_size)) != 0)
1793 DBG(debug("input: packet len %u", state->packlen+4));
1797 need = state->packlen;
1803 need = 4 + state->packlen - block_size;
1821 if (sshbuf_len(state->input) < aadlen + need + authlen + maclen)
1825 sshbuf_dump(state->input, stderr);
1829 if ((r = mac_check(mac, state->p_read.seqnr,
1830 sshbuf_ptr(state->input), aadlen + need,
1831 sshbuf_ptr(state->input) + aadlen + need + authlen,
1838 if ((r = sshbuf_reserve(state->incoming_packet, aadlen + need,
1841 if ((r = cipher_crypt(state->receive_context, state->p_read.seqnr, cp,
1842 sshbuf_ptr(state->input), need, aadlen, authlen)) != 0)
1844 if ((r = sshbuf_consume(state->input, aadlen + need + authlen)) != 0)
1848 if (!mac->etm && (r = mac_check(mac, state->p_read.seqnr,
1849 sshbuf_ptr(state->incoming_packet),
1850 sshbuf_len(state->incoming_packet),
1851 sshbuf_ptr(state->input), maclen)) != 0) {
1858 sshbuf_len(state->incoming_packet),
1862 DBG(debug("MAC #%d ok", state->p_read.seqnr));
1863 if ((r = sshbuf_consume(state->input, mac->mac_len)) != 0)
1867 *seqnr_p = state->p_read.seqnr;
1868 if (++state->p_read.seqnr == 0)
1870 if (++state->p_read.packets == 0)
1873 state->p_read.blocks += (state->packlen + 4) / block_size;
1874 state->p_read.bytes += state->packlen + 4;
1877 padlen = sshbuf_ptr(state->incoming_packet)[4];
1888 if ((r = sshbuf_consume(state->incoming_packet, 4 + 1)) != 0 ||
1889 ((r = sshbuf_consume_end(state->incoming_packet, padlen)) != 0))
1893 sshbuf_len(state->incoming_packet)));
1895 sshbuf_reset(state->compression_buffer);
1896 if ((r = uncompress_buffer(ssh, state->incoming_packet,
1897 state->compression_buffer)) != 0)
1899 sshbuf_reset(state->incoming_packet);
1900 if ((r = sshbuf_putb(state->incoming_packet,
1901 state->compression_buffer)) != 0)
1904 sshbuf_len(state->incoming_packet)));
1910 if ((r = sshbuf_get_u8(state->incoming_packet, typep)) != 0)
1921 if (state->hook_in != NULL &&
1922 (r = state->hook_in(ssh, state->incoming_packet, typep,
1923 state->hook_in_ctx)) != 0)
1925 if (*typep == SSH2_MSG_USERAUTH_SUCCESS && !state->server_side)
1931 sshbuf_dump(state->incoming_packet, stderr);
1934 state->packlen = 0;
1949 struct session_state *state = ssh->state;
1961 state->keep_alive_timeouts = 0;
1983 do_log2(ssh->state->server_side &&
2037 struct session_state *state = ssh->state;
2040 if (state->packet_discard) {
2041 state->keep_alive_timeouts = 0; /* ?? */
2042 if (len >= state->packet_discard) {
2046 state->packet_discard -= len;
2049 if ((r = sshbuf_put(ssh->state->input, buf, len)) != 0)
2058 return sshbuf_len(ssh->state->incoming_packet);
2124 ssh->state->server_side ? "from" : "to", remote_id);
2146 ssh->state->server_side ? "from" : "to",
2203 struct session_state *state = ssh->state;
2204 int len = sshbuf_len(state->output);
2208 len = write(state->connection_out,
2209 sshbuf_ptr(state->output), len);
2218 if ((r = sshbuf_consume(state->output, len)) != 0)
2234 struct session_state *state = ssh->state;
2236 setp = calloc(howmany(state->connection_out + 1,
2245 memset(setp, 0, howmany(state->connection_out + 1,
2247 FD_SET(state->connection_out, setp);
2249 if (state->packet_timeout_ms > 0) {
2250 ms_remain = state->packet_timeout_ms;
2254 if (state->packet_timeout_ms != -1) {
2258 if ((ret = select(state->connection_out + 1,
2264 if (state->packet_timeout_ms == -1)
