1 /*
2  * ProFTPD - mod_sftp interoperability
3  * Copyright (c) 2008-2016 TJ Saunders
4  *
5  * This program is free software; you can redistribute it and/or modify
6  * it under the terms of the GNU General Public License as published by
7  * the Free Software Foundation; either version 2 of the License, or
8  * (at your option) any later version.
9  *
10  * This program is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
13  * GNU General Public License for more details.
14  *
15  * You should have received a copy of the GNU General Public License
16  * along with this program; if not, write to the Free Software
17  * Foundation, Inc., 51 Franklin Street, Suite 500, Boston, MA 02110-1335, USA.
18  *
19  * As a special exemption, TJ Saunders and other respective copyright holders
20  * give permission to link this program with OpenSSL, and distribute the
21  * resulting executable, without including the source code for OpenSSL in the
22  * source distribution.
23  */
24 
25 #ifndef MOD_SFTP_INTEROP_H
26 #define MOD_SFTP_INTEROP_H
27 
28 #include "mod_sftp.h"
29 
30 /* For clients which do not support IGNORE packets */
31 #define SFTP_SSH2_FEAT_IGNORE_MSG			0x0001
32 
33 /* For clients which always truncate the HMAC len to 16 bits, regardless
34  * of the actual HMAC len.
35  */
36 #define SFTP_SSH2_FEAT_MAC_LEN				0x0002
37 
38 /* For clients which do not include K when deriving cipher keys. */
39 #define SFTP_SSH2_FEAT_CIPHER_USE_K			0x0004
40 
41 /* For clients which do not support rekeying */
42 #define SFTP_SSH2_FEAT_REKEYING				0x0008
43 
44 /* For clients which do not support USERAUTH_BANNER packets */
45 #define SFTP_SSH2_FEAT_USERAUTH_BANNER			0x0010
46 
47 /* For clients which do not send a string indicating the public key
48  * algorithm in their publickey authentication requests.  This also
49  * includes clients which do not use the string "publickey", and the
50  * string for the public key algorithm, in the public key signature
51  * (as dictated by Section 7 of RFC4252).
52  */
53 #define SFTP_SSH2_FEAT_HAVE_PUBKEY_ALGO			0x0020
54 
55 /* For clients whose publickey signatures always use a service name of
56  * "ssh-userauth", regardless of the actual service name included in the
57  * USERAUTH_REQUEST packet.
58  */
59 #define SFTP_SSH2_FEAT_SERVICE_IN_PUBKEY_SIG		0x0040
60 
61 /* For clients whose DSA publickey signatures do not include the string
62  * "ssh-dss".
63  */
64 #define SFTP_SSH2_FEAT_HAVE_PUBKEY_ALGO_IN_DSA_SIG	0x0080
65 
66 /* For clients whose hostbased signatures always use a service name of
67  * "ssh-userauth", regardless of the actual service name included in the
68  * USERAUTH_REQUEST packet.
69  */
70 #define SFTP_SSH2_FEAT_SERVICE_IN_HOST_SIG		0x0100
71 
72 /* For clients that want the server to pessimistically send its NEWKEYS message
73  * after they send their NEWKEYS message.
74  */
75 #define SFTP_SSH2_FEAT_PESSIMISTIC_NEWKEYS		0x0200
76 
77 /* For clients which cannot/do not tolerate non-kex related packets after a
78  * server has requested rekeying.
79  */
80 #define SFTP_SSH2_FEAT_NO_DATA_WHILE_REKEYING		0x0400
81 
82 /* For scanners. */
83 #define SFTP_SSH2_FEAT_SCANNER				0xfffe
84 
85 /* For probes. */
86 #define SFTP_SSH2_FEAT_PROBE				0xffff
87 
88 /* Compares the given client version string against a table of known client
89  * client versions and their interoperability/compatibility issues.
90  */
91 int sftp_interop_handle_version(pool *, const char *);
92 
93 /* Returns TRUE if the client supports the requested feature, FALSE
94  * otherwise.
95  */
96 int sftp_interop_supports_feature(int);
97 
98 int sftp_interop_init(void);
99 int sftp_interop_free(void);
100 
101 #endif /* MOD_SFTP_INTEROP_H */
102