libssh implementation

.gitignore

@@ -15,6 +15,7 @@ platformio-device-monitor-*.log
 
 # ESP-IDF SDK configuration file
 sdkconfig
+sdkconfig.fujinet-atari-v1
 sdkconfig.fujinet-v1
 sdkconfig.fujinet-v1-8mb
 sdkconfig.fujinet-v1-4mb

include/version.h

@@ -10,8 +10,8 @@
 #define FN_VERSION_MAJOR 0
 #define FN_VERSION_MINOR 5
 
-#define FN_VERSION_BUILD "b094007d"
+#define FN_VERSION_BUILD "e1c1a4f3"
 
-#define FN_VERSION_DATE "2022-10-22 04:40:45"
+#define FN_VERSION_DATE "2022-11-05 17:28:03"
 
-#define FN_VERSION_FULL "0.5.b094007d"
+#define FN_VERSION_FULL "0.5.e1c1a4f3"

lib/device/sio/modem.h

@@ -1,12 +1,15 @@
 #ifndef MODEM_H
 #define MODEM_H
 
+// usually provided by esp32sshclient
+#include <string.h>
+
 #include "bus.h"
 #include "fnTcpClient.h"
 #include "fnTcpServer.h"
 #include "modem-sniffer.h"
 #include "libtelnet.h"
-#include "esp32sshclient.h"
+// #include "esp32sshclient.h"
 
 
 /* Keep strings under 40 characters, for the benefit of 40-column users! */
@@ -175,7 +178,7 @@ class sioModem : public virtualDevice
     bool use_telnet=false;          // Use telnet mode?
     bool do_echo;                   // telnet echo toggle.
     string term_type;               // telnet terminal type.
-    ESP32SSHCLIENT ssh;             // ssh instance.
+    // ESP32SSHCLIENT ssh;             // ssh instance.
     long answerTimer;
     bool answered=false;
 

lib/libssh/include/libssh/agent.h

@@ -0,0 +1,120 @@
+/*
+ * This file is part of the SSH Library
+ *
+ * Copyright (c) 2008-2009 Andreas Schneider <[email protected]>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ */
+
+#ifndef __AGENT_H
+#define __AGENT_H
+
+#include "libssh/libssh.h"
+
+/* Messages for the authentication agent connection. */
+#define SSH_AGENTC_REQUEST_RSA_IDENTITIES        1
+#define SSH_AGENT_RSA_IDENTITIES_ANSWER          2
+#define SSH_AGENTC_RSA_CHALLENGE                 3
+#define SSH_AGENT_RSA_RESPONSE                   4
+#define SSH_AGENT_FAILURE                        5
+#define SSH_AGENT_SUCCESS                        6
+#define SSH_AGENTC_ADD_RSA_IDENTITY              7
+#define SSH_AGENTC_REMOVE_RSA_IDENTITY           8
+#define SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES     9
+
+/* private OpenSSH extensions for SSH2 */
+#define SSH2_AGENTC_REQUEST_IDENTITIES           11
+#define SSH2_AGENT_IDENTITIES_ANSWER             12
+#define SSH2_AGENTC_SIGN_REQUEST                 13
+#define SSH2_AGENT_SIGN_RESPONSE                 14
