1264377Sdes/* $OpenBSD: ssh2.h,v 1.15 2014/01/29 06:18:35 djm Exp $ */
292555Sdes
360573Skris/*
465668Skris * Copyright (c) 2000 Markus Friedl.  All rights reserved.
565668Skris *
665668Skris * Redistribution and use in source and binary forms, with or without
765668Skris * modification, are permitted provided that the following conditions
865668Skris * are met:
965668Skris * 1. Redistributions of source code must retain the above copyright
1065668Skris *    notice, this list of conditions and the following disclaimer.
1165668Skris * 2. Redistributions in binary form must reproduce the above copyright
1265668Skris *    notice, this list of conditions and the following disclaimer in the
1365668Skris *    documentation and/or other materials provided with the distribution.
1465668Skris *
1565668Skris * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
1665668Skris * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
1765668Skris * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
1865668Skris * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
1965668Skris * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
2065668Skris * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
2165668Skris * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
2265668Skris * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
2365668Skris * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
2465668Skris * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
2565668Skris */
2665668Skris
2765668Skris/*
2861209Skris * draft-ietf-secsh-architecture-05.txt
2960573Skris *
3060573Skris *   Transport layer protocol:
3160573Skris *
3260573Skris *     1-19     Transport layer generic (e.g. disconnect, ignore, debug,
3360573Skris *              etc)
3460573Skris *     20-29    Algorithm negotiation
3560573Skris *     30-49    Key exchange method specific (numbers can be reused for
3660573Skris *              different authentication methods)
3760573Skris *
3860573Skris *   User authentication protocol:
3960573Skris *
4060573Skris *     50-59    User authentication generic
4160573Skris *     60-79    User authentication method specific (numbers can be reused
4260573Skris *              for different authentication methods)
4360573Skris *
4460573Skris *   Connection protocol:
4560573Skris *
4660573Skris *     80-89    Connection protocol generic
4760573Skris *     90-127   Channel related messages
4860573Skris *
4960573Skris *   Reserved for client protocols:
5060573Skris *
5160573Skris *     128-191  Reserved
5260573Skris *
5360573Skris *   Local extensions:
5460573Skris *
5560573Skris *     192-255  Local extensions
5660573Skris */
5760573Skris
5892555Sdes/* ranges */
5992555Sdes
6092555Sdes#define SSH2_MSG_TRANSPORT_MIN				1
6192555Sdes#define SSH2_MSG_TRANSPORT_MAX				49
6292555Sdes#define SSH2_MSG_USERAUTH_MIN				50
6392555Sdes#define SSH2_MSG_USERAUTH_MAX				79
64124208Sdes#define SSH2_MSG_USERAUTH_PER_METHOD_MIN		60
65124208Sdes#define SSH2_MSG_USERAUTH_PER_METHOD_MAX		SSH2_MSG_USERAUTH_MAX
6692555Sdes#define SSH2_MSG_CONNECTION_MIN				80
6792555Sdes#define SSH2_MSG_CONNECTION_MAX				127
6892555Sdes#define SSH2_MSG_RESERVED_MIN				128
6992555Sdes#define SSH2_MSG_RESERVED_MAX				191
7092555Sdes#define SSH2_MSG_LOCAL_MIN				192
7192555Sdes#define SSH2_MSG_LOCAL_MAX				255
7292555Sdes#define SSH2_MSG_MIN					1
7392555Sdes#define SSH2_MSG_MAX					255
7492555Sdes
7560573Skris/* transport layer: generic */
7660573Skris
7760573Skris#define SSH2_MSG_DISCONNECT				1
7860573Skris#define SSH2_MSG_IGNORE					2
7960573Skris#define SSH2_MSG_UNIMPLEMENTED				3
8060573Skris#define SSH2_MSG_DEBUG					4
8160573Skris#define SSH2_MSG_SERVICE_REQUEST			5
8260573Skris#define SSH2_MSG_SERVICE_ACCEPT				6
8360573Skris
8460573Skris/* transport layer: alg negotiation */
8560573Skris
8660573Skris#define SSH2_MSG_KEXINIT				20
8760573Skris#define SSH2_MSG_NEWKEYS				21
8860573Skris
8960573Skris/* transport layer: kex specific messages, can be reused */
9060573Skris
