dropbear: common-algo.c annotate

annotate common-algo.c @ 1902:4a6725ac957c

Revert "Don't include sk keys at all in KEX list" This reverts git commit f972813ecdc7bb981d25b5a63638bd158f1c8e72. The sk algorithms need to remain in the sigalgs list so that they are included in the server-sig-algs ext-info message sent by the server. RFC8308 for server-sig-algs requires that all algorithms are listed (though OpenSSH client 8.4p1 tested doesn't require that)

author	Matt Johnston <matt@ucc.asn.au>
date	Thu, 24 Mar 2022 13:42:08 +0800
parents	6cb6e81ca765
children	13cb8cc1b0e4

rev	line source
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1 /*
74 e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	2 * Dropbear SSH
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	3 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	4 * Copyright (c) 2002,2003 Matt Johnston
74 e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	5 * Copyright (c) 2004 by Mihnea Stoenescu
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	6 * All rights reserved.
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	7 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	8 * Permission is hereby granted, free of charge, to any person obtaining a copy
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	9 * of this software and associated documentation files (the "Software"), to deal
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	10 * in the Software without restriction, including without limitation the rights
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	11 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	12 * copies of the Software, and to permit persons to whom the Software is
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	13 * furnished to do so, subject to the following conditions:
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	14 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	15 * The above copyright notice and this permission notice shall be included in
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	16 * all copies or substantial portions of the Software.
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	17 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	18 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	19 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	20 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	21 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	22 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	23 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	24 * SOFTWARE. */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	25
761 ac2158e3e403 ecc kind of works, needs fixing/testing Matt Johnston <matt@ucc.asn.au> parents: 759 diff changeset	26 #include "includes.h"
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	27 #include "algo.h"
741 eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	28 #include "session.h"
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	29 #include "dbutil.h"
1224 82e2037d34ea Move dh group constants to a separate file Matt Johnston <matt@ucc.asn.au> parents: 1204 diff changeset	30 #include "dh_groups.h"
761 ac2158e3e403 ecc kind of works, needs fixing/testing Matt Johnston <matt@ucc.asn.au> parents: 759 diff changeset	31 #include "ltc_prng.h"
ac2158e3e403 ecc kind of works, needs fixing/testing Matt Johnston <matt@ucc.asn.au> parents: 759 diff changeset	32 #include "ecc.h"
1672 3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93) Vladislav Grishenko <themiron@users.noreply.github.com> parents: 1659 diff changeset	33 #include "gcm.h"
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93) Vladislav Grishenko <themiron@users.noreply.github.com> parents: 1659 diff changeset	34 #include "chachapoly.h"
1676 d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	35 #include "ssh.h"
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	36
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	37 /* This file (algo.c) organises the ciphers which can be used, and is used to
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	38 * decide which ciphers/hashes/compression/signing to use during key exchange*/
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	39
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	40 static int void_cipher(const unsigned char* in, unsigned char* out,
761 ac2158e3e403 ecc kind of works, needs fixing/testing Matt Johnston <matt@ucc.asn.au> parents: 759 diff changeset	41 unsigned long len, void* UNUSED(cipher_state)) {
543 e12c9225acbd - Don't memcpy() in place with void_encrypt Matt Johnston <matt@ucc.asn.au> parents: 503 diff changeset	42 if (in != out) {
e12c9225acbd - Don't memcpy() in place with void_encrypt Matt Johnston <matt@ucc.asn.au> parents: 503 diff changeset	43 memmove(out, in, len);
e12c9225acbd - Don't memcpy() in place with void_encrypt Matt Johnston <matt@ucc.asn.au> parents: 503 diff changeset	44 }
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	45 return CRYPT_OK;
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	46 }
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	47
761 ac2158e3e403 ecc kind of works, needs fixing/testing Matt Johnston <matt@ucc.asn.au> parents: 759 diff changeset	48 static int void_start(int UNUSED(cipher), const unsigned char* UNUSED(IV),
ac2158e3e403 ecc kind of works, needs fixing/testing Matt Johnston <matt@ucc.asn.au> parents: 759 diff changeset	49 const unsigned char* UNUSED(key),
ac2158e3e403 ecc kind of works, needs fixing/testing Matt Johnston <matt@ucc.asn.au> parents: 759 diff changeset	50 int UNUSED(keylen), int UNUSED(num_rounds), void* UNUSED(cipher_state)) {
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	51 return CRYPT_OK;
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	52 }
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	53
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	54 /* Mappings for ciphers, parameters are
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	55 {&cipher_desc, keysize, blocksize} */
715 cd3d3c63d189 Make hmac-sha2-256 and hmac-sha2-512 work Matt Johnston <matt@ucc.asn.au> parents: 686 diff changeset	56
cd3d3c63d189 Make hmac-sha2-256 and hmac-sha2-512 work Matt Johnston <matt@ucc.asn.au> parents: 686 diff changeset	57 /* Remember to add new ciphers/hashes to regciphers/reghashes too */
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	58
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	59 #if DROPBEAR_AES256
228 5e4110bb753a - Fixed twofish algorithm naming so it actually works. Matt Johnston <matt@ucc.asn.au> parents: 227 diff changeset	60 static const struct dropbear_cipher dropbear_aes256 =
5e4110bb753a - Fixed twofish algorithm naming so it actually works. Matt Johnston <matt@ucc.asn.au> parents: 227 diff changeset	61 {&aes_desc, 32, 16};
5e4110bb753a - Fixed twofish algorithm naming so it actually works. Matt Johnston <matt@ucc.asn.au> parents: 227 diff changeset	62 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	63 #if DROPBEAR_AES128
227 ad1b24e39bf3 Make a variables static Matt Johnston <matt@ucc.asn.au> parents: 194 diff changeset	64 static const struct dropbear_cipher dropbear_aes128 =
150 82fcf3185616 Cleaning out various dead wood found with -dead_strip Matt Johnston <matt@ucc.asn.au> parents: 74 diff changeset	65 {&aes_desc, 16, 16};
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	66 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	67 #if DROPBEAR_TWOFISH256
228 5e4110bb753a - Fixed twofish algorithm naming so it actually works. Matt Johnston <matt@ucc.asn.au> parents: 227 diff changeset	68 static const struct dropbear_cipher dropbear_twofish256 =
5e4110bb753a - Fixed twofish algorithm naming so it actually works. Matt Johnston <matt@ucc.asn.au> parents: 227 diff changeset	69 {&twofish_desc, 32, 16};