+#define SSH2_AGENTC_ADD_IDENTITY                 17
+#define SSH2_AGENTC_REMOVE_IDENTITY              18
+#define SSH2_AGENTC_REMOVE_ALL_IDENTITIES        19
+
+/* smartcard */
+#define SSH_AGENTC_ADD_SMARTCARD_KEY             20
+#define SSH_AGENTC_REMOVE_SMARTCARD_KEY          21
+
+/* lock/unlock the agent */
+#define SSH_AGENTC_LOCK                          22
+#define SSH_AGENTC_UNLOCK                        23
+
+/* add key with constraints */
+#define SSH_AGENTC_ADD_RSA_ID_CONSTRAINED        24
+#define SSH2_AGENTC_ADD_ID_CONSTRAINED           25
+#define SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED 26
+
+#define SSH_AGENT_CONSTRAIN_LIFETIME             1
+#define SSH_AGENT_CONSTRAIN_CONFIRM              2
+
+/* extended failure messages */
+#define SSH2_AGENT_FAILURE                       30
+
+/* additional error code for ssh.com's ssh-agent2 */
+#define SSH_COM_AGENT2_FAILURE                   102
+
+#define SSH_AGENT_OLD_SIGNATURE                  0x01
+/* Signature flags from draft-miller-ssh-agent-02 */
+#define SSH_AGENT_RSA_SHA2_256                   0x02
+#define SSH_AGENT_RSA_SHA2_512                   0x04
+
+struct ssh_agent_struct {
+  struct ssh_socket_struct *sock;
+  ssh_buffer ident;
+  unsigned int count;
+  ssh_channel channel;
+};
+
+#ifndef _WIN32
+/* agent.c */
+/**
+ * @brief Create a new ssh agent structure.
+ *
+ * @return An allocated ssh agent structure or NULL on error.
+ */
+struct ssh_agent_struct *ssh_agent_new(struct ssh_session_struct *session);
+
+void ssh_agent_close(struct ssh_agent_struct *agent);
+
+/**
+ * @brief Free an allocated ssh agent structure.
+ *
+ * @param agent The ssh agent structure to free.
+ */
+void ssh_agent_free(struct ssh_agent_struct *agent);
+
+/**
+ * @brief Check if the ssh agent is running.
+ *
+ * @param session The ssh session to check for the agent.
+ *
+ * @return 1 if it is running, 0 if not.
+ */
+int ssh_agent_is_running(struct ssh_session_struct *session);
+
+uint32_t ssh_agent_get_ident_count(struct ssh_session_struct *session);
+
+ssh_key ssh_agent_get_next_ident(struct ssh_session_struct *session,
+                                 char **comment);
+
+ssh_key ssh_agent_get_first_ident(struct ssh_session_struct *session,
+                                  char **comment);
+
+ssh_string ssh_agent_sign_data(ssh_session session,
+                               const ssh_key pubkey,
+                               struct ssh_buffer_struct *data);
+#endif
+
+#endif /* __AGENT_H */

