1 /* 2 * ProFTPD - mod_sftp interoperability 3 * Copyright (c) 2008-2016 TJ Saunders 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License as published by 7 * the Free Software Foundation; either version 2 of the License, or 8 * (at your option) any later version. 9 * 10 * This program is distributed in the hope that it will be useful, 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 * GNU General Public License for more details. 14 * 15 * You should have received a copy of the GNU General Public License 16 * along with this program; if not, write to the Free Software 17 * Foundation, Inc., 51 Franklin Street, Suite 500, Boston, MA 02110-1335, USA. 18 * 19 * As a special exemption, TJ Saunders and other respective copyright holders 20 * give permission to link this program with OpenSSL, and distribute the 21 * resulting executable, without including the source code for OpenSSL in the 22 * source distribution. 23 */ 24 25 #ifndef MOD_SFTP_INTEROP_H 26 #define MOD_SFTP_INTEROP_H 27 28 #include "mod_sftp.h" 29 30 /* For clients which do not support IGNORE packets */ 31 #define SFTP_SSH2_FEAT_IGNORE_MSG 0x0001 32 33 /* For clients which always truncate the HMAC len to 16 bits, regardless 34 * of the actual HMAC len. 35 */ 36 #define SFTP_SSH2_FEAT_MAC_LEN 0x0002 37 38 /* For clients which do not include K when deriving cipher keys. */ 39 #define SFTP_SSH2_FEAT_CIPHER_USE_K 0x0004 40 41 /* For clients which do not support rekeying */ 42 #define SFTP_SSH2_FEAT_REKEYING 0x0008 43 44 /* For clients which do not support USERAUTH_BANNER packets */ 45 #define SFTP_SSH2_FEAT_USERAUTH_BANNER 0x0010 46 47 /* For clients which do not send a string indicating the public key 48 * algorithm in their publickey authentication requests. This also 49 * includes clients which do not use the string "publickey", and the 50 * string for the public key algorithm, in the public key signature 51 * (as dictated by Section 7 of RFC4252). 52 */ 53 #define SFTP_SSH2_FEAT_HAVE_PUBKEY_ALGO 0x0020 54 55 /* For clients whose publickey signatures always use a service name of 56 * "ssh-userauth", regardless of the actual service name included in the 57 * USERAUTH_REQUEST packet. 58 */ 59 #define SFTP_SSH2_FEAT_SERVICE_IN_PUBKEY_SIG 0x0040 60 61 /* For clients whose DSA publickey signatures do not include the string 62 * "ssh-dss". 63 */ 64 #define SFTP_SSH2_FEAT_HAVE_PUBKEY_ALGO_IN_DSA_SIG 0x0080 65 66 /* For clients whose hostbased signatures always use a service name of 67 * "ssh-userauth", regardless of the actual service name included in the 68 * USERAUTH_REQUEST packet. 69 */ 70 #define SFTP_SSH2_FEAT_SERVICE_IN_HOST_SIG 0x0100 71 72 /* For clients that want the server to pessimistically send its NEWKEYS message 73 * after they send their NEWKEYS message. 74 */ 75 #define SFTP_SSH2_FEAT_PESSIMISTIC_NEWKEYS 0x0200 76 77 /* For clients which cannot/do not tolerate non-kex related packets after a 78 * server has requested rekeying. 79 */ 80 #define SFTP_SSH2_FEAT_NO_DATA_WHILE_REKEYING 0x0400 81 82 /* For scanners. */ 83 #define SFTP_SSH2_FEAT_SCANNER 0xfffe 84 85 /* For probes. */ 86 #define SFTP_SSH2_FEAT_PROBE 0xffff 87 88 /* Compares the given client version string against a table of known client 89 * client versions and their interoperability/compatibility issues. 90 */ 91 int sftp_interop_handle_version(pool *, const char *); 92 93 /* Returns TRUE if the client supports the requested feature, FALSE 94 * otherwise. 95 */ 96 int sftp_interop_supports_feature(int); 97 98 int sftp_interop_init(void); 99 int sftp_interop_free(void); 100 101 #endif /* MOD_SFTP_INTEROP_H */ 102