annotate common-algo.c @ 1759:4c5599435084

merge from main
author Matt Johnston <matt@ucc.asn.au>
date Sun, 25 Oct 2020 21:47:42 +0800
parents 7c0fcd19e492
children 9efceb851bea
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1 /*
74
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 4
diff changeset
2 * Dropbear SSH
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
3 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
4 * Copyright (c) 2002,2003 Matt Johnston
74
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 4
diff changeset
5 * Copyright (c) 2004 by Mihnea Stoenescu
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
6 * All rights reserved.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
7 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
8 * Permission is hereby granted, free of charge, to any person obtaining a copy
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
9 * of this software and associated documentation files (the "Software"), to deal
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
10 * in the Software without restriction, including without limitation the rights
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
11 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
12 * copies of the Software, and to permit persons to whom the Software is
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
13 * furnished to do so, subject to the following conditions:
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
14 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
15 * The above copyright notice and this permission notice shall be included in
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
16 * all copies or substantial portions of the Software.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
17 *
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
18 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
19 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
20 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
21 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
22 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
23 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
24 * SOFTWARE. */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
25
761
ac2158e3e403 ecc kind of works, needs fixing/testing
Matt Johnston <matt@ucc.asn.au>
parents: 759
diff changeset
26 #include "includes.h"
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
27 #include "algo.h"
741
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
28 #include "session.h"
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
29 #include "dbutil.h"
1224
82e2037d34ea Move dh group constants to a separate file
Matt Johnston <matt@ucc.asn.au>
parents: 1204
diff changeset
30 #include "dh_groups.h"
761
ac2158e3e403 ecc kind of works, needs fixing/testing
Matt Johnston <matt@ucc.asn.au>
parents: 759
diff changeset
31 #include "ltc_prng.h"
ac2158e3e403 ecc kind of works, needs fixing/testing
Matt Johnston <matt@ucc.asn.au>
parents: 759
diff changeset
32 #include "ecc.h"
1672
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1659
diff changeset
33 #include "gcm.h"
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1659
diff changeset
34 #include "chachapoly.h"
1676
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
35 #include "ssh.h"
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
36
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
37 /* This file (algo.c) organises the ciphers which can be used, and is used to
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
38 * decide which ciphers/hashes/compression/signing to use during key exchange*/
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
39
502
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
40 static int void_cipher(const unsigned char* in, unsigned char* out,
761
ac2158e3e403 ecc kind of works, needs fixing/testing
Matt Johnston <matt@ucc.asn.au>
parents: 759
diff changeset
41 unsigned long len, void* UNUSED(cipher_state)) {
543
e12c9225acbd - Don't memcpy() in place with void_encrypt
Matt Johnston <matt@ucc.asn.au>
parents: 503
diff changeset
42 if (in != out) {
e12c9225acbd - Don't memcpy() in place with void_encrypt
Matt Johnston <matt@ucc.asn.au>
parents: 503
diff changeset
43 memmove(out, in, len);
e12c9225acbd - Don't memcpy() in place with void_encrypt
Matt Johnston <matt@ucc.asn.au>
parents: 503
diff changeset
44 }
502
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
45 return CRYPT_OK;
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
46 }
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
47
761
ac2158e3e403 ecc kind of works, needs fixing/testing
Matt Johnston <matt@ucc.asn.au>
parents: 759
diff changeset
48 static int void_start(int UNUSED(cipher), const unsigned char* UNUSED(IV),
ac2158e3e403 ecc kind of works, needs fixing/testing
Matt Johnston <matt@ucc.asn.au>
parents: 759
diff changeset
49 const unsigned char* UNUSED(key),
ac2158e3e403 ecc kind of works, needs fixing/testing
Matt Johnston <matt@ucc.asn.au>
parents: 759
diff changeset
50 int UNUSED(keylen), int UNUSED(num_rounds), void* UNUSED(cipher_state)) {
502
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
51 return CRYPT_OK;
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
52 }
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
53
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
54 /* Mappings for ciphers, parameters are
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
55 {&cipher_desc, keysize, blocksize} */
715
cd3d3c63d189 Make hmac-sha2-256 and hmac-sha2-512 work
Matt Johnston <matt@ucc.asn.au>
parents: 686
diff changeset
56
cd3d3c63d189 Make hmac-sha2-256 and hmac-sha2-512 work
Matt Johnston <matt@ucc.asn.au>
parents: 686
diff changeset
57 /* Remember to add new ciphers/hashes to regciphers/reghashes too */
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
58
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
59 #if DROPBEAR_AES256
228
5e4110bb753a - Fixed twofish algorithm naming so it actually works.
Matt Johnston <matt@ucc.asn.au>
parents: 227
diff changeset
60 static const struct dropbear_cipher dropbear_aes256 =
5e4110bb753a - Fixed twofish algorithm naming so it actually works.
Matt Johnston <matt@ucc.asn.au>
parents: 227
diff changeset
61 {&aes_desc, 32, 16};
5e4110bb753a - Fixed twofish algorithm naming so it actually works.
Matt Johnston <matt@ucc.asn.au>
parents: 227
diff changeset
62 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
63 #if DROPBEAR_AES128
227
ad1b24e39bf3 Make a variables static
Matt Johnston <matt@ucc.asn.au>
parents: 194
diff changeset
64 static const struct dropbear_cipher dropbear_aes128 =
150
82fcf3185616 Cleaning out various dead wood found with -dead_strip
Matt Johnston <matt@ucc.asn.au>
parents: 74
diff changeset
65 {&aes_desc, 16, 16};
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
66 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
67 #if DROPBEAR_TWOFISH256
228
5e4110bb753a - Fixed twofish algorithm naming so it actually works.
Matt Johnston <matt@ucc.asn.au>
parents: 227
diff changeset
68 static const struct dropbear_cipher dropbear_twofish256 =
5e4110bb753a - Fixed twofish algorithm naming so it actually works.
Matt Johnston <matt@ucc.asn.au>
parents: 227
diff changeset
69 {&twofish_desc, 32, 16};
5e4110bb753a - Fixed twofish algorithm naming so it actually works.
