Merge pull request #296 from Castaglia/proxy-chachapoly-issue295

Issue #295: Implement support for the OpenSSH-specific ChaChaPoly SSH…

Author: Castaglia

Makefile.in

@@ -54,6 +54,7 @@ MODULE_OBJS=mod_proxy.o \
   lib/proxy/ssh/misc.o \
   lib/proxy/ssh/msg.o \
   lib/proxy/ssh/packet.o \
+  lib/proxy/ssh/poly1305.o \
   lib/proxy/ssh/service.o \
   lib/proxy/ssh/session.o \
   lib/proxy/ssh/umac.o \
@@ -102,6 +103,7 @@ SHARED_MODULE_OBJS=mod_proxy.lo \
   lib/proxy/ssh/misc.lo \
   lib/proxy/ssh/msg.lo \
   lib/proxy/ssh/packet.lo \
+  lib/proxy/ssh/poly1305.lo \
   lib/proxy/ssh/service.lo \
   lib/proxy/ssh/session.lo \
   lib/proxy/ssh/umac.lo \

configure

@@ -4300,6 +4300,46 @@ $as_echo "no" >&6; }
     LIBS="$saved_libs"
 
 
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether OpenSSL supports EVP_chacha20" >&5
+$as_echo_n "checking whether OpenSSL supports EVP_chacha20... " >&6; }
+LIBS="-lcrypto $LIBS"
+
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+    #include <openssl/evp.h>
+
+int
+main ()
+{
+
+    EVP_CIPHER *cipher;
+    cipher = EVP_chacha20();
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+
+    { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+
+$as_echo "#define HAVE_EVP_CHACHA20_OPENSSL 1" >>confdefs.h
+
+    LIBS="$saved_libs"
+
+else
+
+    { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+    LIBS="$saved_libs"
+
+
 fi
 rm -f core conftest.err conftest.$ac_objext \
     conftest$ac_exeext conftest.$ac_ext

configure.in

@@ -1,5 +1,5 @@
 dnl ProFTPD - mod_proxy
-dnl Copyright (c) 2012-2022 TJ Saunders <[email protected]>
+dnl Copyright (c) 2012-2025 TJ Saunders <[email protected]>
 dnl
 dnl This program is free software; you can redistribute it and/or modify
 dnl it under the terms of the GNU General Public License as published by
@@ -364,6 +364,28 @@ AC_TRY_LINK(
   ]
 )
 
+AC_MSG_CHECKING([whether OpenSSL supports EVP_chacha20])
+LIBS="-lcrypto $LIBS"
+
+AC_TRY_LINK(
+  [
+    #include <openssl/evp.h>
+  ],
+  [
+    EVP_CIPHER *cipher;
+    cipher = EVP_chacha20();
+  ],
+  [
+    AC_MSG_RESULT(yes)
+    AC_DEFINE(HAVE_EVP_CHACHA20_OPENSSL, 1, [OpenSSL supports EVP_chacha20])
+    LIBS="$saved_libs"
+  ],
+  [
+    AC_MSG_RESULT(no)
+    LIBS="$saved_libs"
+  ]
+)
+
 AC_MSG_CHECKING([whether OpenSSL supports X448 algorithm])
 LIBS="-lcrypto $LIBS"
 

include/proxy/ssh/cipher.h

@@ -1,6 +1,6 @@
 /*
  * ProFTPD - mod_proxy SSH cipher API
- * Copyright (c) 2021-2022 TJ Saunders
+ * Copyright (c) 2021-2025 TJ Saunders
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -41,6 +41,8 @@ size_t proxy_ssh_cipher_get_write_block_size(void);
 void proxy_ssh_cipher_set_read_block_size(size_t);
 void proxy_ssh_cipher_set_write_block_size(size_t);
 
+int proxy_ssh_cipher_is_read_chachapoly(void);
+
 /* Returns the cipher authenticated data size, or zero. */
 size_t proxy_ssh_cipher_get_read_auth_size(void);
 size_t proxy_ssh_cipher_get_read_auth_size2(void);
@@ -55,6 +57,9 @@ int proxy_ssh_cipher_set_read_key(pool *p, const EVP_MD *md,
 int proxy_ssh_cipher_read_data(struct proxy_ssh_packet *pkt,
   unsigned char *data, uint32_t data_len, unsigned char **buf,
   uint32_t *buflen);
+int proxy_ssh_cipher_read_packet_len(struct proxy_ssh_packet *pkt,
+  unsigned char *data, uint32_t data_len, unsigned char **buf,
+  uint32_t *buflen, uint32_t *packet_len);
 
 const char *proxy_ssh_cipher_get_write_algo(void);
 int proxy_ssh_cipher_set_write_algo(pool *p, const char *algo);

include/proxy/ssh/poly1305.h

@@ -0,0 +1,25 @@
+/* 
+ * Public Domain poly1305 from Andrew Moon
+ * poly1305-donna-unrolled.c from https://github.com/floodyberry/poly1305-donna
+ */
+
+#ifndef POLY1305_H
+#define POLY1305_H
+
+#include "mod_proxy.h"
+
+#if defined(HAVE_EVP_CHACHA20_OPENSSL) && \
+   !defined(HAVE_BROKEN_CHACHA20)
+#include <sys/types.h>
+
+#define POLY1305_KEYLEN		32
+#define POLY1305_TAGLEN		16
+
+void poly1305_auth(u_char out[POLY1305_TAGLEN], const u_char *m, size_t inlen,
+    const u_char key[POLY1305_KEYLEN])
+    __attribute__((__bounded__(__minbytes__, 1, POLY1305_TAGLEN)))
+    __attribute__((__bounded__(__buffer__, 2, 3)))
+    __attribute__((__bounded__(__minbytes__, 4, POLY1305_KEYLEN)));
+
+#endif /* HAVE_EVP_CHACHA20_OPENSSL and !HAVE_BROKEN_CHACHA20 */
+#endif /* POLY1305_H */

lib/proxy/ssh/auth.c

@@ -1,6 +1,6 @@
 /*
  * ProFTPD - mod_proxy SSH user authentication
- * Copyright (c) 2021-2022 TJ Saunders
+ * Copyright (c) 2021-2025 TJ Saunders
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -1209,6 +1209,8 @@ int proxy_ssh_auth_handle(struct proxy_ssh_packet *pkt,
       return -1;
     }
 
+    (void) len;
+
   } else if (msg_type == PROXY_SSH_MSG_USER_AUTH_INFO_RESP) {
     pr_trace_msg(trace_channel, 17,
       "handling USER_AUTH_INFO_RESPONSE");