xref: /openssh-portable/ssh2.h (revision 076cb616)
1*076cb616Sdtucker@openbsd.org /* $OpenBSD: ssh2.h,v 1.19 2020/11/19 23:05:05 dtucker Exp $ */
205764b92SBen Lindstrom 
3b38eff8eSDamien Miller /*
4e4340be5SDamien Miller  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
5e4340be5SDamien Miller  *
6e4340be5SDamien Miller  * Redistribution and use in source and binary forms, with or without
7e4340be5SDamien Miller  * modification, are permitted provided that the following conditions
8e4340be5SDamien Miller  * are met:
9e4340be5SDamien Miller  * 1. Redistributions of source code must retain the above copyright
10e4340be5SDamien Miller  *    notice, this list of conditions and the following disclaimer.
11e4340be5SDamien Miller  * 2. Redistributions in binary form must reproduce the above copyright
12e4340be5SDamien Miller  *    notice, this list of conditions and the following disclaimer in the
13e4340be5SDamien Miller  *    documentation and/or other materials provided with the distribution.
14e4340be5SDamien Miller  *
15e4340be5SDamien Miller  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16e4340be5SDamien Miller  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17e4340be5SDamien Miller  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18e4340be5SDamien Miller  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
19e4340be5SDamien Miller  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20e4340be5SDamien Miller  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21e4340be5SDamien Miller  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22e4340be5SDamien Miller  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23e4340be5SDamien Miller  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24e4340be5SDamien Miller  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25e4340be5SDamien Miller  */
26e4340be5SDamien Miller 
27e4340be5SDamien Miller /*
28*076cb616Sdtucker@openbsd.org  * RFC4251:
29b38eff8eSDamien Miller  *
30b38eff8eSDamien Miller  *   Transport layer protocol:
31b38eff8eSDamien Miller  *
32b38eff8eSDamien Miller  *     1-19     Transport layer generic (e.g. disconnect, ignore, debug,
33b38eff8eSDamien Miller  *              etc)
34b38eff8eSDamien Miller  *     20-29    Algorithm negotiation
35b38eff8eSDamien Miller  *     30-49    Key exchange method specific (numbers can be reused for
36b38eff8eSDamien Miller  *              different authentication methods)
37b38eff8eSDamien Miller  *
38b38eff8eSDamien Miller  *   User authentication protocol:
39b38eff8eSDamien Miller  *
40b38eff8eSDamien Miller  *     50-59    User authentication generic
41b38eff8eSDamien Miller  *     60-79    User authentication method specific (numbers can be reused
42b38eff8eSDamien Miller  *              for different authentication methods)
43b38eff8eSDamien Miller  *
44b38eff8eSDamien Miller  *   Connection protocol:
45b38eff8eSDamien Miller  *
46b38eff8eSDamien Miller  *     80-89    Connection protocol generic
47b38eff8eSDamien Miller  *     90-127   Channel related messages
48b38eff8eSDamien Miller  *
49b38eff8eSDamien Miller  *   Reserved for client protocols:
50b38eff8eSDamien Miller  *
51b38eff8eSDamien Miller  *     128-191  Reserved
52b38eff8eSDamien Miller  *
53b38eff8eSDamien Miller  *   Local extensions:
54b38eff8eSDamien Miller  *
55b38eff8eSDamien Miller  *     192-255  Local extensions