Matt Johnston <matt@ucc.asn.au>
parents: 227
diff changeset
70 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
71 #if DROPBEAR_TWOFISH128
227
ad1b24e39bf3 Make a variables static
Matt Johnston <matt@ucc.asn.au>
parents: 194
diff changeset
72 static const struct dropbear_cipher dropbear_twofish128 =
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
73 {&twofish_desc, 16, 16};
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
74 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
75 #if DROPBEAR_3DES
227
ad1b24e39bf3 Make a variables static
Matt Johnston <matt@ucc.asn.au>
parents: 194
diff changeset
76 static const struct dropbear_cipher dropbear_3des =
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
77 {&des3_desc, 24, 8};
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
78 #endif
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
79
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
80 /* used to indicate no encryption, as defined in rfc2410 */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
81 const struct dropbear_cipher dropbear_nocipher =
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
82 {NULL, 16, 8};
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
83
502
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
84 /* A few void* s are required to silence warnings
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
85 * about the symmetric_CBC vs symmetric_CTR cipher_state pointer */
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
86 #if DROPBEAR_ENABLE_CBC_MODE
502
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
87 const struct dropbear_cipher_mode dropbear_mode_cbc =
1672
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1659
diff changeset
88 {(void*)cbc_start, (void*)cbc_encrypt, (void*)cbc_decrypt, NULL, NULL, NULL};
1038
d3925ed45a85 Fix for old compilers, variable declarations at beginning of functions
Thorsten Horstmann <thorsten.horstmann@web.de>
parents: 1019
diff changeset
89 #endif /* DROPBEAR_ENABLE_CBC_MODE */
992
731f624af902 Add config option to disable cbc. Disable twofish by default
Matt Johnston <matt@ucc.asn.au>
parents: 857
diff changeset
90
502
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
91 const struct dropbear_cipher_mode dropbear_mode_none =
1672
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1659
diff changeset
92 {void_start, void_cipher, void_cipher, NULL, NULL, NULL};
992
731f624af902 Add config option to disable cbc. Disable twofish by default
Matt Johnston <matt@ucc.asn.au>
parents: 857
diff changeset
93
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
94 #if DROPBEAR_ENABLE_CTR_MODE
502
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
95 /* a wrapper to make ctr_start and cbc_start look the same */
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
96 static int dropbear_big_endian_ctr_start(int cipher,
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
97 const unsigned char *IV,
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
98 const unsigned char *key, int keylen,
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
99 int num_rounds, symmetric_CTR *ctr) {
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
100 return ctr_start(cipher, IV, key, keylen, num_rounds, CTR_COUNTER_BIG_ENDIAN, ctr);
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
101 }
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
102 const struct dropbear_cipher_mode dropbear_mode_ctr =
1672
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1659
diff changeset
103 {(void*)dropbear_big_endian_ctr_start, (void*)ctr_encrypt, (void*)ctr_decrypt, NULL, NULL, NULL};
1038
d3925ed45a85 Fix for old compilers, variable declarations at beginning of functions
Thorsten Horstmann <thorsten.horstmann@web.de>
parents: 1019
diff changeset
104 #endif /* DROPBEAR_ENABLE_CTR_MODE */
502
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
105
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
106 /* Mapping of ssh hashes to libtomcrypt hashes, including keysize etc.
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
107 {&hash_desc, keysize, hashsize} */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
108
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
109 #if DROPBEAR_SHA1_HMAC
227
ad1b24e39bf3 Make a variables static
Matt Johnston <matt@ucc.asn.au>
parents: 194
diff changeset
110 static const struct dropbear_hash dropbear_sha1 =
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
111 {&sha1_desc, 20, 20};
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
112 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
113 #if DROPBEAR_SHA1_96_HMAC
228
5e4110bb753a - Fixed twofish algorithm naming so it actually works.
Matt Johnston <matt@ucc.asn.au>
parents: 227
diff changeset
114 static const struct dropbear_hash dropbear_sha1_96 =
5e4110bb753a - Fixed twofish algorithm naming so it actually works.
Matt Johnston <matt@ucc.asn.au>
parents: 227
diff changeset
115 {&sha1_desc, 20, 12};
5e4110bb753a - Fixed twofish algorithm naming so it actually works.
Matt Johnston <matt@ucc.asn.au>
parents: 227
diff changeset
116 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
117 #if DROPBEAR_SHA2_256_HMAC
679
03073a27abb3 - Add hmac-sha2-256 and hmac-sha2-512. Needs debugging, seems to be
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
118 static const struct dropbear_hash dropbear_sha2_256 =
03073a27abb3 - Add hmac-sha2-256 and hmac-sha2-512. Needs debugging, seems to be
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
119 {&sha256_desc, 32, 32};
03073a27abb3 - Add hmac-sha2-256 and hmac-sha2-512. Needs debugging, seems to be
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
120 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
121 #if DROPBEAR_SHA2_512_HMAC
679
03073a27abb3 - Add hmac-sha2-256 and hmac-sha2-512. Needs debugging, seems to be
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
122 static const struct dropbear_hash dropbear_sha2_512 =
03073a27abb3 - Add hmac-sha2-256 and hmac-sha2-512. Needs debugging, seems to be
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
123 {&sha512_desc, 64, 64};
03073a27abb3 - Add hmac-sha2-256 and hmac-sha2-512. Needs debugging, seems to be
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
124 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
125 #if DROPBEAR_MD5_HMAC
227
ad1b24e39bf3 Make a variables static
Matt Johnston <matt@ucc.asn.au>
parents: 194
diff changeset
126 static const struct dropbear_hash dropbear_md5 =
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
127 {&md5_desc, 16, 16};
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
128 #endif
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
129
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
130 const struct dropbear_hash dropbear_nohash =
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
131 {NULL, 16, 0}; /* used initially */
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
132
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
133
502
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
134 /* The following map ssh names to internal values.