5e4110bb753a - Fixed twofish algorithm naming so it actually works. Matt Johnston <matt@ucc.asn.au> parents: 227 diff changeset	70 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	71 #if DROPBEAR_TWOFISH128
227 ad1b24e39bf3 Make a variables static Matt Johnston <matt@ucc.asn.au> parents: 194 diff changeset	72 static const struct dropbear_cipher dropbear_twofish128 =
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	73 {&twofish_desc, 16, 16};
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	74 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	75 #if DROPBEAR_3DES
227 ad1b24e39bf3 Make a variables static Matt Johnston <matt@ucc.asn.au> parents: 194 diff changeset	76 static const struct dropbear_cipher dropbear_3des =
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	77 {&des3_desc, 24, 8};
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	78 #endif
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	79
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	80 /* used to indicate no encryption, as defined in rfc2410 */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	81 const struct dropbear_cipher dropbear_nocipher =
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	82 {NULL, 16, 8};
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	83
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	84 /* A few void* s are required to silence warnings
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	85 * about the symmetric_CBC vs symmetric_CTR cipher_state pointer */
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	86 #if DROPBEAR_ENABLE_CBC_MODE
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	87 const struct dropbear_cipher_mode dropbear_mode_cbc =
1672 3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93) Vladislav Grishenko <themiron@users.noreply.github.com> parents: 1659 diff changeset	88 {(void)cbc_start, (void)cbc_encrypt, (void*)cbc_decrypt, NULL, NULL, NULL};
1038 d3925ed45a85 Fix for old compilers, variable declarations at beginning of functions Thorsten Horstmann <thorsten.horstmann@web.de> parents: 1019 diff changeset	89 #endif /* DROPBEAR_ENABLE_CBC_MODE */
992 731f624af902 Add config option to disable cbc. Disable twofish by default Matt Johnston <matt@ucc.asn.au> parents: 857 diff changeset	90
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	91 const struct dropbear_cipher_mode dropbear_mode_none =
1672 3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93) Vladislav Grishenko <themiron@users.noreply.github.com> parents: 1659 diff changeset	92 {void_start, void_cipher, void_cipher, NULL, NULL, NULL};
992 731f624af902 Add config option to disable cbc. Disable twofish by default Matt Johnston <matt@ucc.asn.au> parents: 857 diff changeset	93
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	94 #if DROPBEAR_ENABLE_CTR_MODE
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	95 /* a wrapper to make ctr_start and cbc_start look the same */
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	96 static int dropbear_big_endian_ctr_start(int cipher,
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	97 const unsigned char *IV,
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	98 const unsigned char *key, int keylen,
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	99 int num_rounds, symmetric_CTR *ctr) {
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	100 return ctr_start(cipher, IV, key, keylen, num_rounds, CTR_COUNTER_BIG_ENDIAN, ctr);
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	101 }
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	102 const struct dropbear_cipher_mode dropbear_mode_ctr =
1672 3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93) Vladislav Grishenko <themiron@users.noreply.github.com> parents: 1659 diff changeset	103 {(void)dropbear_big_endian_ctr_start, (void)ctr_encrypt, (void*)ctr_decrypt, NULL, NULL, NULL};
1038 d3925ed45a85 Fix for old compilers, variable declarations at beginning of functions Thorsten Horstmann <thorsten.horstmann@web.de> parents: 1019 diff changeset	104 #endif /* DROPBEAR_ENABLE_CTR_MODE */
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	105
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	106 /* Mapping of ssh hashes to libtomcrypt hashes, including keysize etc.
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	107 {&hash_desc, keysize, hashsize} */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	108
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	109 #if DROPBEAR_SHA1_HMAC
227 ad1b24e39bf3 Make a variables static Matt Johnston <matt@ucc.asn.au> parents: 194 diff changeset	110 static const struct dropbear_hash dropbear_sha1 =
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	111 {&sha1_desc, 20, 20};
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	112 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	113 #if DROPBEAR_SHA1_96_HMAC
228 5e4110bb753a - Fixed twofish algorithm naming so it actually works. Matt Johnston <matt@ucc.asn.au> parents: 227 diff changeset	114 static const struct dropbear_hash dropbear_sha1_96 =
5e4110bb753a - Fixed twofish algorithm naming so it actually works. Matt Johnston <matt@ucc.asn.au> parents: 227 diff changeset	115 {&sha1_desc, 20, 12};
5e4110bb753a - Fixed twofish algorithm naming so it actually works. Matt Johnston <matt@ucc.asn.au> parents: 227 diff changeset	116 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	117 #if DROPBEAR_SHA2_256_HMAC
679 03073a27abb3 - Add hmac-sha2-256 and hmac-sha2-512. Needs debugging, seems to be Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	118 static const struct dropbear_hash dropbear_sha2_256 =
03073a27abb3 - Add hmac-sha2-256 and hmac-sha2-512. Needs debugging, seems to be Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	119 {&sha256_desc, 32, 32};
03073a27abb3 - Add hmac-sha2-256 and hmac-sha2-512. Needs debugging, seems to be Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	120 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	121 #if DROPBEAR_SHA2_512_HMAC
679 03073a27abb3 - Add hmac-sha2-256 and hmac-sha2-512. Needs debugging, seems to be Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	122 static const struct dropbear_hash dropbear_sha2_512 =
03073a27abb3 - Add hmac-sha2-256 and hmac-sha2-512. Needs debugging, seems to be Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	123 {&sha512_desc, 64, 64};
03073a27abb3 - Add hmac-sha2-256 and hmac-sha2-512. Needs debugging, seems to be Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	124 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	125 #if DROPBEAR_MD5_HMAC
227 ad1b24e39bf3 Make a variables static Matt Johnston <matt@ucc.asn.au> parents: 194 diff changeset	126 static const struct dropbear_hash dropbear_md5 =
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	127 {&md5_desc, 16, 16};
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	128 #endif
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	129
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	130 const struct dropbear_hash dropbear_nohash =
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	131 {NULL, 16, 0}; /* used initially */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	132
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	133
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	134 /* The following map ssh names to internal values.
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	135 * The ordering here is important for the client - the first mode
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	136 * that is also supported by the server will get used. */
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	137
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	138 algo_type sshciphers[] = {
1672 3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93) Vladislav Grishenko <themiron@users.noreply.github.com> parents: 1659 diff changeset	139 #if DROPBEAR_CHACHA20POLY1305