2290 return sshbuf_len(ssh->state->output) != 0;
2298 if (ssh->state->interactive_mode)
2299 return sshbuf_len(ssh->state->output) < 16384;
2301 return sshbuf_len(ssh->state->output) < 128 * 1024;
2314 if (setsockopt(ssh->state->connection_in,
2323 if (setsockopt(ssh->state->connection_in,
2338 struct session_state *state = ssh->state;
2340 if (state->set_interactive_called)
2342 state->set_interactive_called = 1;
2345 state->interactive_mode = interactive;
2350 set_nodelay(state->connection_in);
2360 return ssh->state->interactive_mode;
2366 struct session_state *state = ssh->state;
2368 if (state->set_maxsize_called) {
2370 state->max_packet_size, s);
2377 state->set_maxsize_called = 1;
2379 state->max_packet_size = s;
2386 return ++ssh->state->keep_alive_timeouts;
2392 ssh->state->keep_alive_timeouts = ka;
2398 return ssh->state->max_packet_size;
2436 ssh->state->rekey_limit = bytes;
2437 ssh->state->rekey_interval = seconds;
2445 seconds = ssh->state->rekey_time + ssh->state->rekey_interval -
2453 ssh->state->server_side = 1;
2459 ssh->state->after_authentication = 1;
2465 return (void *)ssh->state->input;
2471 return (void *)ssh->state->output;
2482 ssh->state->after_authentication = 1;
2483 ssh->state->rekeying = 0;
2489 /* Packet state (de-)serialization for privsep */
2491 /* turn kex into a blob for packet state serialization */
2511 /* turn key exchange results into a blob for packet state serialization */
2523 if ((newkey = ssh->state->newkeys[mode]) == NULL)
2528 cc = (mode == MODE_OUT) ? ssh->state->send_context :
2529 ssh->state->receive_context;
2557 /* serialize packet state into a blob */
2561 struct session_state *state = ssh->state;
2567 ssh1cipher = cipher_ctx_get_number(state->receive_context);
2568 slen = cipher_get_keyiv_len(state->send_context);
2569 rlen = cipher_get_keyiv_len(state->receive_context);
2570 if ((r = sshbuf_put_u32(m, state->remote_protocol_flags)) != 0 ||
2572 (r = sshbuf_put_string(m, state->ssh1_key, state->ssh1_keylen)) != 0 ||
2575 (r = cipher_get_keyiv(state->send_context, p, slen)) != 0 ||
2578 (r = cipher_get_keyiv(state->receive_context, p, rlen)) != 0)
2584 (r = sshbuf_put_u64(m, state->rekey_limit)) != 0 ||
2585 (r = sshbuf_put_u32(m, state->rekey_interval)) != 0 ||
2586 (r = sshbuf_put_u32(m, state->p_send.seqnr)) != 0 ||
2587 (r = sshbuf_put_u64(m, state->p_send.blocks)) != 0 ||
2588 (r = sshbuf_put_u32(m, state->p_send.packets)) != 0 ||
2589 (r = sshbuf_put_u64(m, state->p_send.bytes)) != 0 ||
2590 (r = sshbuf_put_u32(m, state->p_read.seqnr)) != 0 ||
2591 (r = sshbuf_put_u64(m, state->p_read.blocks)) != 0 ||
2592 (r = sshbuf_put_u32(m, state->p_read.packets)) != 0 ||
2593 (r = sshbuf_put_u64(m, state->p_read.bytes)) != 0)
2597 slen = cipher_get_keycontext(state->send_context, NULL);
2598 rlen = cipher_get_keycontext(state->receive_context, NULL);
2602 if (cipher_get_keycontext(state->send_context, p) != (int)slen)
2607 if (cipher_get_keycontext(state->receive_context, p) != (int)rlen)
2609 if ((r = sshbuf_put_stringb(m, state->input)) != 0 ||
2610 (r = sshbuf_put_stringb(m, state->output)) != 0)
2616 /* restore key exchange results from blob for packet state de-serialization */
2685 /* restore kex from blob for packet state de-serialization */
2727 * Restore packet state from content of blob 'm' (de-serialization).