56b38eff8eSDamien Miller  */
5784b8ab3eSDamien Miller 
5805164541Smarkus@openbsd.org /* special marker for no message */
5905164541Smarkus@openbsd.org 
6005164541Smarkus@openbsd.org #define SSH_MSG_NONE					0
6105164541Smarkus@openbsd.org 
6284b8ab3eSDamien Miller /* ranges */
6384b8ab3eSDamien Miller 
6484b8ab3eSDamien Miller #define SSH2_MSG_TRANSPORT_MIN				1
6584b8ab3eSDamien Miller #define SSH2_MSG_TRANSPORT_MAX				49
6684b8ab3eSDamien Miller #define SSH2_MSG_USERAUTH_MIN				50
6784b8ab3eSDamien Miller #define SSH2_MSG_USERAUTH_MAX				79
68f84cc634SDamien Miller #define SSH2_MSG_USERAUTH_PER_METHOD_MIN		60
69f84cc634SDamien Miller #define SSH2_MSG_USERAUTH_PER_METHOD_MAX		SSH2_MSG_USERAUTH_MAX
7084b8ab3eSDamien Miller #define SSH2_MSG_CONNECTION_MIN				80
7184b8ab3eSDamien Miller #define SSH2_MSG_CONNECTION_MAX				127
7284b8ab3eSDamien Miller #define SSH2_MSG_RESERVED_MIN				128
7384b8ab3eSDamien Miller #define SSH2_MSG_RESERVED_MAX				191
7484b8ab3eSDamien Miller #define SSH2_MSG_LOCAL_MIN				192
7584b8ab3eSDamien Miller #define SSH2_MSG_LOCAL_MAX				255
7684b8ab3eSDamien Miller #define SSH2_MSG_MIN					1
7784b8ab3eSDamien Miller #define SSH2_MSG_MAX					255
78b38eff8eSDamien Miller 
79b38eff8eSDamien Miller /* transport layer: generic */
80b38eff8eSDamien Miller 
81b38eff8eSDamien Miller #define SSH2_MSG_DISCONNECT				1
82b38eff8eSDamien Miller #define SSH2_MSG_IGNORE					2
83b38eff8eSDamien Miller #define SSH2_MSG_UNIMPLEMENTED				3
84b38eff8eSDamien Miller #define SSH2_MSG_DEBUG					4
85b38eff8eSDamien Miller #define SSH2_MSG_SERVICE_REQUEST			5
86b38eff8eSDamien Miller #define SSH2_MSG_SERVICE_ACCEPT				6
8776c9fbbeSmarkus@openbsd.org #define SSH2_MSG_EXT_INFO				7
88b38eff8eSDamien Miller 
89b38eff8eSDamien Miller /* transport layer: alg negotiation */
90b38eff8eSDamien Miller 
91b38eff8eSDamien Miller #define SSH2_MSG_KEXINIT				20
92b38eff8eSDamien Miller #define SSH2_MSG_NEWKEYS				21
93b38eff8eSDamien Miller 
94b38eff8eSDamien Miller /* transport layer: kex specific messages, can be reused */
95b38eff8eSDamien Miller 
96b38eff8eSDamien Miller #define SSH2_MSG_KEXDH_INIT				30
97b38eff8eSDamien Miller #define SSH2_MSG_KEXDH_REPLY				31
98b38eff8eSDamien Miller 
99874d77bbSDamien Miller /* dh-group-exchange */
100df221391SBen Lindstrom #define SSH2_MSG_KEX_DH_GEX_REQUEST_OLD			30
101874d77bbSDamien Miller #define SSH2_MSG_KEX_DH_GEX_GROUP			31
102874d77bbSDamien Miller #define SSH2_MSG_KEX_DH_GEX_INIT			32
103874d77bbSDamien Miller #define SSH2_MSG_KEX_DH_GEX_REPLY			33
104df221391SBen Lindstrom #define SSH2_MSG_KEX_DH_GEX_REQUEST			34
105874d77bbSDamien Miller 
106eb8b60e3SDamien Miller /* ecdh */
107eb8b60e3SDamien Miller #define SSH2_MSG_KEX_ECDH_INIT				30
108eb8b60e3SDamien Miller #define SSH2_MSG_KEX_ECDH_REPLY				31
109eb8b60e3SDamien Miller 
110b38eff8eSDamien Miller /* user authentication: generic */
111b38eff8eSDamien Miller 
112b38eff8eSDamien Miller #define SSH2_MSG_USERAUTH_REQUEST			50
113b38eff8eSDamien Miller #define SSH2_MSG_USERAUTH_FAILURE			51
114b38eff8eSDamien Miller #define SSH2_MSG_USERAUTH_SUCCESS			52
115b38eff8eSDamien Miller #define SSH2_MSG_USERAUTH_BANNER			53
116b38eff8eSDamien Miller 
117b38eff8eSDamien Miller /* user authentication: method specific, can be reused */
118b38eff8eSDamien Miller 
119b38eff8eSDamien Miller #define SSH2_MSG_USERAUTH_PK_OK				60