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93) Vladislav Grishenko <themiron@users.noreply.github.com> parents: 1659 diff changeset	140 {"[email protected]", 0, &dropbear_chachapoly, 1, &dropbear_mode_chachapoly},
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93) Vladislav Grishenko <themiron@users.noreply.github.com> parents: 1659 diff changeset	141 #endif
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93) Vladislav Grishenko <themiron@users.noreply.github.com> parents: 1659 diff changeset	142
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93) Vladislav Grishenko <themiron@users.noreply.github.com> parents: 1659 diff changeset	143 #if DROPBEAR_ENABLE_GCM_MODE
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93) Vladislav Grishenko <themiron@users.noreply.github.com> parents: 1659 diff changeset	144 #if DROPBEAR_AES128
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93) Vladislav Grishenko <themiron@users.noreply.github.com> parents: 1659 diff changeset	145 {"[email protected]", 0, &dropbear_aes128, 1, &dropbear_mode_gcm},
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93) Vladislav Grishenko <themiron@users.noreply.github.com> parents: 1659 diff changeset	146 #endif
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93) Vladislav Grishenko <themiron@users.noreply.github.com> parents: 1659 diff changeset	147 #if DROPBEAR_AES256
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93) Vladislav Grishenko <themiron@users.noreply.github.com> parents: 1659 diff changeset	148 {"[email protected]", 0, &dropbear_aes256, 1, &dropbear_mode_gcm},
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93) Vladislav Grishenko <themiron@users.noreply.github.com> parents: 1659 diff changeset	149 #endif
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93) Vladislav Grishenko <themiron@users.noreply.github.com> parents: 1659 diff changeset	150 #endif /* DROPBEAR_ENABLE_GCM_MODE */
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93) Vladislav Grishenko <themiron@users.noreply.github.com> parents: 1659 diff changeset	151
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	152 #if DROPBEAR_ENABLE_CTR_MODE
750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	153 #if DROPBEAR_AES128
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	154 {"aes128-ctr", 0, &dropbear_aes128, 1, &dropbear_mode_ctr},
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	155 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	156 #if DROPBEAR_AES256
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	157 {"aes256-ctr", 0, &dropbear_aes256, 1, &dropbear_mode_ctr},
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	158 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	159 #if DROPBEAR_TWOFISH_CTR
1087 1e486f368ec3 Disable twofish-ctr by default, add config option Matt Johnston <matt@ucc.asn.au> parents: 1038 diff changeset	160 /* twofish ctr is conditional as it hasn't been tested for interoperability, see options.h */
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	161 #if DROPBEAR_TWOFISH256
1012 ffd2359564b0 twofish ctr modes Matt Johnston <matt@ucc.asn.au> parents: 996 diff changeset	162 {"twofish256-ctr", 0, &dropbear_twofish256, 1, &dropbear_mode_ctr},
ffd2359564b0 twofish ctr modes Matt Johnston <matt@ucc.asn.au> parents: 996 diff changeset	163 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	164 #if DROPBEAR_TWOFISH128
1012 ffd2359564b0 twofish ctr modes Matt Johnston <matt@ucc.asn.au> parents: 996 diff changeset	165 {"twofish128-ctr", 0, &dropbear_twofish128, 1, &dropbear_mode_ctr},
ffd2359564b0 twofish ctr modes Matt Johnston <matt@ucc.asn.au> parents: 996 diff changeset	166 #endif
1087 1e486f368ec3 Disable twofish-ctr by default, add config option Matt Johnston <matt@ucc.asn.au> parents: 1038 diff changeset	167 #endif /* DROPBEAR_TWOFISH_CTR */
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	168 #endif /* DROPBEAR_ENABLE_CTR_MODE */
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	169
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	170 #if DROPBEAR_ENABLE_CBC_MODE
750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	171 #if DROPBEAR_AES128
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	172 {"aes128-cbc", 0, &dropbear_aes128, 1, &dropbear_mode_cbc},
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	173 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	174 #if DROPBEAR_AES256
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	175 {"aes256-cbc", 0, &dropbear_aes256, 1, &dropbear_mode_cbc},
235 c3dbd3e1a8ce Change the preferred algorithm order Matt Johnston <matt@ucc.asn.au> parents: 234 diff changeset	176 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	177 #if DROPBEAR_TWOFISH256
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	178 {"twofish256-cbc", 0, &dropbear_twofish256, 1, &dropbear_mode_cbc},
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	179 {"twofish-cbc", 0, &dropbear_twofish256, 1, &dropbear_mode_cbc},
235 c3dbd3e1a8ce Change the preferred algorithm order Matt Johnston <matt@ucc.asn.au> parents: 234 diff changeset	180 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	181 #if DROPBEAR_TWOFISH128
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	182 {"twofish128-cbc", 0, &dropbear_twofish128, 1, &dropbear_mode_cbc},
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	183 #endif
1673 e0871128e61f CBC mode cleanup (#95) Vladislav Grishenko <themiron@users.noreply.github.com> parents: 1672 diff changeset	184 #endif /* DROPBEAR_ENABLE_CBC_MODE */
e0871128e61f CBC mode cleanup (#95) Vladislav Grishenko <themiron@users.noreply.github.com> parents: 1672 diff changeset	185
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	186 #if DROPBEAR_3DES
1673 e0871128e61f CBC mode cleanup (#95) Vladislav Grishenko <themiron@users.noreply.github.com> parents: 1672 diff changeset	187 #if DROPBEAR_ENABLE_CTR_MODE
994 5c5ade336926 Prefer stronger algorithms in algorithm negotiation. Fedor Brunner <fedor.brunner@azet.sk> parents: 992 diff changeset	188 {"3des-ctr", 0, &dropbear_3des, 1, &dropbear_mode_ctr},
5c5ade336926 Prefer stronger algorithms in algorithm negotiation. Fedor Brunner <fedor.brunner@azet.sk> parents: 992 diff changeset	189 #endif
1673 e0871128e61f CBC mode cleanup (#95) Vladislav Grishenko <themiron@users.noreply.github.com> parents: 1672 diff changeset	190 #if DROPBEAR_ENABLE_CBC_MODE
994 5c5ade336926 Prefer stronger algorithms in algorithm negotiation. Fedor Brunner <fedor.brunner@azet.sk> parents: 992 diff changeset	191 {"3des-cbc", 0, &dropbear_3des, 1, &dropbear_mode_cbc},
5c5ade336926 Prefer stronger algorithms in algorithm negotiation. Fedor Brunner <fedor.brunner@azet.sk> parents: 992 diff changeset	192 #endif
1673 e0871128e61f CBC mode cleanup (#95) Vladislav Grishenko <themiron@users.noreply.github.com> parents: 1672 diff changeset	193 #endif /* DROPBEAR_3DES */
e0871128e61f CBC mode cleanup (#95) Vladislav Grishenko <themiron@users.noreply.github.com> parents: 1672 diff changeset	194
e0871128e61f CBC mode cleanup (#95) Vladislav Grishenko <themiron@users.noreply.github.com> parents: 1672 diff changeset	195 #if DROPBEAR_ENABLE_CBC_MODE
992 731f624af902 Add config option to disable cbc. Disable twofish by default Matt Johnston <matt@ucc.asn.au> parents: 857 diff changeset	196 #endif /* DROPBEAR_ENABLE_CBC_MODE */
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	197 {NULL, 0, NULL, 0, NULL}
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	198 };
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	199
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	200 algo_type sshhashes[] = {
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	201 #if DROPBEAR_SHA1_96_HMAC
1017 a37f8730eb0f Keep sha1 default Matt Johnston <matt@ucc.asn.au> parents: 996 diff changeset	202 {"hmac-sha1-96", 0, &dropbear_sha1_96, 1, NULL},