2733 struct session_state *state = ssh->state;
2740 if ((r = sshbuf_get_u32(m, &state->remote_protocol_flags)) != 0 ||
2750 if (cipher_get_keyiv_len(state->send_context) != (int)slen ||
2751 cipher_get_keyiv_len(state->receive_context) != (int)rlen)
2753 if ((r = cipher_set_keyiv(state->send_context, ivout)) != 0 ||
2754 (r = cipher_set_keyiv(state->receive_context, ivin)) != 0)
2760 (r = sshbuf_get_u64(m, &state->rekey_limit)) != 0 ||
2761 (r = sshbuf_get_u32(m, &state->rekey_interval)) != 0 ||
2762 (r = sshbuf_get_u32(m, &state->p_send.seqnr)) != 0 ||
2763 (r = sshbuf_get_u64(m, &state->p_send.blocks)) != 0 ||
2764 (r = sshbuf_get_u32(m, &state->p_send.packets)) != 0 ||
2765 (r = sshbuf_get_u64(m, &state->p_send.bytes)) != 0 ||
2766 (r = sshbuf_get_u32(m, &state->p_read.seqnr)) != 0 ||
2767 (r = sshbuf_get_u64(m, &state->p_read.blocks)) != 0 ||
2768 (r = sshbuf_get_u32(m, &state->p_read.packets)) != 0 ||
2769 (r = sshbuf_get_u64(m, &state->p_read.bytes)) != 0)
2775 state->rekey_time = monotime();
2784 if (cipher_get_keycontext(state->send_context, NULL) != (int)slen ||
2785 cipher_get_keycontext(state->receive_context, NULL) != (int)rlen)
2787 cipher_set_keycontext(state->send_context, keyout);
2788 cipher_set_keycontext(state->receive_context, keyin);
2793 sshbuf_reset(state->input);
2794 sshbuf_reset(state->output);
2797 (r = sshbuf_put(state->input, input, ilen)) != 0 ||
2798 (r = sshbuf_put(state->output, output, olen)) != 0)
2814 return sshbuf_put(ssh->state->outgoing_packet, v, len);
2820 return sshbuf_putb(ssh->state->outgoing_packet, b);
2826 return sshbuf_put_u8(ssh->state->outgoing_packet, val);
2832 return sshbuf_put_u32(ssh->state->outgoing_packet, val);
2838 return sshbuf_put_u64(ssh->state->outgoing_packet, val);
2844 return sshbuf_put_string(ssh->state->outgoing_packet, v, len);
2850 return sshbuf_put_cstring(ssh->state->outgoing_packet, v);
2856 return sshbuf_put_stringb(ssh->state->outgoing_packet, v);
2864 return sshbuf_put_ec(ssh->state->outgoing_packet, v, g);
2872 return sshbuf_put_bignum1(ssh->state->outgoing_packet, v);
2879 return sshbuf_put_bignum2(ssh->state->outgoing_packet, v);
2888 return sshbuf_get(ssh->state->incoming_packet, valp, len);
2894 return sshbuf_get_u8(ssh->state->incoming_packet, valp);
2900 return sshbuf_get_u32(ssh->state->incoming_packet, valp);
2906 return sshbuf_get_u64(ssh->state->incoming_packet, valp);
2912 return sshbuf_get_string(ssh->state->incoming_packet, valp, lenp);
2918 return sshbuf_get_string_direct(ssh->state->incoming_packet, valp, lenp);
2924 return sshbuf_get_cstring(ssh->state->incoming_packet, valp, lenp);
2932 return sshbuf_get_ec(ssh->state->incoming_packet, v, g);
2940 return sshbuf_get_bignum1(ssh->state->incoming_packet, v);
2947 return sshbuf_get_bignum2(ssh->state->incoming_packet, v);
2954 if (sshbuf_len(ssh->state->incoming_packet) > 0)
2963 *lenp = sshbuf_len(ssh->state->incoming_packet);
2964 return sshbuf_ptr(ssh->state->incoming_packet);
2979 sshbuf_reset(ssh->state->outgoing_packet);
2980 return sshbuf_put(ssh->state->outgoing_packet, buf, len);
2986 struct session_state *state = ssh->state;
2993 len = sshbuf_len(state->outgoing_packet);
2996 cp = sshbuf_mutable_ptr(state->outgoing_packet);
3004 if ((r = sshbuf_putb(state->output,
3005 state->outgoing_packet)) != 0)
3007 /* sshbuf_dump(state->output, stderr); */
3009 sshbuf_reset(state->outgoing_packet);
3018 if (ssh->state && ssh->state->mux)
3057 ssh->state->extra_pad = pad;