1/* 2 * ProFTPD - mod_sftp 3 * Copyright (c) 2008-2020 TJ Saunders 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License as published by 7 * the Free Software Foundation; either version 2 of the License, or 8 * (at your option) any later version. 9 * 10 * This program is distributed in the hope that it will be useful, 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 * GNU General Public License for more details. 14 * 15 * You should have received a copy of the GNU General Public License 16 * along with this program; if not, write to the Free Software 17 * Foundation, Inc., 51 Franklin Street, Suite 500, Boston, MA 02110-1335, USA. 18 * 19 * As a special exemption, TJ Saunders and other respective copyright holders 20 * give permission to link this program with OpenSSL, and distribute the 21 * resulting executable, without including the source code for OpenSSL in the 22 * source distribution. 23 */ 24 25#ifndef MOD_SFTP_H 26#define MOD_SFTP_H 27 28#include "conf.h" 29#include "privs.h" 30 31#include <signal.h> 32 33#if HAVE_MLOCK 34# include <sys/mman.h> 35#endif 36 37#if HAVE_SYS_UIO_H 38# include <sys/uio.h> 39#endif 40 41#ifndef MAX 42# define MAX(x, y) (((x) > (y)) ? (x) : (y)) 43# define MIN(x, y) (((x) < (y)) ? (x) : (y)) 44#endif 45 46/* Define if you have the <zlib.h> header. */ 47#undef HAVE_ZLIB_H 48 49/* Define if you have OpenSSL with crippled AES support. */ 50#undef HAVE_AES_CRIPPLED_OPENSSL 51 52/* Define if you have OpenSSL with EVP_aes_256_ctr support. */ 53#undef HAVE_EVP_AES_256_CTR_OPENSSL 54 55/* Define if you have OpenSSL with SHA256 support. */ 56#undef HAVE_SHA256_OPENSSL 57 58/* Define if you have OpenSSL with SHA512 support. */ 59#undef HAVE_SHA512_OPENSSL 60 61#define MOD_SFTP_VERSION "mod_sftp/1.0.1" 62 63/* Make sure the version of proftpd is as necessary. */ 64#if PROFTPD_VERSION_NUMBER < 0x0001030402 65# error "ProFTPD 1.3.4rc2 or later required" 66#endif 67 68#include <openssl/bio.h> 69#if !defined(OPENSSL_NO_BF) 70# include <openssl/blowfish.h> 71#endif /* !OPENSSL_NO_BF */ 72#include <openssl/bn.h> 73#include <openssl/conf.h> 74#if !defined(OPENSSL_NO_DES) 75# include <openssl/des.h> 76#endif /* !OPENSSL_NO_DES */ 77#include <openssl/evp.h> 78#include <openssl/hmac.h> 79#include <openssl/x509v3.h> 80#include <openssl/err.h> 81#include <openssl/rand.h> 82#include <openssl/pem.h> 83#if !defined(OPENSSL_NO_DSA) 84# include <openssl/dsa.h> 85#endif /* !OPENSSL_NO_DSA */ 86#include <openssl/rsa.h> 87#if OPENSSL_VERSION_NUMBER > 0x000907000L 88# include <openssl/aes.h> 89# include <openssl/engine.h> 90# include <openssl/ocsp.h> 91#endif 92#ifdef PR_USE_OPENSSL_ECC 93# include <openssl/ec.h> 94# include <openssl/ecdh.h> 95#endif /* PR_USE_OPENSSL_ECC */ 96 97/* Define if you have the LibreSSL library. */ 98#if defined(LIBRESSL_VERSION_NUMBER) 99# define HAVE_LIBRESSL 1 100#endif 101 102#define SFTP_ID_PREFIX "SSH-2.0-" 103 104/* Omit the version information in the default banner. Sites wishing to use 105 * or see that version information can configure it explicitly via ServerIdent. 