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
135 * The ordering here is important for the client - the first mode
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
136 * that is also supported by the server will get used. */
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
137
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
138 algo_type sshciphers[] = {
1672
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1659
diff changeset
139 #if DROPBEAR_CHACHA20POLY1305
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1659
diff changeset
140 {"[email protected]", 0, &dropbear_chachapoly, 1, &dropbear_mode_chachapoly},
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1659
diff changeset
141 #endif
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1659
diff changeset
142
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1659
diff changeset
143 #if DROPBEAR_ENABLE_GCM_MODE
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1659
diff changeset
144 #if DROPBEAR_AES128
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1659
diff changeset
145 {"[email protected]", 0, &dropbear_aes128, 1, &dropbear_mode_gcm},
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1659
diff changeset
146 #endif
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1659
diff changeset
147 #if DROPBEAR_AES256
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1659
diff changeset
148 {"[email protected]", 0, &dropbear_aes256, 1, &dropbear_mode_gcm},
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1659
diff changeset
149 #endif
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1659
diff changeset
150 #endif /* DROPBEAR_ENABLE_GCM_MODE */
3a97f14c0235 Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1659
diff changeset
151
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
152 #if DROPBEAR_ENABLE_CTR_MODE
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
153 #if DROPBEAR_AES128
502
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
154 {"aes128-ctr", 0, &dropbear_aes128, 1, &dropbear_mode_ctr},
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
155 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
156 #if DROPBEAR_AES256
502
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
157 {"aes256-ctr", 0, &dropbear_aes256, 1, &dropbear_mode_ctr},
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
158 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
159 #if DROPBEAR_TWOFISH_CTR
1087
1e486f368ec3 Disable twofish-ctr by default, add config option
Matt Johnston <matt@ucc.asn.au>
parents: 1038
diff changeset
160 /* twofish ctr is conditional as it hasn't been tested for interoperability, see options.h */
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
161 #if DROPBEAR_TWOFISH256
1012
ffd2359564b0 twofish ctr modes
Matt Johnston <matt@ucc.asn.au>
parents: 996
diff changeset
162 {"twofish256-ctr", 0, &dropbear_twofish256, 1, &dropbear_mode_ctr},
ffd2359564b0 twofish ctr modes
Matt Johnston <matt@ucc.asn.au>
parents: 996
diff changeset
163 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
164 #if DROPBEAR_TWOFISH128
1012
ffd2359564b0 twofish ctr modes
Matt Johnston <matt@ucc.asn.au>
parents: 996
diff changeset
165 {"twofish128-ctr", 0, &dropbear_twofish128, 1, &dropbear_mode_ctr},
ffd2359564b0 twofish ctr modes
Matt Johnston <matt@ucc.asn.au>
parents: 996
diff changeset
166 #endif
1087
1e486f368ec3 Disable twofish-ctr by default, add config option
Matt Johnston <matt@ucc.asn.au>
parents: 1038
diff changeset
167 #endif /* DROPBEAR_TWOFISH_CTR */
502
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
168 #endif /* DROPBEAR_ENABLE_CTR_MODE */
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
169
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
170 #if DROPBEAR_ENABLE_CBC_MODE
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
171 #if DROPBEAR_AES128
502
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
172 {"aes128-cbc", 0, &dropbear_aes128, 1, &dropbear_mode_cbc},
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
173 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
174 #if DROPBEAR_AES256
502
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
175 {"aes256-cbc", 0, &dropbear_aes256, 1, &dropbear_mode_cbc},
235
c3dbd3e1a8ce Change the preferred algorithm order
Matt Johnston <matt@ucc.asn.au>
parents: 234
diff changeset
176 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
177 #if DROPBEAR_TWOFISH256
502
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
178 {"twofish256-cbc", 0, &dropbear_twofish256, 1, &dropbear_mode_cbc},
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
179 {"twofish-cbc", 0, &dropbear_twofish256, 1, &dropbear_mode_cbc},
235
c3dbd3e1a8ce Change the preferred algorithm order
Matt Johnston <matt@ucc.asn.au>
parents: 234
diff changeset
180 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
181 #if DROPBEAR_TWOFISH128
502
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
182 {"twofish128-cbc", 0, &dropbear_twofish128, 1, &dropbear_mode_cbc},
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
183 #endif
1673
e0871128e61f CBC mode cleanup (#95)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1672
diff changeset
184 #endif /* DROPBEAR_ENABLE_CBC_MODE */
e0871128e61f CBC mode cleanup (#95)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1672
diff changeset
185
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
186 #if DROPBEAR_3DES
1673
e0871128e61f CBC mode cleanup (#95)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1672
diff changeset
187 #if DROPBEAR_ENABLE_CTR_MODE
994
5c5ade336926 Prefer stronger algorithms in algorithm negotiation.
Fedor Brunner <fedor.brunner@azet.sk>
parents: 992
diff changeset
188 {"3des-ctr", 0, &dropbear_3des, 1, &dropbear_mode_ctr},
5c5ade336926 Prefer stronger algorithms in algorithm negotiation.
Fedor Brunner <fedor.brunner@azet.sk>
parents: 992
diff changeset
189 #endif
1673
e0871128e61f CBC mode cleanup (#95)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1672
diff changeset
190 #if DROPBEAR_ENABLE_CBC_MODE
994
5c5ade336926 Prefer stronger algorithms in algorithm negotiation.
Fedor Brunner <fedor.brunner@azet.sk>
parents: 992
diff changeset
191 {"3des-cbc", 0, &dropbear_3des, 1, &dropbear_mode_cbc},
5c5ade336926 Prefer stronger algorithms in algorithm negotiation.
Fedor Brunner <fedor.brunner@azet.sk>
parents: 992
diff changeset
192 #endif
1673
e0871128e61f CBC mode cleanup (#95)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1672
diff changeset
193 #endif /* DROPBEAR_3DES */
e0871128e61f CBC mode cleanup (#95)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1672
diff changeset
194
e0871128e61f CBC mode cleanup (#95)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1672
diff changeset
195 #if DROPBEAR_ENABLE_CBC_MODE
992
731f624af902 Add config option to disable cbc. Disable twofish by default
Matt Johnston <matt@ucc.asn.au>
parents: 857
diff changeset
196 #endif /* DROPBEAR_ENABLE_CBC_MODE */
502
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
197 {NULL, 0, NULL, 0, NULL}
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
198 };
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
199
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
200 algo_type sshhashes[] = {
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
201 #if DROPBEAR_SHA1_96_HMAC
1017
a37f8730eb0f Keep sha1 default
Matt Johnston <matt@ucc.asn.au>
parents: 996
diff changeset
202 {"hmac-sha1-96", 0, &dropbear_sha1_96, 1, NULL},
a37f8730eb0f Keep sha1 default
Matt Johnston <matt@ucc.asn.au>
parents: 996
diff changeset
203 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
204 #if DROPBEAR_SHA1_HMAC
1017
a37f8730eb0f Keep sha1 default
Matt Johnston <matt@ucc.asn.au>
parents: 996
diff changeset
205 {"hmac-sha1", 0, &dropbear_sha1, 1, NULL},
a37f8730eb0f Keep sha1 default
Matt Johnston <matt@ucc.asn.au>
parents: 996
diff changeset
206 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
207 #if DROPBEAR_SHA2_256_HMAC
715
cd3d3c63d189 Make hmac-sha2-256 and hmac-sha2-512 work
Matt Johnston <matt@ucc.asn.au>
parents: 686
diff changeset
208 {"hmac-sha2-256", 0, &dropbear_sha2_256, 1, NULL},
679
03073a27abb3 - Add hmac-sha2-256 and hmac-sha2-512. Needs debugging, seems to be
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
209 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
210 #if DROPBEAR_SHA2_512_HMAC
715
cd3d3c63d189 Make hmac-sha2-256 and hmac-sha2-512 work
Matt Johnston <matt@ucc.asn.au>
parents: 686
diff changeset
211 {"hmac-sha2-512", 0, &dropbear_sha2_512, 1, NULL},
679
03073a27abb3 - Add hmac-sha2-256 and hmac-sha2-512. Needs debugging, seems to be
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
212 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
213 #if DROPBEAR_MD5_HMAC
681
a4b7627b3157 Update insecure-nocrypto to current head
Matt Johnston <matt@ucc.asn.au>
parents: 679 512
diff changeset
214 {"hmac-md5", 0, (void*)&dropbear_md5, 1, NULL},
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
215 #endif
502
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
216 {NULL, 0, NULL, 0, NULL}
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
217 };
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
218
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
219 #ifndef DISABLE_ZLIB
575
f9b5dc0cba61 - Disable compression for non-final multihops
Matt Johnston <matt@ucc.asn.au>
parents: 543
diff changeset
220 algo_type ssh_compress[] = {
994
5c5ade336926 Prefer stronger algorithms in algorithm negotiation.