a37f8730eb0f Keep sha1 default Matt Johnston <matt@ucc.asn.au> parents: 996 diff changeset	203 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	204 #if DROPBEAR_SHA1_HMAC
1017 a37f8730eb0f Keep sha1 default Matt Johnston <matt@ucc.asn.au> parents: 996 diff changeset	205 {"hmac-sha1", 0, &dropbear_sha1, 1, NULL},
a37f8730eb0f Keep sha1 default Matt Johnston <matt@ucc.asn.au> parents: 996 diff changeset	206 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	207 #if DROPBEAR_SHA2_256_HMAC
715 cd3d3c63d189 Make hmac-sha2-256 and hmac-sha2-512 work Matt Johnston <matt@ucc.asn.au> parents: 686 diff changeset	208 {"hmac-sha2-256", 0, &dropbear_sha2_256, 1, NULL},
679 03073a27abb3 - Add hmac-sha2-256 and hmac-sha2-512. Needs debugging, seems to be Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	209 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	210 #if DROPBEAR_SHA2_512_HMAC
715 cd3d3c63d189 Make hmac-sha2-256 and hmac-sha2-512 work Matt Johnston <matt@ucc.asn.au> parents: 686 diff changeset	211 {"hmac-sha2-512", 0, &dropbear_sha2_512, 1, NULL},
679 03073a27abb3 - Add hmac-sha2-256 and hmac-sha2-512. Needs debugging, seems to be Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	212 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	213 #if DROPBEAR_MD5_HMAC
681 a4b7627b3157 Update insecure-nocrypto to current head Matt Johnston <matt@ucc.asn.au> parents: 679 512 diff changeset	214 {"hmac-md5", 0, (void*)&dropbear_md5, 1, NULL},
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	215 #endif
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	216 {NULL, 0, NULL, 0, NULL}
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	217 };
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	218
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	219 #ifndef DISABLE_ZLIB
575 f9b5dc0cba61 - Disable compression for non-final multihops Matt Johnston <matt@ucc.asn.au> parents: 543 diff changeset	220 algo_type ssh_compress[] = {
994 5c5ade336926 Prefer stronger algorithms in algorithm negotiation. Fedor Brunner <fedor.brunner@azet.sk> parents: 992 diff changeset	221 {"[email protected]", DROPBEAR_COMP_ZLIB_DELAY, NULL, 1, NULL},
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	222 {"zlib", DROPBEAR_COMP_ZLIB, NULL, 1, NULL},
575 f9b5dc0cba61 - Disable compression for non-final multihops Matt Johnston <matt@ucc.asn.au> parents: 543 diff changeset	223 {"none", DROPBEAR_COMP_NONE, NULL, 1, NULL},
f9b5dc0cba61 - Disable compression for non-final multihops Matt Johnston <matt@ucc.asn.au> parents: 543 diff changeset	224 {NULL, 0, NULL, 0, NULL}
f9b5dc0cba61 - Disable compression for non-final multihops Matt Johnston <matt@ucc.asn.au> parents: 543 diff changeset	225 };
996 47643024fc90 Disable non-delayed zlib for server Matt Johnston <matt@ucc.asn.au> parents: 994 diff changeset	226
47643024fc90 Disable non-delayed zlib for server Matt Johnston <matt@ucc.asn.au> parents: 994 diff changeset	227 algo_type ssh_delaycompress[] = {
47643024fc90 Disable non-delayed zlib for server Matt Johnston <matt@ucc.asn.au> parents: 994 diff changeset	228 {"[email protected]", DROPBEAR_COMP_ZLIB_DELAY, NULL, 1, NULL},
47643024fc90 Disable non-delayed zlib for server Matt Johnston <matt@ucc.asn.au> parents: 994 diff changeset	229 {"none", DROPBEAR_COMP_NONE, NULL, 1, NULL},
47643024fc90 Disable non-delayed zlib for server Matt Johnston <matt@ucc.asn.au> parents: 994 diff changeset	230 {NULL, 0, NULL, 0, NULL}
47643024fc90 Disable non-delayed zlib for server Matt Johnston <matt@ucc.asn.au> parents: 994 diff changeset	231 };
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	232 #endif
575 f9b5dc0cba61 - Disable compression for non-final multihops Matt Johnston <matt@ucc.asn.au> parents: 543 diff changeset	233
f9b5dc0cba61 - Disable compression for non-final multihops Matt Johnston <matt@ucc.asn.au> parents: 543 diff changeset	234 algo_type ssh_nocompress[] = {
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	235 {"none", DROPBEAR_COMP_NONE, NULL, 1, NULL},
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	236 {NULL, 0, NULL, 0, NULL}
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	237 };
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	238
1678 4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO Matt Johnston <matt@ucc.asn.au> parents: 1676 diff changeset	239 algo_type sigalgs[] = {
1659 d32bcb5c557d Add Ed25519 support (#91) Vladislav Grishenko <themiron@users.noreply.github.com> parents: 1527 diff changeset	240 #if DROPBEAR_ED25519
1675 ae41624c2198 split signkey_type and signature_type for RSA sha1 vs sha256 Matt Johnston <matt@ucc.asn.au> parents: 1674 diff changeset	241 {"ssh-ed25519", DROPBEAR_SIGNATURE_ED25519, NULL, 1, NULL},
1902 4a6725ac957c Revert "Don't include sk keys at all in KEX list" Matt Johnston <matt@ucc.asn.au> parents: 1896 diff changeset	242 #if DROPBEAR_SK_ED25519
4a6725ac957c Revert "Don't include sk keys at all in KEX list" Matt Johnston <matt@ucc.asn.au> parents: 1896 diff changeset	243 {"[email protected]", DROPBEAR_SIGNATURE_SK_ED25519, NULL, 1, NULL},
4a6725ac957c Revert "Don't include sk keys at all in KEX list" Matt Johnston <matt@ucc.asn.au> parents: 1896 diff changeset	244 #endif
1659 d32bcb5c557d Add Ed25519 support (#91) Vladislav Grishenko <themiron@users.noreply.github.com> parents: 1527 diff changeset	245 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	246 #if DROPBEAR_ECDSA
750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	247 #if DROPBEAR_ECC_256
1675 ae41624c2198 split signkey_type and signature_type for RSA sha1 vs sha256 Matt Johnston <matt@ucc.asn.au> parents: 1674 diff changeset	248 {"ecdsa-sha2-nistp256", DROPBEAR_SIGNATURE_ECDSA_NISTP256, NULL, 1, NULL},
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	249 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	250 #if DROPBEAR_ECC_384
1675 ae41624c2198 split signkey_type and signature_type for RSA sha1 vs sha256 Matt Johnston <matt@ucc.asn.au> parents: 1674 diff changeset	251 {"ecdsa-sha2-nistp384", DROPBEAR_SIGNATURE_ECDSA_NISTP384, NULL, 1, NULL},
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	252 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	253 #if DROPBEAR_ECC_521
1675 ae41624c2198 split signkey_type and signature_type for RSA sha1 vs sha256 Matt Johnston <matt@ucc.asn.au> parents: 1674 diff changeset	254 {"ecdsa-sha2-nistp521", DROPBEAR_SIGNATURE_ECDSA_NISTP521, NULL, 1, NULL},
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	255 #endif
1902 4a6725ac957c Revert "Don't include sk keys at all in KEX list" Matt Johnston <matt@ucc.asn.au> parents: 1896 diff changeset	256 #if DROPBEAR_SK_ECDSA
4a6725ac957c Revert "Don't include sk keys at all in KEX list" Matt Johnston <matt@ucc.asn.au> parents: 1896 diff changeset	257 {"[email protected]", DROPBEAR_SIGNATURE_SK_ECDSA_NISTP256, NULL, 1, NULL},
4a6725ac957c Revert "Don't include sk keys at all in KEX list" Matt Johnston <matt@ucc.asn.au> parents: 1896 diff changeset	258 #endif
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	259 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	260 #if DROPBEAR_RSA
1674 ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1659 diff changeset	261 #if DROPBEAR_RSA_SHA256
1675 ae41624c2198 split signkey_type and signature_type for RSA sha1 vs sha256 Matt Johnston <matt@ucc.asn.au> parents: 1674 diff changeset	262 {"rsa-sha2-256", DROPBEAR_SIGNATURE_RSA_SHA256, NULL, 1, NULL},
1674 ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1659 diff changeset	263 #endif
ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1659 diff changeset	264 #if DROPBEAR_RSA_SHA1
1675 ae41624c2198 split signkey_type and signature_type for RSA sha1 vs sha256 Matt Johnston <matt@ucc.asn.au> parents: 1674 diff changeset	265 {"ssh-rsa", DROPBEAR_SIGNATURE_RSA_SHA1, NULL, 1, NULL},
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	266 #endif