lib/libssh/include/libssh/auth.h

@@ -0,0 +1,103 @@
+/*
+ * This file is part of the SSH Library
+ *
+ * Copyright (c) 2009 by Aris Adamantiadis
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ */
+
+#ifndef AUTH_H_
+#define AUTH_H_
+#include "config.h"
+#include "libssh/callbacks.h"
+
+SSH_PACKET_CALLBACK(ssh_packet_userauth_banner);
+SSH_PACKET_CALLBACK(ssh_packet_userauth_failure);
+SSH_PACKET_CALLBACK(ssh_packet_userauth_success);
+SSH_PACKET_CALLBACK(ssh_packet_userauth_pk_ok);
+SSH_PACKET_CALLBACK(ssh_packet_userauth_info_request);
+SSH_PACKET_CALLBACK(ssh_packet_userauth_info_response);
+
+/** @internal
+ * kdbint structure must be shared with message.c
+ * and server.c
+ */
+struct ssh_kbdint_struct {
+    uint32_t nprompts;
+    uint32_t nanswers;
+    char *name;
+    char *instruction;
+    char **prompts;
+    unsigned char *echo; /* bool array */
+    char **answers;
+};
+typedef struct ssh_kbdint_struct* ssh_kbdint;
+
+ssh_kbdint ssh_kbdint_new(void);
+void ssh_kbdint_clean(ssh_kbdint kbd);
+void ssh_kbdint_free(ssh_kbdint kbd);
+
+/** @internal
+ * States of authentication in the client-side. They describe
+ * what was the last response from the server
+ */
+enum ssh_auth_state_e {
+  /** No authentication asked */
+  SSH_AUTH_STATE_NONE=0,
+  /** Last authentication response was a partial success */
+  SSH_AUTH_STATE_PARTIAL,
+  /** Last authentication response was a success */
+  SSH_AUTH_STATE_SUCCESS,
+  /** Last authentication response was failed */
+  SSH_AUTH_STATE_FAILED,
+  /** Last authentication was erroneous */
+  SSH_AUTH_STATE_ERROR,
+  /** Last state was a keyboard-interactive ask for info */
+  SSH_AUTH_STATE_INFO,
+  /** Last state was a public key accepted for authentication */
+  SSH_AUTH_STATE_PK_OK,
+  /** We asked for a keyboard-interactive authentication */
+  SSH_AUTH_STATE_KBDINT_SENT,
+  /** We have sent an userauth request with gssapi-with-mic */
+  SSH_AUTH_STATE_GSSAPI_REQUEST_SENT,
+  /** We are exchanging tokens until authentication */
+  SSH_AUTH_STATE_GSSAPI_TOKEN,
+  /** We have sent the MIC and expecting to be authenticated */
+  SSH_AUTH_STATE_GSSAPI_MIC_SENT,
+  /** We have offered a pubkey to check if it is supported */
+  SSH_AUTH_STATE_PUBKEY_OFFER_SENT,
+  /** We have sent pubkey and signature expecting to be authenticated */
+  SSH_AUTH_STATE_PUBKEY_AUTH_SENT,
+  /** We have sent a password expecting to be authenticated */
+  SSH_AUTH_STATE_PASSWORD_AUTH_SENT,
+  /** We have sent a request without auth information (method 'none') */
+  SSH_AUTH_STATE_AUTH_NONE_SENT,
+};
+
+/** @internal
+ * @brief states of the authentication service request
+ */
+enum ssh_auth_service_state_e {
+  /** initial state */
+  SSH_AUTH_SERVICE_NONE=0,
+  /** Authentication service request packet sent */
+  SSH_AUTH_SERVICE_SENT,
+  /** Service accepted */
+  SSH_AUTH_SERVICE_ACCEPTED,
+  /** Access to service denied (fatal) */
+  SSH_AUTH_SERVICE_DENIED,
+};
+
+#endif /* AUTH_H_ */

lib/libssh/include/libssh/bignum.h

@@ -0,0 +1,33 @@
+/*
+ * This file is part of the SSH Library
+ *
+ * Copyright (c) 2014 by Aris Adamantiadis <[email protected]>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ */
+
+#ifndef BIGNUM_H_
+#define BIGNUM_H_
+
+#include "libssh/libcrypto.h"
+#include "libssh/libgcrypt.h"
+#include "libssh/libmbedcrypto.h"
+
+bignum ssh_make_string_bn(ssh_string string);
+ssh_string ssh_make_bignum_string(bignum num);
+void ssh_print_bignum(const char *which, const_bignum num);
+
+
+#endif /* BIGNUM_H_ */

lib/libssh/include/libssh/bind.h

@@ -0,0 +1,59 @@
+/*
+ * This file is part of the SSH Library
+ *
+ * Copyright (c) 2010 by Aris Adamantiadis
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ */
+
+#ifndef BIND_H_
+#define BIND_H_
+
+#include "libssh/priv.h"
+#include "libssh/kex.h"
+#include "libssh/session.h"
+
+struct ssh_bind_struct {
+  struct ssh_common_struct common; /* stuff common to ssh_bind and ssh_session */
+  struct ssh_bind_callbacks_struct *bind_callbacks;
+  void *bind_callbacks_userdata;
+
+  struct ssh_poll_handle_struct *poll;
+  /* options */
+  char *wanted_methods[SSH_KEX_METHODS];
+  char *banner;
+  char *ecdsakey;
+  char *dsakey;
+  char *rsakey;
+  char *ed25519key;
+  ssh_key ecdsa;
+  ssh_key dsa;
+  ssh_key rsa;
+  ssh_key ed25519;
+  char *bindaddr;
+  socket_t bindfd;
+  unsigned int bindport;
+  int blocking;
+  int toaccept;
+  bool config_processed;
+  char *config_dir;
+  char *pubkey_accepted_key_types;
+};
+
+struct ssh_poll_handle_struct *ssh_bind_get_poll(struct ssh_bind_struct
+    *sshbind);
+
+
+#endif /* BIND_H_ */