Fedor Brunner <fedor.brunner@azet.sk>
parents: 992
diff changeset
221 {"[email protected]", DROPBEAR_COMP_ZLIB_DELAY, NULL, 1, NULL},
502
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
222 {"zlib", DROPBEAR_COMP_ZLIB, NULL, 1, NULL},
575
f9b5dc0cba61 - Disable compression for non-final multihops
Matt Johnston <matt@ucc.asn.au>
parents: 543
diff changeset
223 {"none", DROPBEAR_COMP_NONE, NULL, 1, NULL},
f9b5dc0cba61 - Disable compression for non-final multihops
Matt Johnston <matt@ucc.asn.au>
parents: 543
diff changeset
224 {NULL, 0, NULL, 0, NULL}
f9b5dc0cba61 - Disable compression for non-final multihops
Matt Johnston <matt@ucc.asn.au>
parents: 543
diff changeset
225 };
996
47643024fc90 Disable non-delayed zlib for server
Matt Johnston <matt@ucc.asn.au>
parents: 994
diff changeset
226
47643024fc90 Disable non-delayed zlib for server
Matt Johnston <matt@ucc.asn.au>
parents: 994
diff changeset
227 algo_type ssh_delaycompress[] = {
47643024fc90 Disable non-delayed zlib for server
Matt Johnston <matt@ucc.asn.au>
parents: 994
diff changeset
228 {"[email protected]", DROPBEAR_COMP_ZLIB_DELAY, NULL, 1, NULL},
47643024fc90 Disable non-delayed zlib for server
Matt Johnston <matt@ucc.asn.au>
parents: 994
diff changeset
229 {"none", DROPBEAR_COMP_NONE, NULL, 1, NULL},
47643024fc90 Disable non-delayed zlib for server
Matt Johnston <matt@ucc.asn.au>
parents: 994
diff changeset
230 {NULL, 0, NULL, 0, NULL}
47643024fc90 Disable non-delayed zlib for server
Matt Johnston <matt@ucc.asn.au>
parents: 994
diff changeset
231 };
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
232 #endif
575
f9b5dc0cba61 - Disable compression for non-final multihops
Matt Johnston <matt@ucc.asn.au>
parents: 543
diff changeset
233
f9b5dc0cba61 - Disable compression for non-final multihops
Matt Johnston <matt@ucc.asn.au>
parents: 543
diff changeset
234 algo_type ssh_nocompress[] = {
502
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
235 {"none", DROPBEAR_COMP_NONE, NULL, 1, NULL},
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
236 {NULL, 0, NULL, 0, NULL}
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
237 };
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
238
1678
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1676
diff changeset
239 algo_type sigalgs[] = {
1659
d32bcb5c557d Add Ed25519 support (#91)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1527
diff changeset
240 #if DROPBEAR_ED25519
1675
ae41624c2198 split signkey_type and signature_type for RSA sha1 vs sha256
Matt Johnston <matt@ucc.asn.au>
parents: 1674
diff changeset
241 {"ssh-ed25519", DROPBEAR_SIGNATURE_ED25519, NULL, 1, NULL},
1659
d32bcb5c557d Add Ed25519 support (#91)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents: 1527
diff changeset
242 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
243 #if DROPBEAR_ECDSA
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
244 #if DROPBEAR_ECC_256
1675
ae41624c2198 split signkey_type and signature_type for RSA sha1 vs sha256
Matt Johnston <matt@ucc.asn.au>
parents: 1674
diff changeset
245 {"ecdsa-sha2-nistp256", DROPBEAR_SIGNATURE_ECDSA_NISTP256, NULL, 1, NULL},
795
7f604f9b3756 ecdsa is working
Matt Johnston <matt@ucc.asn.au>
parents: 766
diff changeset
246 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
247 #if DROPBEAR_ECC_384
1675
ae41624c2198 split signkey_type and signature_type for RSA sha1 vs sha256
Matt Johnston <matt@ucc.asn.au>
parents: 1674
diff changeset
248 {"ecdsa-sha2-nistp384", DROPBEAR_SIGNATURE_ECDSA_NISTP384, NULL, 1, NULL},
795
7f604f9b3756 ecdsa is working
Matt Johnston <matt@ucc.asn.au>
parents: 766
diff changeset
249 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
250 #if DROPBEAR_ECC_521
1675
ae41624c2198 split signkey_type and signature_type for RSA sha1 vs sha256
Matt Johnston <matt@ucc.asn.au>
parents: 1674
diff changeset
251 {"ecdsa-sha2-nistp521", DROPBEAR_SIGNATURE_ECDSA_NISTP521, NULL, 1, NULL},
795
7f604f9b3756 ecdsa is working
Matt Johnston <matt@ucc.asn.au>
parents: 766
diff changeset
252 #endif
7f604f9b3756 ecdsa is working
Matt Johnston <matt@ucc.asn.au>
parents: 766
diff changeset
253 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
254 #if DROPBEAR_RSA
1674
ba6fc7afe1c5 use sigtype where appropriate
Matt Johnston <matt@ucc.asn.au>
parents: 1659
diff changeset
255 #if DROPBEAR_RSA_SHA256
1675
ae41624c2198 split signkey_type and signature_type for RSA sha1 vs sha256
Matt Johnston <matt@ucc.asn.au>
parents: 1674
diff changeset
256 {"rsa-sha2-256", DROPBEAR_SIGNATURE_RSA_SHA256, NULL, 1, NULL},
1674
ba6fc7afe1c5 use sigtype where appropriate
Matt Johnston <matt@ucc.asn.au>
parents: 1659
diff changeset
257 #endif
ba6fc7afe1c5 use sigtype where appropriate
Matt Johnston <matt@ucc.asn.au>
parents: 1659
diff changeset
258 #if DROPBEAR_RSA_SHA1
1675
ae41624c2198 split signkey_type and signature_type for RSA sha1 vs sha256
Matt Johnston <matt@ucc.asn.au>
parents: 1674
diff changeset
259 {"ssh-rsa", DROPBEAR_SIGNATURE_RSA_SHA1, NULL, 1, NULL},
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
260 #endif
1674
ba6fc7afe1c5 use sigtype where appropriate
Matt Johnston <matt@ucc.asn.au>
parents: 1659
diff changeset
261 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
262 #if DROPBEAR_DSS
1675
ae41624c2198 split signkey_type and signature_type for RSA sha1 vs sha256
Matt Johnston <matt@ucc.asn.au>
parents: 1674
diff changeset
263 {"ssh-dss", DROPBEAR_SIGNATURE_DSS, NULL, 1, NULL},
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
264 #endif
502
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
265 {NULL, 0, NULL, 0, NULL}
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
266 };
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
267
1248
739b3909c499 Get rid of group15, move group16 to sha512.