106 */ 107#define SFTP_ID_DEFAULT_STRING SFTP_ID_PREFIX "mod_sftp" 108 109/* mod_sftp session state flags */ 110#define SFTP_SESS_STATE_HAVE_KEX 0x00001 111#define SFTP_SESS_STATE_HAVE_SERVICE 0x00002 112#define SFTP_SESS_STATE_HAVE_AUTH 0x00004 113#define SFTP_SESS_STATE_REKEYING 0x00008 114#define SFTP_SESS_STATE_HAVE_EXT_INFO 0x00010 115 116/* mod_sftp option flags */ 117#define SFTP_OPT_IGNORE_SFTP_UPLOAD_PERMS 0x00001 118#define SFTP_OPT_IGNORE_SCP_UPLOAD_PERMS 0x00002 119#define SFTP_OPT_PESSIMISTIC_KEXINIT 0x00004 120#define SFTP_OPT_OLD_PROTO_COMPAT 0x00008 121#define SFTP_OPT_MATCH_KEY_SUBJECT 0x00010 122#define SFTP_OPT_IGNORE_SFTP_SET_PERMS 0x00020 123#define SFTP_OPT_IGNORE_SFTP_SET_TIMES 0x00040 124#define SFTP_OPT_IGNORE_SFTP_SET_OWNERS 0x00080 125#define SFTP_OPT_IGNORE_SCP_UPLOAD_TIMES 0x00100 126#define SFTP_OPT_ALLOW_INSECURE_LOGIN 0x00200 127#define SFTP_OPT_INSECURE_HOSTKEY_PERMS 0x00400 128#define SFTP_OPT_ALLOW_WEAK_DH 0x00800 129#define SFTP_OPT_IGNORE_FIFOS 0x01000 130#define SFTP_OPT_IGNORE_SFTP_UPLOAD_XATTRS 0x02000 131#define SFTP_OPT_IGNORE_SFTP_SET_XATTRS 0x04000 132#define SFTP_OPT_INCLUDE_SFTP_TIMES 0x08000 133#define SFTP_OPT_NO_EXT_INFO 0x10000 134 135/* mod_sftp service flags */ 136#define SFTP_SERVICE_FL_SFTP 0x0001 137#define SFTP_SERVICE_FL_SCP 0x0002 138#define SFTP_SERVICE_FL_DATE 0x0004 139 140#define SFTP_SERVICE_DEFAULT \ 141 (SFTP_SERVICE_FL_SFTP|SFTP_SERVICE_FL_SCP) 142 143/* mod_sftp roles */ 144#define SFTP_ROLE_SERVER 1 145#define SFTP_ROLE_CLIENT 2 146 147/* Miscellaneous */ 148extern int sftp_logfd; 149extern const char *sftp_logname; 150extern pool *sftp_pool; 151extern conn_t *sftp_conn; 152extern unsigned int sftp_sess_state; 153extern unsigned long sftp_opts; 154extern unsigned int sftp_services; 155 156/* Used by other SFTP modules (e.g. mod_sftp_pam) for sending USERAUTH_BANNER 157 * messages to the client. 158 */ 159int sftp_auth_send_banner(const char *); 160 161/* API for modules that which to register "keyboard-interactive" auth 162 * drivers (see RFC4256). 163 */ 164 165typedef struct { 166 const char *challenge; 167 168 /* TRUE or FALSE, depending on whether the user's response should be 169 * displayed back to them (TRUE), or hidden (FALSE). 170 */ 171 char display_response; 172 173} sftp_kbdint_challenge_t; 174 175typedef struct kbdint_st { 176 const char *driver_name; 177 178 /* Memory pool for this driver */ 179 pool *driver_pool; 180 181 /* Arbitrary driver-specific data */ 182 void *driver_data; 183 184 /* Open the driver for authentication. The user argument is the name of the 185 * user being authenticated. Returns zero on success, -1 otherwise 186 * (with errno set appropriately). 187 */ 188 int (*open)(struct kbdint_st *driver, const char *user); 189 190 /* Authenticate the given user. The driver can use the following 191 * functions for writing and reading the driver challenge/response data 192 * to and from the client: 193 * 194 * sftp_kbdint_send_challenge() 195 * sftp_kbdint_read_response() 196 * 197 * The array_header argument to the read_response() function will be 198 * populated with strings from the client. 199 * 200 * Returns zero on success, -1 otherwise (with errno set appropriately). 