1674 ba6fc7afe1c5 use sigtype where appropriate Matt Johnston <matt@ucc.asn.au> parents: 1659 diff changeset	267 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	268 #if DROPBEAR_DSS
1675 ae41624c2198 split signkey_type and signature_type for RSA sha1 vs sha256 Matt Johnston <matt@ucc.asn.au> parents: 1674 diff changeset	269 {"ssh-dss", DROPBEAR_SIGNATURE_DSS, NULL, 1, NULL},
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	270 #endif
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	271 {NULL, 0, NULL, 0, NULL}
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	272 };
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	273
1248 739b3909c499 Get rid of group15, move group16 to sha512. Matt Johnston <matt@ucc.asn.au> parents: 1225 diff changeset	274 #if DROPBEAR_DH_GROUP1
848 6c69e7df3621 curve25519 Matt Johnston <matt@ucc.asn.au> parents: 840 diff changeset	275 static const struct dropbear_kex kex_dh_group1 = {DROPBEAR_KEX_NORMAL_DH, dh_p_1, DH_P_1_LEN, NULL, &sha1_desc };
1248 739b3909c499 Get rid of group15, move group16 to sha512. Matt Johnston <matt@ucc.asn.au> parents: 1225 diff changeset	276 #endif
1294 56aba7dedbea options for disabling "normal" DH Matt Johnston <matt@ucc.asn.au> parents: 1273 diff changeset	277 #if DROPBEAR_DH_GROUP14_SHA1
1204 d2f9ef67af15 diffie-hellman-group14-sha256 Matt Johnston <matt@ucc.asn.au> parents: 1124 diff changeset	278 static const struct dropbear_kex kex_dh_group14_sha1 = {DROPBEAR_KEX_NORMAL_DH, dh_p_14, DH_P_14_LEN, NULL, &sha1_desc };
1294 56aba7dedbea options for disabling "normal" DH Matt Johnston <matt@ucc.asn.au> parents: 1273 diff changeset	279 #endif
56aba7dedbea options for disabling "normal" DH Matt Johnston <matt@ucc.asn.au> parents: 1273 diff changeset	280 #if DROPBEAR_DH_GROUP14_SHA256
1204 d2f9ef67af15 diffie-hellman-group14-sha256 Matt Johnston <matt@ucc.asn.au> parents: 1124 diff changeset	281 static const struct dropbear_kex kex_dh_group14_sha256 = {DROPBEAR_KEX_NORMAL_DH, dh_p_14, DH_P_14_LEN, NULL, &sha256_desc };
1248 739b3909c499 Get rid of group15, move group16 to sha512. Matt Johnston <matt@ucc.asn.au> parents: 1225 diff changeset	282 #endif
739b3909c499 Get rid of group15, move group16 to sha512. Matt Johnston <matt@ucc.asn.au> parents: 1225 diff changeset	283 #if DROPBEAR_DH_GROUP16
739b3909c499 Get rid of group15, move group16 to sha512. Matt Johnston <matt@ucc.asn.au> parents: 1225 diff changeset	284 static const struct dropbear_kex kex_dh_group16_sha512 = {DROPBEAR_KEX_NORMAL_DH, dh_p_16, DH_P_16_LEN, NULL, &sha512_desc };
1225 6a7938ba004a add dh group15 and group16, disabled by default Matt Johnston <matt@ucc.asn.au> parents: 1224 diff changeset	285 #endif
756 bf9dc2d9c2b1 more bits on ecc branch Matt Johnston <matt@ucc.asn.au> parents: 755 diff changeset	286
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	287 #if DROPBEAR_ECDH
750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	288 #if DROPBEAR_ECC_256
1273 139935236c72 const variables Francois Perrad <francois.perrad@gadz.org> parents: 1248 diff changeset	289 static const struct dropbear_kex kex_ecdh_nistp256 = {DROPBEAR_KEX_ECDH, NULL, 0, &ecc_curve_nistp256, &sha256_desc };
756 bf9dc2d9c2b1 more bits on ecc branch Matt Johnston <matt@ucc.asn.au> parents: 755 diff changeset	290 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	291 #if DROPBEAR_ECC_384
1273 139935236c72 const variables Francois Perrad <francois.perrad@gadz.org> parents: 1248 diff changeset	292 static const struct dropbear_kex kex_ecdh_nistp384 = {DROPBEAR_KEX_ECDH, NULL, 0, &ecc_curve_nistp384, &sha384_desc };
756 bf9dc2d9c2b1 more bits on ecc branch Matt Johnston <matt@ucc.asn.au> parents: 755 diff changeset	293 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	294 #if DROPBEAR_ECC_521
1273 139935236c72 const variables Francois Perrad <francois.perrad@gadz.org> parents: 1248 diff changeset	295 static const struct dropbear_kex kex_ecdh_nistp521 = {DROPBEAR_KEX_ECDH, NULL, 0, &ecc_curve_nistp521, &sha512_desc };
756 bf9dc2d9c2b1 more bits on ecc branch Matt Johnston <matt@ucc.asn.au> parents: 755 diff changeset	296 #endif
848 6c69e7df3621 curve25519 Matt Johnston <matt@ucc.asn.au> parents: 840 diff changeset	297 #endif /* DROPBEAR_ECDH */
756 bf9dc2d9c2b1 more bits on ecc branch Matt Johnston <matt@ucc.asn.au> parents: 755 diff changeset	298
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	299 #if DROPBEAR_CURVE25519
848 6c69e7df3621 curve25519 Matt Johnston <matt@ucc.asn.au> parents: 840 diff changeset	300 /* Referred to directly */
852 7540c0822374 Various cleanups and fixes for warnings Matt Johnston <matt@ucc.asn.au> parents: 848 diff changeset	301 static const struct dropbear_kex kex_curve25519 = {DROPBEAR_KEX_CURVE25519, NULL, 0, NULL, &sha256_desc };
848 6c69e7df3621 curve25519 Matt Johnston <matt@ucc.asn.au> parents: 840 diff changeset	302 #endif
756 bf9dc2d9c2b1 more bits on ecc branch Matt Johnston <matt@ucc.asn.au> parents: 755 diff changeset	303
1676 d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	304 /* data == NULL for non-kex algorithm identifiers */
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	305 algo_type sshkex[] = {
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	306 #if DROPBEAR_CURVE25519
1527 049b28f4be4a add curve25519-sha256 without @libssh.org Matt Johnston <matt@ucc.asn.au> parents: 1518 diff changeset	307 {"curve25519-sha256", 0, &kex_curve25519, 1, NULL},
848 6c69e7df3621 curve25519 Matt Johnston <matt@ucc.asn.au> parents: 840 diff changeset	308 {"[email protected]", 0, &kex_curve25519, 1, NULL},
6c69e7df3621 curve25519 Matt Johnston <matt@ucc.asn.au> parents: 840 diff changeset	309 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	310 #if DROPBEAR_ECDH
750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	311 #if DROPBEAR_ECC_521
840 5128e525c8fa Default to some larger key sizes Matt Johnston <matt@ucc.asn.au> parents: 801 diff changeset	312 {"ecdh-sha2-nistp521", 0, &kex_ecdh_nistp521, 1, NULL},
756 bf9dc2d9c2b1 more bits on ecc branch Matt Johnston <matt@ucc.asn.au> parents: 755 diff changeset	313 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	314 #if DROPBEAR_ECC_384
762 a78a38e402d1 - Fix various hardcoded uses of SHA1 Matt Johnston <matt@ucc.asn.au> parents: 761 diff changeset	315 {"ecdh-sha2-nistp384", 0, &kex_ecdh_nistp384, 1, NULL},
756 bf9dc2d9c2b1 more bits on ecc branch Matt Johnston <matt@ucc.asn.au> parents: 755 diff changeset	316 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	317 #if DROPBEAR_ECC_256
840 5128e525c8fa Default to some larger key sizes Matt Johnston <matt@ucc.asn.au> parents: 801 diff changeset	318 {"ecdh-sha2-nistp256", 0, &kex_ecdh_nistp256, 1, NULL},
756 bf9dc2d9c2b1 more bits on ecc branch Matt Johnston <matt@ucc.asn.au> parents: 755 diff changeset	319 #endif
bf9dc2d9c2b1 more bits on ecc branch Matt Johnston <matt@ucc.asn.au> parents: 755 diff changeset	320 #endif
1518 b222c027a733 group14-sha256 should be higher than group14-sha1 Matt Johnston <matt@ucc.asn.au> parents: 1477 diff changeset	321 #if DROPBEAR_DH_GROUP14_SHA256
b222c027a733 group14-sha256 should be higher than group14-sha1 Matt Johnston <matt@ucc.asn.au> parents: 1477 diff changeset	322 {"diffie-hellman-group14-sha256", 0, &kex_dh_group14_sha256, 1, NULL},
b222c027a733 group14-sha256 should be higher than group14-sha1 Matt Johnston <matt@ucc.asn.au> parents: 1477 diff changeset	323 #endif
1294 56aba7dedbea options for disabling "normal" DH Matt Johnston <matt@ucc.asn.au> parents: 1273 diff changeset	324 #if DROPBEAR_DH_GROUP14_SHA1
56aba7dedbea options for disabling "normal" DH Matt Johnston <matt@ucc.asn.au> parents: 1273 diff changeset	325 {"diffie-hellman-group14-sha1", 0, &kex_dh_group14_sha1, 1, NULL},
56aba7dedbea options for disabling "normal" DH Matt Johnston <matt@ucc.asn.au> parents: 1273 diff changeset	326 #endif