Matt Johnston <matt@ucc.asn.au>
parents: 1225
diff changeset
268 #if DROPBEAR_DH_GROUP1
848
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 840
diff changeset
269 static const struct dropbear_kex kex_dh_group1 = {DROPBEAR_KEX_NORMAL_DH, dh_p_1, DH_P_1_LEN, NULL, &sha1_desc };
1248
739b3909c499 Get rid of group15, move group16 to sha512.
Matt Johnston <matt@ucc.asn.au>
parents: 1225
diff changeset
270 #endif
1294
56aba7dedbea options for disabling "normal" DH
Matt Johnston <matt@ucc.asn.au>
parents: 1273
diff changeset
271 #if DROPBEAR_DH_GROUP14_SHA1
1204
d2f9ef67af15 diffie-hellman-group14-sha256
Matt Johnston <matt@ucc.asn.au>
parents: 1124
diff changeset
272 static const struct dropbear_kex kex_dh_group14_sha1 = {DROPBEAR_KEX_NORMAL_DH, dh_p_14, DH_P_14_LEN, NULL, &sha1_desc };
1294
56aba7dedbea options for disabling "normal" DH
Matt Johnston <matt@ucc.asn.au>
parents: 1273
diff changeset
273 #endif
56aba7dedbea options for disabling "normal" DH
Matt Johnston <matt@ucc.asn.au>
parents: 1273
diff changeset
274 #if DROPBEAR_DH_GROUP14_SHA256
1204
d2f9ef67af15 diffie-hellman-group14-sha256
Matt Johnston <matt@ucc.asn.au>
parents: 1124
diff changeset
275 static const struct dropbear_kex kex_dh_group14_sha256 = {DROPBEAR_KEX_NORMAL_DH, dh_p_14, DH_P_14_LEN, NULL, &sha256_desc };
1248
739b3909c499 Get rid of group15, move group16 to sha512.
Matt Johnston <matt@ucc.asn.au>
parents: 1225
diff changeset
276 #endif
739b3909c499 Get rid of group15, move group16 to sha512.
Matt Johnston <matt@ucc.asn.au>
parents: 1225
diff changeset
277 #if DROPBEAR_DH_GROUP16
739b3909c499 Get rid of group15, move group16 to sha512.
Matt Johnston <matt@ucc.asn.au>
parents: 1225
diff changeset
278 static const struct dropbear_kex kex_dh_group16_sha512 = {DROPBEAR_KEX_NORMAL_DH, dh_p_16, DH_P_16_LEN, NULL, &sha512_desc };
1225
6a7938ba004a add dh group15 and group16, disabled by default
Matt Johnston <matt@ucc.asn.au>
parents: 1224
diff changeset
279 #endif
756
bf9dc2d9c2b1 more bits on ecc branch
Matt Johnston <matt@ucc.asn.au>
parents: 755
diff changeset
280
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
281 #if DROPBEAR_ECDH
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
282 #if DROPBEAR_ECC_256
1273
139935236c72 const variables
Francois Perrad <francois.perrad@gadz.org>
parents: 1248
diff changeset
283 static const struct dropbear_kex kex_ecdh_nistp256 = {DROPBEAR_KEX_ECDH, NULL, 0, &ecc_curve_nistp256, &sha256_desc };
756
bf9dc2d9c2b1 more bits on ecc branch
Matt Johnston <matt@ucc.asn.au>
parents: 755
diff changeset
284 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
285 #if DROPBEAR_ECC_384
1273
139935236c72 const variables
Francois Perrad <francois.perrad@gadz.org>
parents: 1248
diff changeset
286 static const struct dropbear_kex kex_ecdh_nistp384 = {DROPBEAR_KEX_ECDH, NULL, 0, &ecc_curve_nistp384, &sha384_desc };
756
bf9dc2d9c2b1 more bits on ecc branch
Matt Johnston <matt@ucc.asn.au>
parents: 755
diff changeset
287 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
288 #if DROPBEAR_ECC_521
1273
139935236c72 const variables
Francois Perrad <francois.perrad@gadz.org>
parents: 1248
diff changeset
289 static const struct dropbear_kex kex_ecdh_nistp521 = {DROPBEAR_KEX_ECDH, NULL, 0, &ecc_curve_nistp521, &sha512_desc };
756
bf9dc2d9c2b1 more bits on ecc branch
Matt Johnston <matt@ucc.asn.au>
parents: 755
diff changeset
290 #endif
848
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 840
diff changeset
291 #endif /* DROPBEAR_ECDH */
756
bf9dc2d9c2b1 more bits on ecc branch
Matt Johnston <matt@ucc.asn.au>
parents: 755
diff changeset
292
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
293 #if DROPBEAR_CURVE25519
848
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 840
diff changeset
294 /* Referred to directly */
852
7540c0822374 Various cleanups and fixes for warnings
Matt Johnston <matt@ucc.asn.au>
parents: 848
diff changeset
295 static const struct dropbear_kex kex_curve25519 = {DROPBEAR_KEX_CURVE25519, NULL, 0, NULL, &sha256_desc };
848
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 840
diff changeset
296 #endif
756
bf9dc2d9c2b1 more bits on ecc branch
Matt Johnston <matt@ucc.asn.au>
parents: 755
diff changeset
297
1676
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
298 /* data == NULL for non-kex algorithm identifiers */
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
299 algo_type sshkex[] = {
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
300 #if DROPBEAR_CURVE25519
1527
049b28f4be4a add curve25519-sha256 without @libssh.org
Matt Johnston <matt@ucc.asn.au>
parents: 1518
diff changeset
301 {"curve25519-sha256", 0, &kex_curve25519, 1, NULL},
848
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 840
diff changeset
302 {"[email protected]", 0, &kex_curve25519, 1, NULL},
6c69e7df3621 curve25519
Matt Johnston <matt@ucc.asn.au>
parents: 840
diff changeset
303 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
304 #if DROPBEAR_ECDH
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
305 #if DROPBEAR_ECC_521
840
5128e525c8fa Default to some larger key sizes
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
306 {"ecdh-sha2-nistp521", 0, &kex_ecdh_nistp521, 1, NULL},
756
bf9dc2d9c2b1 more bits on ecc branch
Matt Johnston <matt@ucc.asn.au>
parents: 755
diff changeset
307 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
308 #if DROPBEAR_ECC_384
762
a78a38e402d1 - Fix various hardcoded uses of SHA1
Matt Johnston <matt@ucc.asn.au>
parents: 761
diff changeset
309 {"ecdh-sha2-nistp384", 0, &kex_ecdh_nistp384, 1, NULL},
756
bf9dc2d9c2b1 more bits on ecc branch
Matt Johnston <matt@ucc.asn.au>
parents: 755
diff changeset
310 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
311 #if DROPBEAR_ECC_256
840
5128e525c8fa Default to some larger key sizes
Matt Johnston <matt@ucc.asn.au>
parents: 801
diff changeset
312 {"ecdh-sha2-nistp256", 0, &kex_ecdh_nistp256, 1, NULL},
756
bf9dc2d9c2b1 more bits on ecc branch
Matt Johnston <matt@ucc.asn.au>
parents: 755
diff changeset
313 #endif
bf9dc2d9c2b1 more bits on ecc branch
Matt Johnston <matt@ucc.asn.au>
parents: 755
diff changeset
314 #endif
1518
b222c027a733 group14-sha256 should be higher than group14-sha1
Matt Johnston <matt@ucc.asn.au>
parents: 1477
diff changeset
315 #if DROPBEAR_DH_GROUP14_SHA256
b222c027a733 group14-sha256 should be higher than group14-sha1
Matt Johnston <matt@ucc.asn.au>
parents: 1477
diff changeset
316 {"diffie-hellman-group14-sha256", 0, &kex_dh_group14_sha256, 1, NULL},
b222c027a733 group14-sha256 should be higher than group14-sha1
Matt Johnston <matt@ucc.asn.au>
parents: 1477
diff changeset
317 #endif
1294
56aba7dedbea options for disabling "normal" DH
Matt Johnston <matt@ucc.asn.au>
parents: 1273
diff changeset
318 #if DROPBEAR_DH_GROUP14_SHA1
56aba7dedbea options for disabling "normal" DH
Matt Johnston <matt@ucc.asn.au>
parents: 1273
diff changeset
319 {"diffie-hellman-group14-sha1", 0, &kex_dh_group14_sha1, 1, NULL},
56aba7dedbea options for disabling "normal" DH
Matt Johnston <matt@ucc.asn.au>
parents: 1273
diff changeset
320 #endif
1248
739b3909c499 Get rid of group15, move group16 to sha512.