201 */ 202 int (*authenticate)(struct kbdint_st *driver, const char *user); 203 204 /* Close the driver, clean up any allocated resources. Returns 205 * zero on success, -1 otherwise (with errno set appropriately). 206 */ 207 int (*close)(struct kbdint_st *driver); 208 209} sftp_kbdint_driver_t; 210 211int sftp_kbdint_register_driver(const char *name, sftp_kbdint_driver_t *driver); 212int sftp_kbdint_unregister_driver(const char *name); 213int sftp_kbdint_send_challenge(const char *, const char *, uint32_t, 214 sftp_kbdint_challenge_t *); 215int sftp_kbdint_recv_response(pool *, uint32_t, uint32_t *, 216 const char ***); 217 218/* API for modules that which to register keystores, for the 219 * SFTPAuthorizedHostKeys and SFTPAuthorizedUserKeys directives. 220 */ 221 222typedef struct keystore_st { 223 /* Memory pool for this keystore. */ 224 pool *keystore_pool; 225 226 /* Arbitrary keystore-specific data. */ 227 void *keystore_data; 228 229 /* The type of keys (host, user) that this store can handle. */ 230 unsigned int store_ktypes; 231 232 /* Verify the given host key. Returns zero on success, -1 otherwise. */ 233 int (*verify_host_key)(struct keystore_st *store, pool *p, const char *user, 234 const char *host_fqdn, const char *host_user, unsigned char *host_key, 235 uint32_t host_keylen); 236 237 /* Verify the given user key. Returns zero on success, -1 otherwise. */ 238 int (*verify_user_key)(struct keystore_st *store, pool *p, const char *user, 239 unsigned char *user_key, uint32_t user_keylen); 240 241 /* Close this keystore, clean up any allocated resources. Returns 242 * zero on success, -1 otherwise (with errno set appropriately). 243 */ 244 int (*store_close)(struct keystore_st *store); 245 246} sftp_keystore_t; 247 248#define SFTP_SSH2_HOST_KEY_STORE 0x01 249#define SFTP_SSH2_USER_KEY_STORE 0x02 250 251int sftp_keystore_register_store(const char *, 252 sftp_keystore_t *(*store_open)(pool *, int, const char *, const char *), 253 unsigned int); 254int sftp_keystore_unregister_store(const char *, unsigned int); 255 256/* For use by keystore backend modules. */ 257int sftp_keys_compare_keys(pool *, unsigned char *, uint32_t, unsigned char *, 258 uint32_t); 259 260/* These strings are part of any RFC4716 key; thus they will be needed by 261 * any keystore backend modules. 262 */ 263#define SFTP_SSH2_PUBKEY_BEGIN_MARKER "---- BEGIN SSH2 PUBLIC KEY ----" 264#define SFTP_SSH2_PUBKEY_END_MARKER "---- END SSH2 PUBLIC KEY ----" 265 266/* For use by other SFTP modules. */ 267const char *sftp_crypto_get_errors(void); 268 269/* For use by other modules to register 'exec' channel request handlers. 270 * 271 * Note that the implementation currently assumes that the registering module 272 * is registering its callbacks from a session process, i.e. post-fork(2). 273 * That is why there is no corresponding unregister function at present. 274 */ 275int sftp_channel_register_exec_handler(module *, const char *, 276 int (*set_params)(pool *, uint32_t, array_header *), 277 int (*prep_chan)(uint32_t), 278 int (*postopen_chan)(uint32_t), 279 int (*handle_pkt)(pool *, void *, uint32_t, unsigned char *, uint32_t), 280 int (*finish_chan)(uint32_t), 281 int (**write_data)(pool *, uint32_t, unsigned char *, uint32_t)); 282 283#endif 284