1248 739b3909c499 Get rid of group15, move group16 to sha512. Matt Johnston <matt@ucc.asn.au> parents: 1225 diff changeset	327 #if DROPBEAR_DH_GROUP1
756 bf9dc2d9c2b1 more bits on ecc branch Matt Johnston <matt@ucc.asn.au> parents: 755 diff changeset	328 {"diffie-hellman-group1-sha1", 0, &kex_dh_group1, 1, NULL},
1225 6a7938ba004a add dh group15 and group16, disabled by default Matt Johnston <matt@ucc.asn.au> parents: 1224 diff changeset	329 #endif
1248 739b3909c499 Get rid of group15, move group16 to sha512. Matt Johnston <matt@ucc.asn.au> parents: 1225 diff changeset	330 #if DROPBEAR_DH_GROUP16
739b3909c499 Get rid of group15, move group16 to sha512. Matt Johnston <matt@ucc.asn.au> parents: 1225 diff changeset	331 {"diffie-hellman-group16-sha512", 0, &kex_dh_group16_sha512, 1, NULL},
1225 6a7938ba004a add dh group15 and group16, disabled by default Matt Johnston <matt@ucc.asn.au> parents: 1224 diff changeset	332 #endif
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	333 #if DROPBEAR_KEXGUESS2
1676 d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	334 {KEXGUESS2_ALGO_NAME, 0, NULL, 1, NULL},
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	335 #endif
1681 435cfb9ec96e send and handle SSH_MSG_EXT_INFO only at the correct point Matt Johnston <matt@ucc.asn.au> parents: 1678 diff changeset	336 #if DROPBEAR_EXT_INFO
1676 d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	337 #if DROPBEAR_CLIENT
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	338 /* Set unusable by svr_algos_initialise() */
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	339 {SSH_EXT_INFO_C, 0, NULL, 1, NULL},
746 465fefc4f6e0 Put some #ifdef options around first-follows options in case they Matt Johnston <matt@ucc.asn.au> parents: 745 diff changeset	340 #endif
1681 435cfb9ec96e send and handle SSH_MSG_EXT_INFO only at the correct point Matt Johnston <matt@ucc.asn.au> parents: 1678 diff changeset	341 #endif
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	342 {NULL, 0, NULL, 0, NULL}
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	343 };
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	344
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	345 /* Output a comma separated list of algorithms to a buffer */
1678 4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO Matt Johnston <matt@ucc.asn.au> parents: 1676 diff changeset	346 void buf_put_algolist_all(buffer * buf, const algo_type localalgos[], int useall) {
238 e923801a7678 use a buffer rather than raw char array for creating Matt Johnston <matt@ucc.asn.au> parents: 237 diff changeset	347 unsigned int i, len;
e923801a7678 use a buffer rather than raw char array for creating Matt Johnston <matt@ucc.asn.au> parents: 237 diff changeset	348 unsigned int donefirst = 0;
1678 4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO Matt Johnston <matt@ucc.asn.au> parents: 1676 diff changeset	349 unsigned int startpos;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	350
1678 4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO Matt Johnston <matt@ucc.asn.au> parents: 1676 diff changeset	351 startpos = buf->pos;
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO Matt Johnston <matt@ucc.asn.au> parents: 1676 diff changeset	352 /* Placeholder for length */
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO Matt Johnston <matt@ucc.asn.au> parents: 1676 diff changeset	353 buf_putint(buf, 0);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	354 for (i = 0; localalgos[i].name != NULL; i++) {
1678 4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO Matt Johnston <matt@ucc.asn.au> parents: 1676 diff changeset	355 if (localalgos[i].usable \|\| useall) {
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO Matt Johnston <matt@ucc.asn.au> parents: 1676 diff changeset	356 if (donefirst) {
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO Matt Johnston <matt@ucc.asn.au> parents: 1676 diff changeset	357 buf_putbyte(buf, ',');
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO Matt Johnston <matt@ucc.asn.au> parents: 1676 diff changeset	358 }
238 e923801a7678 use a buffer rather than raw char array for creating Matt Johnston <matt@ucc.asn.au> parents: 237 diff changeset	359 donefirst = 1;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	360 len = strlen(localalgos[i].name);
1678 4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO Matt Johnston <matt@ucc.asn.au> parents: 1676 diff changeset	361 buf_putbytes(buf, (const unsigned char *) localalgos[i].name, len);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	362 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	363 }
1678 4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO Matt Johnston <matt@ucc.asn.au> parents: 1676 diff changeset	364 /* Fill out the length */
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO Matt Johnston <matt@ucc.asn.au> parents: 1676 diff changeset	365 len = buf->pos - startpos - 4;
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO Matt Johnston <matt@ucc.asn.au> parents: 1676 diff changeset	366 buf_setpos(buf, startpos);
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO Matt Johnston <matt@ucc.asn.au> parents: 1676 diff changeset	367 buf_putint(buf, len);
1869 d7247462fa0d Fix incorrect algolist TRACE print Matt Johnston <matt@ucc.asn.au> parents: 1856 diff changeset	368 TRACE(("algolist add %d '%.*s'", len, len, buf_getptr(buf, len)))
1678 4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO Matt Johnston <matt@ucc.asn.au> parents: 1676 diff changeset	369 buf_incrwritepos(buf, len);
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO Matt Johnston <matt@ucc.asn.au> parents: 1676 diff changeset	370 }
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO Matt Johnston <matt@ucc.asn.au> parents: 1676 diff changeset	371
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO Matt Johnston <matt@ucc.asn.au> parents: 1676 diff changeset	372 void buf_put_algolist(buffer * buf, const algo_type localalgos[]) {
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO Matt Johnston <matt@ucc.asn.au> parents: 1676 diff changeset	373 buf_put_algolist_all(buf, localalgos, 0);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	374 }
682 4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	375
1676 d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	376 /* returns a list of pointers into algolist, of null-terminated names.
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	377 ret_list should be passed in with space for *ret_count elements,
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	378 on return *ret_count has the number of names filled.
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	379 algolist is modified. */
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	380 static void get_algolist(char* algolist, unsigned int algolist_len,
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	381 const char* ret_list, unsigned int ret_count) {
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	382 unsigned int max_count = *ret_count;
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	383 unsigned int i;
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	384
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	385 if (*ret_count == 0) {
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	386 return;
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	387 }
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	388 if (algolist_len > MAX_PROPOSED_ALGO*(MAX_NAME_LEN+1)) {
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	389 *ret_count = 0;
1753 7c0fcd19e492 Increase MAX_PROPOSED_ALGO to 50, warn if exceeded Matt Johnston <matt@ucc.asn.au> parents: 1713 diff changeset	390 }
1676 d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	391
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	392 /* ret_list will contain a list of the strings parsed out.