Matt Johnston <matt@ucc.asn.au>
parents: 1225
diff changeset
321 #if DROPBEAR_DH_GROUP1
756
bf9dc2d9c2b1 more bits on ecc branch
Matt Johnston <matt@ucc.asn.au>
parents: 755
diff changeset
322 {"diffie-hellman-group1-sha1", 0, &kex_dh_group1, 1, NULL},
1225
6a7938ba004a add dh group15 and group16, disabled by default
Matt Johnston <matt@ucc.asn.au>
parents: 1224
diff changeset
323 #endif
1248
739b3909c499 Get rid of group15, move group16 to sha512.
Matt Johnston <matt@ucc.asn.au>
parents: 1225
diff changeset
324 #if DROPBEAR_DH_GROUP16
739b3909c499 Get rid of group15, move group16 to sha512.
Matt Johnston <matt@ucc.asn.au>
parents: 1225
diff changeset
325 {"diffie-hellman-group16-sha512", 0, &kex_dh_group16_sha512, 1, NULL},
1225
6a7938ba004a add dh group15 and group16, disabled by default
Matt Johnston <matt@ucc.asn.au>
parents: 1224
diff changeset
326 #endif
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
327 #if DROPBEAR_KEXGUESS2
1676
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
328 {KEXGUESS2_ALGO_NAME, 0, NULL, 1, NULL},
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
329 #endif
1681
435cfb9ec96e send and handle SSH_MSG_EXT_INFO only at the correct point
Matt Johnston <matt@ucc.asn.au>
parents: 1678
diff changeset
330 #if DROPBEAR_EXT_INFO
1676
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
331 #if DROPBEAR_CLIENT
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
332 /* Set unusable by svr_algos_initialise() */
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
333 {SSH_EXT_INFO_C, 0, NULL, 1, NULL},
746
465fefc4f6e0 Put some #ifdef options around first-follows options in case they
Matt Johnston <matt@ucc.asn.au>
parents: 745
diff changeset
334 #endif
1681
435cfb9ec96e send and handle SSH_MSG_EXT_INFO only at the correct point
Matt Johnston <matt@ucc.asn.au>
parents: 1678
diff changeset
335 #endif
502
43bbe17d6ba0 - Add Counter Mode support
Matt Johnston <matt@ucc.asn.au>
parents: 501
diff changeset
336 {NULL, 0, NULL, 0, NULL}
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
337 };
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
338
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
339 /* Output a comma separated list of algorithms to a buffer */
1678
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1676
diff changeset
340 void buf_put_algolist_all(buffer * buf, const algo_type localalgos[], int useall) {
238
e923801a7678 use a buffer rather than raw char array for creating
Matt Johnston <matt@ucc.asn.au>
parents: 237
diff changeset
341 unsigned int i, len;
e923801a7678 use a buffer rather than raw char array for creating
Matt Johnston <matt@ucc.asn.au>
parents: 237
diff changeset
342 unsigned int donefirst = 0;
1678
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1676
diff changeset
343 unsigned int startpos;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
344
1678
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1676
diff changeset
345 startpos = buf->pos;
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1676
diff changeset
346 /* Placeholder for length */
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1676
diff changeset
347 buf_putint(buf, 0);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
348 for (i = 0; localalgos[i].name != NULL; i++) {
1678
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1676
diff changeset
349 if (localalgos[i].usable || useall) {
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1676
diff changeset
350 if (donefirst) {
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1676
diff changeset
351 buf_putbyte(buf, ',');
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1676
diff changeset
352 }
238
e923801a7678 use a buffer rather than raw char array for creating
Matt Johnston <matt@ucc.asn.au>
parents: 237
diff changeset
353 donefirst = 1;
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
354 len = strlen(localalgos[i].name);
1678
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1676
diff changeset
355 buf_putbytes(buf, (const unsigned char *) localalgos[i].name, len);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
356 }
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
357 }
1678
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1676
diff changeset
358 /* Fill out the length */
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1676
diff changeset
359 len = buf->pos - startpos - 4;
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1676
diff changeset
360 buf_setpos(buf, startpos);
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1676
diff changeset
361 buf_putint(buf, len);
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1676
diff changeset
362 TRACE(("algolist add %d '%*s'", len, len, buf_getptr(buf, len)))
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1676
diff changeset
363 buf_incrwritepos(buf, len);
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1676
diff changeset
364 }
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1676
diff changeset
365
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1676
diff changeset
366 void buf_put_algolist(buffer * buf, const algo_type localalgos[]) {
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1676
diff changeset
367 buf_put_algolist_all(buf, localalgos, 0);
4
fe6bca95afa7 Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
368 }
682
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
369
1676
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
370 /* returns a list of pointers into algolist, of null-terminated names.
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
371 ret_list should be passed in with space for *ret_count elements,
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
372 on return *ret_count has the number of names filled.
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
373 algolist is modified. */
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
374 static void get_algolist(char* algolist, unsigned int algolist_len,
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
375 const char* *ret_list, unsigned int *ret_count) {
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
376 unsigned int max_count = *ret_count;
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
377 unsigned int i;
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
378
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
379 if (*ret_count == 0) {
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
380 return;
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
381 }
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
382 if (algolist_len > MAX_PROPOSED_ALGO*(MAX_NAME_LEN+1)) {
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
383 *ret_count = 0;
1753
7c0fcd19e492 Increase MAX_PROPOSED_ALGO to 50, warn if exceeded
Matt Johnston <matt@ucc.asn.au>
parents: 1713
diff changeset
384 }
1676
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
385
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
386 /* ret_list will contain a list of the strings parsed out.