9160573Skris#define SSH2_MSG_KEXDH_INIT				30
9260573Skris#define SSH2_MSG_KEXDH_REPLY				31
9360573Skris
9469587Sgreen/* dh-group-exchange */
9576259Sgreen#define SSH2_MSG_KEX_DH_GEX_REQUEST_OLD			30
9669587Sgreen#define SSH2_MSG_KEX_DH_GEX_GROUP			31
9769587Sgreen#define SSH2_MSG_KEX_DH_GEX_INIT			32
9869587Sgreen#define SSH2_MSG_KEX_DH_GEX_REPLY			33
9976259Sgreen#define SSH2_MSG_KEX_DH_GEX_REQUEST			34
10069587Sgreen
101221420Sdes/* ecdh */
102221420Sdes#define SSH2_MSG_KEX_ECDH_INIT				30
103221420Sdes#define SSH2_MSG_KEX_ECDH_REPLY				31
104221420Sdes
10560573Skris/* user authentication: generic */
10660573Skris
10760573Skris#define SSH2_MSG_USERAUTH_REQUEST			50
10860573Skris#define SSH2_MSG_USERAUTH_FAILURE			51
10960573Skris#define SSH2_MSG_USERAUTH_SUCCESS			52
11060573Skris#define SSH2_MSG_USERAUTH_BANNER			53
11160573Skris
11260573Skris/* user authentication: method specific, can be reused */
11360573Skris
11460573Skris#define SSH2_MSG_USERAUTH_PK_OK				60
11560573Skris#define SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ		60
11660573Skris#define SSH2_MSG_USERAUTH_INFO_REQUEST			60
11760573Skris#define SSH2_MSG_USERAUTH_INFO_RESPONSE			61
11860573Skris
11960573Skris/* connection protocol: generic */
12060573Skris
12160573Skris#define SSH2_MSG_GLOBAL_REQUEST				80
12260573Skris#define SSH2_MSG_REQUEST_SUCCESS			81
12360573Skris#define SSH2_MSG_REQUEST_FAILURE			82
12460573Skris
12560573Skris/* channel related messages */
12660573Skris
12760573Skris#define SSH2_MSG_CHANNEL_OPEN				90
12860573Skris#define SSH2_MSG_CHANNEL_OPEN_CONFIRMATION		91
12960573Skris#define SSH2_MSG_CHANNEL_OPEN_FAILURE			92
13060573Skris#define SSH2_MSG_CHANNEL_WINDOW_ADJUST			93
13160573Skris#define SSH2_MSG_CHANNEL_DATA				94
13260573Skris#define SSH2_MSG_CHANNEL_EXTENDED_DATA			95
13360573Skris#define SSH2_MSG_CHANNEL_EOF				96
13460573Skris#define SSH2_MSG_CHANNEL_CLOSE				97
13560573Skris#define SSH2_MSG_CHANNEL_REQUEST			98
13660573Skris#define SSH2_MSG_CHANNEL_SUCCESS			99
13760573Skris#define SSH2_MSG_CHANNEL_FAILURE			100
13860573Skris
13960573Skris/* disconnect reason code */
14060573Skris
14160573Skris#define SSH2_DISCONNECT_HOST_NOT_ALLOWED_TO_CONNECT	1
14260573Skris#define SSH2_DISCONNECT_PROTOCOL_ERROR			2
14360573Skris#define SSH2_DISCONNECT_KEY_EXCHANGE_FAILED		3
14460573Skris#define SSH2_DISCONNECT_HOST_AUTHENTICATION_FAILED	4
14561209Skris#define SSH2_DISCONNECT_RESERVED			4
14660573Skris#define SSH2_DISCONNECT_MAC_ERROR			5
14760573Skris#define SSH2_DISCONNECT_COMPRESSION_ERROR		6
14860573Skris#define SSH2_DISCONNECT_SERVICE_NOT_AVAILABLE		7
14960573Skris#define SSH2_DISCONNECT_PROTOCOL_VERSION_NOT_SUPPORTED	8
15060573Skris#define SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE		9
15160573Skris#define SSH2_DISCONNECT_CONNECTION_LOST			10
15260573Skris#define SSH2_DISCONNECT_BY_APPLICATION			11
15361209Skris#define SSH2_DISCONNECT_TOO_MANY_CONNECTIONS		12
15461209Skris#define SSH2_DISCONNECT_AUTH_CANCELLED_BY_USER		13
15561209Skris#define SSH2_DISCONNECT_NO_MORE_AUTH_METHODS_AVAILABLE	14
15661209Skris#define SSH2_DISCONNECT_ILLEGAL_USER_NAME		15
15760573Skris
15860573Skris/* misc */
15960573Skris
16060573Skris#define SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED		1
16160573Skris#define SSH2_OPEN_CONNECT_FAILED			2
16260573Skris#define SSH2_OPEN_UNKNOWN_CHANNEL_TYPE			3
16360573Skris#define SSH2_OPEN_RESOURCE_SHORTAGE			4
16460573Skris
16560573Skris#define SSH2_EXTENDED_DATA_STDERR			1
166192595Sdes
167204917Sdes/* kex messages for resume@appgate.com */
168204917Sdes#define SSH2_MSG_KEX_ROAMING_RESUME			30
169204917Sdes#define SSH2_MSG_KEX_ROAMING_AUTH_REQUIRED		31
170204917Sdes#define SSH2_MSG_KEX_ROAMING_AUTH			32
171204917Sdes#define SSH2_MSG_KEX_ROAMING_AUTH_OK			33
172204917Sdes#define SSH2_MSG_KEX_ROAMING_AUTH_FAIL			34
173204917Sdes
174204917Sdes/* Certificate types for OpenSSH certificate keys extension */
175204917Sdes#define SSH2_CERT_TYPE_USER				1
176204917Sdes#define SSH2_CERT_TYPE_HOST				2
177