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	393 We will have at least one string (even if it's just "") */
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	394 ret_list[0] = algolist;
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	395 *ret_count = 1;
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	396 for (i = 0; i < algolist_len; i++) {
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	397 if (algolist[i] == '\0') {
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	398 /* someone is trying something strange */
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	399 *ret_count = 0;
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	400 return;
1753 7c0fcd19e492 Increase MAX_PROPOSED_ALGO to 50, warn if exceeded Matt Johnston <matt@ucc.asn.au> parents: 1713 diff changeset	401 }
1676 d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	402
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	403 if (algolist[i] == ',') {
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	404 if (*ret_count >= max_count) {
1755 9efceb851bea Make "Too many remote algorithms" exit rather than log Matt Johnston <matt@ucc.asn.au> parents: 1753 diff changeset	405 dropbear_exit("Too many remote algorithms");
1676 d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	406 *ret_count = 0;
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	407 return;
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	408 }
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	409 algolist[i] = '\0';
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	410 ret_list[*ret_count] = &algolist[i+1];
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	411 (*ret_count)++;
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	412 }
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	413 }
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	414 }
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	415
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	416 /* Return DROPBEAR_SUCCESS if the namelist contains algo,
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	417 DROPBEAR_FAILURE otherwise. buf position is not incremented. */
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	418 int buf_has_algo(buffer buf, const char algo) {
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	419 unsigned char* algolist = NULL;
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	420 unsigned int orig_pos = buf->pos;
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	421 unsigned int len, remotecount, i;
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	422 const char *remotenames[MAX_PROPOSED_ALGO];
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	423 int ret = DROPBEAR_FAILURE;
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	424
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	425 algolist = buf_getstring(buf, &len);
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	426 remotecount = MAX_PROPOSED_ALGO;
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	427 get_algolist(algolist, len, remotenames, &remotecount);
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	428 for (i = 0; i < remotecount; i++)
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	429 {
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	430 if (strcmp(remotenames[i], algo) == 0) {
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	431 ret = DROPBEAR_SUCCESS;
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	432 break;
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	433 }
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	434 }
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	435 if (algolist) {
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	436 m_free(algolist);
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	437 }
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	438 buf_setpos(buf, orig_pos);
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	439 return ret;
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	440 }
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	441
1678 4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO Matt Johnston <matt@ucc.asn.au> parents: 1676 diff changeset	442 algo_type * first_usable_algo(algo_type algos[]) {
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO Matt Johnston <matt@ucc.asn.au> parents: 1676 diff changeset	443 int i;
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO Matt Johnston <matt@ucc.asn.au> parents: 1676 diff changeset	444 for (i = 0; algos[i].name != NULL; i++) {
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO Matt Johnston <matt@ucc.asn.au> parents: 1676 diff changeset	445 if (algos[i].usable) {
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO Matt Johnston <matt@ucc.asn.au> parents: 1676 diff changeset	446 return &algos[i];
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO Matt Johnston <matt@ucc.asn.au> parents: 1676 diff changeset	447 }
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO Matt Johnston <matt@ucc.asn.au> parents: 1676 diff changeset	448 }
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO Matt Johnston <matt@ucc.asn.au> parents: 1676 diff changeset	449 return NULL;
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO Matt Johnston <matt@ucc.asn.au> parents: 1676 diff changeset	450 }
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO Matt Johnston <matt@ucc.asn.au> parents: 1676 diff changeset	451
741 eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	452 /* match the first algorithm in the comma-separated list in buf which is
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	453 * also in localalgos[], or return NULL on failure.
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	454 * (*goodguess) is set to 1 if the preferred client/server algos match,
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	455 * 0 otherwise. This is used for checking if the kexalgo/hostkeyalgos are
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	456 * guessed correctly */
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	457 algo_type * buf_match_algo(buffer* buf, algo_type localalgos[],
1676 d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	458 int kexguess2, int *goodguess) {
1094 c45d65392c1a Fix pointer differ in signess warnings [-Werror=pointer-sign] Gaël PORTAY <gael.portay@gmail.com> parents: 1038 diff changeset	459 char * algolist = NULL;
c45d65392c1a Fix pointer differ in signess warnings [-Werror=pointer-sign] Gaël PORTAY <gael.portay@gmail.com> parents: 1038 diff changeset	460 const char remotenames[MAX_PROPOSED_ALGO], localnames[MAX_PROPOSED_ALGO];
741 eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	461 unsigned int len;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	462 unsigned int remotecount, localcount, clicount, servcount, i, j;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	463 algo_type * ret = NULL;
1094 c45d65392c1a Fix pointer differ in signess warnings [-Werror=pointer-sign] Gaël PORTAY <gael.portay@gmail.com> parents: 1038 diff changeset	464 const char clinames, servnames;
741 eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	465
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	466 if (goodguess) {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	467 *goodguess = 0;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	468 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	469
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	470 /* get the comma-separated list from the buffer ie "algo1,algo2,algo3" */
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	471 algolist = buf_getstring(buf, &len);
1896 6cb6e81ca765 changed TRACE to DEBUG3 for dbclient HansH111 <hans@atbas.org> parents: 1869 diff changeset	472 DEBUG3(("buf_match_algo: %s", algolist))
1676 d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	473 remotecount = MAX_PROPOSED_ALGO;
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	474 get_algolist(algolist, len, remotenames, &remotecount);
741 eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	475
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	476 for (i = 0; localalgos[i].name != NULL; i++) {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	477 if (localalgos[i].usable) {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	478 localnames[i] = localalgos[i].name;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	479 } else {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	480 localnames[i] = NULL;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	481 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	482 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	483 localcount = i;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	484
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	485 if (IS_DROPBEAR_SERVER) {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	486 clinames = remotenames;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	487 clicount = remotecount;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	488 servnames = localnames;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	489 servcount = localcount;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	490 } else {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	491 clinames = localnames;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	492 clicount = localcount;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	493 servnames = remotenames;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	494 servcount = remotecount;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	495 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	496
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	497 /* iterate and find the first match */
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	498 for (i = 0; i < clicount; i++) {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	499 for (j = 0; j < servcount; j++) {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	500 if (!(servnames[j] && clinames[i])) {
857 c19acba28590 use oldstyle comments Matt Johnston <matt@ucc.asn.au> parents: 852 diff changeset	501 /* unusable algos are NULL */
741 eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	502 continue;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	503 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	504 if (strcmp(servnames[j], clinames[i]) == 0) {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	505 /* set if it was a good guess */