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
387 We will have at least one string (even if it's just "") */
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
388 ret_list[0] = algolist;
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
389 *ret_count = 1;
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
390 for (i = 0; i < algolist_len; i++) {
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
391 if (algolist[i] == '\0') {
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
392 /* someone is trying something strange */
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
393 *ret_count = 0;
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
394 return;
1753
7c0fcd19e492 Increase MAX_PROPOSED_ALGO to 50, warn if exceeded
Matt Johnston <matt@ucc.asn.au>
parents: 1713
diff changeset
395 }
1676
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
396
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
397 if (algolist[i] == ',') {
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
398 if (*ret_count >= max_count) {
1753
7c0fcd19e492 Increase MAX_PROPOSED_ALGO to 50, warn if exceeded
Matt Johnston <matt@ucc.asn.au>
parents: 1713
diff changeset
399 dropbear_log(LOG_WARNING, "Too many remote algorithms");
1676
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
400 *ret_count = 0;
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
401 return;
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
402 }
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
403 algolist[i] = '\0';
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
404 ret_list[*ret_count] = &algolist[i+1];
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
405 (*ret_count)++;
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
406 }
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
407 }
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
408 }
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
409
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
410 /* Return DROPBEAR_SUCCESS if the namelist contains algo,
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
411 DROPBEAR_FAILURE otherwise. buf position is not incremented. */
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
412 int buf_has_algo(buffer *buf, const char *algo) {
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
413 unsigned char* algolist = NULL;
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
414 unsigned int orig_pos = buf->pos;
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
415 unsigned int len, remotecount, i;
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
416 const char *remotenames[MAX_PROPOSED_ALGO];
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
417 int ret = DROPBEAR_FAILURE;
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
418
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
419 algolist = buf_getstring(buf, &len);
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
420 remotecount = MAX_PROPOSED_ALGO;
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
421 get_algolist(algolist, len, remotenames, &remotecount);
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
422 for (i = 0; i < remotecount; i++)
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
423 {
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
424 if (strcmp(remotenames[i], algo) == 0) {
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
425 ret = DROPBEAR_SUCCESS;
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
426 break;
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
427 }
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
428 }
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
429 if (algolist) {
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
430 m_free(algolist);
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
431 }
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
432 buf_setpos(buf, orig_pos);
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
433 return ret;
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
434 }
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
435
1678
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1676
diff changeset
436 algo_type * first_usable_algo(algo_type algos[]) {
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1676
diff changeset
437 int i;
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1676
diff changeset
438 for (i = 0; algos[i].name != NULL; i++) {
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1676
diff changeset
439 if (algos[i].usable) {
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1676
diff changeset
440 return &algos[i];
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1676
diff changeset
441 }
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1676
diff changeset
442 }
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1676
diff changeset
443 return NULL;
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1676
diff changeset
444 }
4b4cfc92c5b7 Make server send SSH_MSG_EXT_INFO
Matt Johnston <matt@ucc.asn.au>
parents: 1676
diff changeset
445
741
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
446 /* match the first algorithm in the comma-separated list in buf which is
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
447 * also in localalgos[], or return NULL on failure.
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
448 * (*goodguess) is set to 1 if the preferred client/server algos match,
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
449 * 0 otherwise. This is used for checking if the kexalgo/hostkeyalgos are
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
450 * guessed correctly */
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
451 algo_type * buf_match_algo(buffer* buf, algo_type localalgos[],
1676
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
452 int kexguess2, int *goodguess) {
1094
c45d65392c1a Fix pointer differ in signess warnings [-Werror=pointer-sign]
Gaël PORTAY <gael.portay@gmail.com>
parents: 1038
diff changeset
453 char * algolist = NULL;
c45d65392c1a Fix pointer differ in signess warnings [-Werror=pointer-sign]
Gaël PORTAY <gael.portay@gmail.com>
parents: 1038
diff changeset
454 const char *remotenames[MAX_PROPOSED_ALGO], *localnames[MAX_PROPOSED_ALGO];
741
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
455 unsigned int len;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
456 unsigned int remotecount, localcount, clicount, servcount, i, j;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
457 algo_type * ret = NULL;
1094
c45d65392c1a Fix pointer differ in signess warnings [-Werror=pointer-sign]
Gaël PORTAY <gael.portay@gmail.com>
parents: 1038
diff changeset
458 const char **clinames, **servnames;
741
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
459
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
460 if (goodguess) {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
461 *goodguess = 0;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
462 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
463
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
464 /* get the comma-separated list from the buffer ie "algo1,algo2,algo3" */
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
465 algolist = buf_getstring(buf, &len);
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
466 TRACE(("buf_match_algo: %s", algolist))
1676
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
467 remotecount = MAX_PROPOSED_ALGO;
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
468 get_algolist(algolist, len, remotenames, &remotecount);
741
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
469
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
470 for (i = 0; localalgos[i].name != NULL; i++) {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
471 if (localalgos[i].usable) {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
472 localnames[i] = localalgos[i].name;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
473 } else {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
474 localnames[i] = NULL;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
475 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
476 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
477 localcount = i;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
478
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
479 if (IS_DROPBEAR_SERVER) {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
480 clinames = remotenames;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
481 clicount = remotecount;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
482 servnames = localnames;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
483 servcount = localcount;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
484 } else {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
485 clinames = localnames;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
486 clicount = localcount;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
487 servnames = remotenames;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
488 servcount = remotecount;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
489 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
490
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
491 /* iterate and find the first match */
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
492 for (i = 0; i < clicount; i++) {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
493 for (j = 0; j < servcount; j++) {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
494 if (!(servnames[j] && clinames[i])) {
857
c19acba28590 use oldstyle comments