120b38eff8eSDamien Miller #define SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ		60
121b38eff8eSDamien Miller #define SSH2_MSG_USERAUTH_INFO_REQUEST			60
122b38eff8eSDamien Miller #define SSH2_MSG_USERAUTH_INFO_RESPONSE			61
123b38eff8eSDamien Miller 
124b38eff8eSDamien Miller /* connection protocol: generic */
125b38eff8eSDamien Miller 
126b38eff8eSDamien Miller #define SSH2_MSG_GLOBAL_REQUEST				80
127b38eff8eSDamien Miller #define SSH2_MSG_REQUEST_SUCCESS			81
128b38eff8eSDamien Miller #define SSH2_MSG_REQUEST_FAILURE			82
129b38eff8eSDamien Miller 
130b38eff8eSDamien Miller /* channel related messages */
131b38eff8eSDamien Miller 
132b38eff8eSDamien Miller #define SSH2_MSG_CHANNEL_OPEN				90
133b38eff8eSDamien Miller #define SSH2_MSG_CHANNEL_OPEN_CONFIRMATION		91
134b38eff8eSDamien Miller #define SSH2_MSG_CHANNEL_OPEN_FAILURE			92
135b38eff8eSDamien Miller #define SSH2_MSG_CHANNEL_WINDOW_ADJUST			93
136b38eff8eSDamien Miller #define SSH2_MSG_CHANNEL_DATA				94
137b38eff8eSDamien Miller #define SSH2_MSG_CHANNEL_EXTENDED_DATA			95
138b38eff8eSDamien Miller #define SSH2_MSG_CHANNEL_EOF				96
139b38eff8eSDamien Miller #define SSH2_MSG_CHANNEL_CLOSE				97
140b38eff8eSDamien Miller #define SSH2_MSG_CHANNEL_REQUEST			98
141b38eff8eSDamien Miller #define SSH2_MSG_CHANNEL_SUCCESS			99
142b38eff8eSDamien Miller #define SSH2_MSG_CHANNEL_FAILURE			100
143b38eff8eSDamien Miller 
144b38eff8eSDamien Miller /* disconnect reason code */
145b38eff8eSDamien Miller 
146b38eff8eSDamien Miller #define SSH2_DISCONNECT_HOST_NOT_ALLOWED_TO_CONNECT	1
147b38eff8eSDamien Miller #define SSH2_DISCONNECT_PROTOCOL_ERROR			2
148b38eff8eSDamien Miller #define SSH2_DISCONNECT_KEY_EXCHANGE_FAILED		3
149b38eff8eSDamien Miller #define SSH2_DISCONNECT_HOST_AUTHENTICATION_FAILED	4
150dcb6ecd1SDamien Miller #define SSH2_DISCONNECT_RESERVED			4
151b38eff8eSDamien Miller #define SSH2_DISCONNECT_MAC_ERROR			5
152b38eff8eSDamien Miller #define SSH2_DISCONNECT_COMPRESSION_ERROR		6
153b38eff8eSDamien Miller #define SSH2_DISCONNECT_SERVICE_NOT_AVAILABLE		7
154b38eff8eSDamien Miller #define SSH2_DISCONNECT_PROTOCOL_VERSION_NOT_SUPPORTED	8
155b38eff8eSDamien Miller #define SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE		9
156b38eff8eSDamien Miller #define SSH2_DISCONNECT_CONNECTION_LOST			10
157b38eff8eSDamien Miller #define SSH2_DISCONNECT_BY_APPLICATION			11
158dcb6ecd1SDamien Miller #define SSH2_DISCONNECT_TOO_MANY_CONNECTIONS		12
159dcb6ecd1SDamien Miller #define SSH2_DISCONNECT_AUTH_CANCELLED_BY_USER		13
160dcb6ecd1SDamien Miller #define SSH2_DISCONNECT_NO_MORE_AUTH_METHODS_AVAILABLE	14
161dcb6ecd1SDamien Miller #define SSH2_DISCONNECT_ILLEGAL_USER_NAME		15
162b38eff8eSDamien Miller 
163b38eff8eSDamien Miller /* misc */
164b38eff8eSDamien Miller 
165b38eff8eSDamien Miller #define SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED		1
166b38eff8eSDamien Miller #define SSH2_OPEN_CONNECT_FAILED			2
167b38eff8eSDamien Miller #define SSH2_OPEN_UNKNOWN_CHANNEL_TYPE			3
168b38eff8eSDamien Miller #define SSH2_OPEN_RESOURCE_SHORTAGE			4
169b38eff8eSDamien Miller 
170b38eff8eSDamien Miller #define SSH2_EXTENDED_DATA_STDERR			1
17101ed2272SDamien Miller 
1720a80ca19SDamien Miller /* Certificate types for OpenSSH certificate keys extension */
1730a80ca19SDamien Miller #define SSH2_CERT_TYPE_USER				1
1740a80ca19SDamien Miller #define SSH2_CERT_TYPE_HOST				2
175