1676 d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	506 if (goodguess != NULL) {
d5cdc60db08e ext-info handling for server-sig-algs Matt Johnston <matt@ucc.asn.au> parents: 1675 diff changeset	507 if (kexguess2) {
741 eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	508 if (i == 0) {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	509 *goodguess = 1;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	510 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	511 } else {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	512 if (i == 0 && j == 0) {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	513 *goodguess = 1;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	514 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	515 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	516 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	517 /* set the algo to return */
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	518 if (IS_DROPBEAR_SERVER) {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	519 ret = &localalgos[j];
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	520 } else {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	521 ret = &localalgos[i];
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	522 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	523 goto out;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	524 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	525 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	526 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	527
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	528 out:
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	529 m_free(algolist);
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	530 return ret;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	531 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	532
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	533 #if DROPBEAR_USER_ALGO_LIST
682 4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	534
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	535 char *
1459 06d52bcb8094 Pointer parameter could be declared as pointing to const Francois Perrad <francois.perrad@gadz.org> parents: 1316 diff changeset	536 algolist_string(const algo_type algos[])
682 4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	537 {
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	538 char *ret_list;
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	539 buffer *b = buf_new(200);
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	540 buf_put_algolist(b, algos);
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	541 buf_setpos(b, b->len);
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	542 buf_putbyte(b, '\0');
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	543 buf_setpos(b, 4);
1094 c45d65392c1a Fix pointer differ in signess warnings [-Werror=pointer-sign] Gaël PORTAY <gael.portay@gmail.com> parents: 1038 diff changeset	544 ret_list = m_strdup((const char *) buf_getptr(b, b->len - b->pos));
682 4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	545 buf_free(b);
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	546 return ret_list;
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	547 }
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	548
683 63f8d6c469cf ENABLE_USER_ALGO_LIST should work for the client Matt Johnston <matt@ucc.asn.au> parents: 682 diff changeset	549 static algo_type*
682 4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	550 check_algo(const char* algo_name, algo_type *algos)
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	551 {
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	552 algo_type *a;
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	553 for (a = algos; a->name != NULL; a++)
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	554 {
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	555 if (strcmp(a->name, algo_name) == 0)
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	556 {
683 63f8d6c469cf ENABLE_USER_ALGO_LIST should work for the client Matt Johnston <matt@ucc.asn.au> parents: 682 diff changeset	557 return a;
682 4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	558 }
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	559 }
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	560
683 63f8d6c469cf ENABLE_USER_ALGO_LIST should work for the client Matt Johnston <matt@ucc.asn.au> parents: 682 diff changeset	561 return NULL;
682 4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	562 }
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	563
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	564 /* Checks a user provided comma-separated algorithm list for available
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	565 * options. Any that are not acceptable are removed in-place. Returns the
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	566 * number of valid algorithms. */
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	567 int
683 63f8d6c469cf ENABLE_USER_ALGO_LIST should work for the client Matt Johnston <matt@ucc.asn.au> parents: 682 diff changeset	568 check_user_algos(const char* user_algo_list, algo_type * algos,
682 4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	569 const char *algo_desc)
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	570 {
1303 eed9376a4ad6 improve algorithm list parsing Matt Johnston <matt@ucc.asn.au> parents: 1273 diff changeset	571 algo_type new_algos[MAX_PROPOSED_ALGO+1];
682 4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	572 char *work_list = m_strdup(user_algo_list);
1303 eed9376a4ad6 improve algorithm list parsing Matt Johnston <matt@ucc.asn.au> parents: 1273 diff changeset	573 char *start = work_list;
682 4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	574 char *c;
1303 eed9376a4ad6 improve algorithm list parsing Matt Johnston <matt@ucc.asn.au> parents: 1273 diff changeset	575 int n;
eed9376a4ad6 improve algorithm list parsing Matt Johnston <matt@ucc.asn.au> parents: 1273 diff changeset	576 /* So we can iterate and look for null terminator */
eed9376a4ad6 improve algorithm list parsing Matt Johnston <matt@ucc.asn.au> parents: 1273 diff changeset	577 memset(new_algos, 0x0, sizeof(new_algos));
eed9376a4ad6 improve algorithm list parsing Matt Johnston <matt@ucc.asn.au> parents: 1273 diff changeset	578 for (c = work_list, n = 0; ; c++)
682 4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	579 {
1303 eed9376a4ad6 improve algorithm list parsing Matt Johnston <matt@ucc.asn.au> parents: 1273 diff changeset	580 char oc = *c;
eed9376a4ad6 improve algorithm list parsing Matt Johnston <matt@ucc.asn.au> parents: 1273 diff changeset	581 if (n >= MAX_PROPOSED_ALGO) {
eed9376a4ad6 improve algorithm list parsing Matt Johnston <matt@ucc.asn.au> parents: 1273 diff changeset	582 dropbear_exit("Too many algorithms '%s'", user_algo_list);
eed9376a4ad6 improve algorithm list parsing Matt Johnston <matt@ucc.asn.au> parents: 1273 diff changeset	583 }
eed9376a4ad6 improve algorithm list parsing Matt Johnston <matt@ucc.asn.au> parents: 1273 diff changeset	584 if (c == ',' \|\| c == '\0') {
eed9376a4ad6 improve algorithm list parsing Matt Johnston <matt@ucc.asn.au> parents: 1273 diff changeset	585 algo_type *match_algo = NULL;
682 4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	586 *c = '\0';
1303 eed9376a4ad6 improve algorithm list parsing Matt Johnston <matt@ucc.asn.au> parents: 1273 diff changeset	587 match_algo = check_algo(start, algos);
eed9376a4ad6 improve algorithm list parsing Matt Johnston <matt@ucc.asn.au> parents: 1273 diff changeset	588 if (match_algo) {
eed9376a4ad6 improve algorithm list parsing Matt Johnston <matt@ucc.asn.au> parents: 1273 diff changeset	589 if (check_algo(start, new_algos)) {
eed9376a4ad6 improve algorithm list parsing Matt Johnston <matt@ucc.asn.au> parents: 1273 diff changeset	590 TRACE(("Skip repeated algorithm '%s'", start))
eed9376a4ad6 improve algorithm list parsing Matt Johnston <matt@ucc.asn.au> parents: 1273 diff changeset	591 } else {
eed9376a4ad6 improve algorithm list parsing Matt Johnston <matt@ucc.asn.au> parents: 1273 diff changeset	592 new_algos[n] = *match_algo;
eed9376a4ad6 improve algorithm list parsing Matt Johnston <matt@ucc.asn.au> parents: 1273 diff changeset	593 n++;
eed9376a4ad6 improve algorithm list parsing Matt Johnston <matt@ucc.asn.au> parents: 1273 diff changeset	594 }
eed9376a4ad6 improve algorithm list parsing Matt Johnston <matt@ucc.asn.au> parents: 1273 diff changeset	595 } else {
eed9376a4ad6 improve algorithm list parsing Matt Johnston <matt@ucc.asn.au> parents: 1273 diff changeset	596 dropbear_log(LOG_WARNING, "This Dropbear program does not support '%s' %s algorithm", start, algo_desc);
eed9376a4ad6 improve algorithm list parsing Matt Johnston <matt@ucc.asn.au> parents: 1273 diff changeset	597 }
686 983a817f8e41 - Only request "none" cipher after auth has succeeded Matt Johnston <matt@ucc.asn.au> parents: 684 diff changeset	598 c++;
1303 eed9376a4ad6 improve algorithm list parsing Matt Johnston <matt@ucc.asn.au> parents: 1273 diff changeset	599 start = c;
eed9376a4ad6 improve algorithm list parsing Matt Johnston <matt@ucc.asn.au> parents: 1273 diff changeset	600 }
eed9376a4ad6 improve algorithm list parsing Matt Johnston <matt@ucc.asn.au> parents: 1273 diff changeset	601 if (oc == '\0') {
eed9376a4ad6 improve algorithm list parsing Matt Johnston <matt@ucc.asn.au> parents: 1273 diff changeset	602 break;
682 4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	603 }
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	604 }
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	605 m_free(work_list);
1303 eed9376a4ad6 improve algorithm list parsing Matt Johnston <matt@ucc.asn.au> parents: 1273 diff changeset	606 /* n+1 to include a null terminator */
eed9376a4ad6 improve algorithm list parsing Matt Johnston <matt@ucc.asn.au> parents: 1273 diff changeset	607 memcpy(algos, new_algos, sizeof(new_algos) (n+1));
eed9376a4ad6 improve algorithm list parsing Matt Johnston <matt@ucc.asn.au> parents: 1273 diff changeset	608 return n;
682 4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	609 }
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1294 diff changeset	610 #endif /* DROPBEAR_USER_ALGO_LIST */

Mercurial > dropbear

annotate common-algo.c @ 1902:4a6725ac957c