Matt Johnston <matt@ucc.asn.au>
parents: 852
diff changeset
495 /* unusable algos are NULL */
741
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
496 continue;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
497 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
498 if (strcmp(servnames[j], clinames[i]) == 0) {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
499 /* set if it was a good guess */
1676
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
500 if (goodguess != NULL) {
d5cdc60db08e ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents: 1675
diff changeset
501 if (kexguess2) {
741
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
502 if (i == 0) {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
503 *goodguess = 1;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
504 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
505 } else {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
506 if (i == 0 && j == 0) {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
507 *goodguess = 1;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
508 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
509 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
510 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
511 /* set the algo to return */
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
512 if (IS_DROPBEAR_SERVER) {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
513 ret = &localalgos[j];
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
514 } else {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
515 ret = &localalgos[i];
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
516 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
517 goto out;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
518 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
519 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
520 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
521
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
522 out:
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
523 m_free(algolist);
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
524 return ret;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
525 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single
Matt Johnston <matt@ucc.asn.au>
parents: 740
diff changeset
526
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
527 #if DROPBEAR_USER_ALGO_LIST
682
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
528
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
529 char *
1459
06d52bcb8094 Pointer parameter could be declared as pointing to const
Francois Perrad <francois.perrad@gadz.org>
parents: 1316
diff changeset
530 algolist_string(const algo_type algos[])
682
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
531 {
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
532 char *ret_list;
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
533 buffer *b = buf_new(200);
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
534 buf_put_algolist(b, algos);
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
535 buf_setpos(b, b->len);
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
536 buf_putbyte(b, '\0');
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
537 buf_setpos(b, 4);
1094
c45d65392c1a Fix pointer differ in signess warnings [-Werror=pointer-sign]
Gaël PORTAY <gael.portay@gmail.com>
parents: 1038
diff changeset
538 ret_list = m_strdup((const char *) buf_getptr(b, b->len - b->pos));
682
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
539 buf_free(b);
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
540 return ret_list;
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
541 }
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
542
683
63f8d6c469cf ENABLE_USER_ALGO_LIST should work for the client
Matt Johnston <matt@ucc.asn.au>
parents: 682
diff changeset
543 static algo_type*
682
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
544 check_algo(const char* algo_name, algo_type *algos)
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
545 {
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
546 algo_type *a;
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
547 for (a = algos; a->name != NULL; a++)
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
548 {
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
549 if (strcmp(a->name, algo_name) == 0)
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
550 {
683
63f8d6c469cf ENABLE_USER_ALGO_LIST should work for the client
Matt Johnston <matt@ucc.asn.au>
parents: 682
diff changeset
551 return a;
682
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
552 }
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
553 }
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
554
683
63f8d6c469cf ENABLE_USER_ALGO_LIST should work for the client
Matt Johnston <matt@ucc.asn.au>
parents: 682
diff changeset
555 return NULL;
682
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
556 }
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
557
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
558 /* Checks a user provided comma-separated algorithm list for available
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
559 * options. Any that are not acceptable are removed in-place. Returns the
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
560 * number of valid algorithms. */
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
561 int
683
63f8d6c469cf ENABLE_USER_ALGO_LIST should work for the client
Matt Johnston <matt@ucc.asn.au>
parents: 682
diff changeset
562 check_user_algos(const char* user_algo_list, algo_type * algos,
682
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
563 const char *algo_desc)
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
564 {
1303
eed9376a4ad6 improve algorithm list parsing
Matt Johnston <matt@ucc.asn.au>
parents: 1273
diff changeset
565 algo_type new_algos[MAX_PROPOSED_ALGO+1];
682
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
566 char *work_list = m_strdup(user_algo_list);
1303
eed9376a4ad6 improve algorithm list parsing
Matt Johnston <matt@ucc.asn.au>
parents: 1273
diff changeset
567 char *start = work_list;
682
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
568 char *c;
1303
eed9376a4ad6 improve algorithm list parsing
Matt Johnston <matt@ucc.asn.au>
parents: 1273
diff changeset
569 int n;
eed9376a4ad6 improve algorithm list parsing
Matt Johnston <matt@ucc.asn.au>
parents: 1273
diff changeset
570 /* So we can iterate and look for null terminator */
eed9376a4ad6 improve algorithm list parsing
Matt Johnston <matt@ucc.asn.au>
parents: 1273
diff changeset
571 memset(new_algos, 0x0, sizeof(new_algos));
eed9376a4ad6 improve algorithm list parsing
Matt Johnston <matt@ucc.asn.au>
parents: 1273
diff changeset
572 for (c = work_list, n = 0; ; c++)
682
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
573 {
1303
eed9376a4ad6 improve algorithm list parsing
Matt Johnston <matt@ucc.asn.au>
parents: 1273
diff changeset
574 char oc = *c;
eed9376a4ad6 improve algorithm list parsing
Matt Johnston <matt@ucc.asn.au>
parents: 1273
diff changeset
575 if (n >= MAX_PROPOSED_ALGO) {
eed9376a4ad6 improve algorithm list parsing
Matt Johnston <matt@ucc.asn.au>
parents: 1273
diff changeset
576 dropbear_exit("Too many algorithms '%s'", user_algo_list);
eed9376a4ad6 improve algorithm list parsing
Matt Johnston <matt@ucc.asn.au>
parents: 1273
diff changeset
577 }
eed9376a4ad6 improve algorithm list parsing
Matt Johnston <matt@ucc.asn.au>
parents: 1273
diff changeset
578 if (*c == ',' || *c == '\0') {
eed9376a4ad6 improve algorithm list parsing
Matt Johnston <matt@ucc.asn.au>
parents: 1273
diff changeset
579 algo_type *match_algo = NULL;
682
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
580 *c = '\0';
1303
eed9376a4ad6 improve algorithm list parsing
Matt Johnston <matt@ucc.asn.au>
parents: 1273
diff changeset
581 match_algo = check_algo(start, algos);
eed9376a4ad6 improve algorithm list parsing
Matt Johnston <matt@ucc.asn.au>
parents: 1273
diff changeset
582 if (match_algo) {
eed9376a4ad6 improve algorithm list parsing
Matt Johnston <matt@ucc.asn.au>
parents: 1273
diff changeset
583 if (check_algo(start, new_algos)) {
eed9376a4ad6 improve algorithm list parsing
Matt Johnston <matt@ucc.asn.au>
parents: 1273
diff changeset
584 TRACE(("Skip repeated algorithm '%s'", start))
eed9376a4ad6 improve algorithm list parsing
Matt Johnston <matt@ucc.asn.au>
parents: 1273
diff changeset
585 } else {
eed9376a4ad6 improve algorithm list parsing
Matt Johnston <matt@ucc.asn.au>
parents: 1273
diff changeset
586 new_algos[n] = *match_algo;
eed9376a4ad6 improve algorithm list parsing
Matt Johnston <matt@ucc.asn.au>
parents: 1273
diff changeset
587 n++;
eed9376a4ad6 improve algorithm list parsing
Matt Johnston <matt@ucc.asn.au>
parents: 1273
diff changeset
588 }
eed9376a4ad6 improve algorithm list parsing
Matt Johnston <matt@ucc.asn.au>
parents: 1273
diff changeset
589 } else {
eed9376a4ad6 improve algorithm list parsing
Matt Johnston <matt@ucc.asn.au>
parents: 1273
diff changeset
590 dropbear_log(LOG_WARNING, "This Dropbear program does not support '%s' %s algorithm", start, algo_desc);
eed9376a4ad6 improve algorithm list parsing
Matt Johnston <matt@ucc.asn.au>
parents: 1273
diff changeset
591 }
686
983a817f8e41 - Only request "none" cipher after auth has succeeded
Matt Johnston <matt@ucc.asn.au>
parents: 684
diff changeset
592 c++;
1303
eed9376a4ad6 improve algorithm list parsing
Matt Johnston <matt@ucc.asn.au>
parents: 1273
diff changeset
593 start = c;
eed9376a4ad6 improve algorithm list parsing
Matt Johnston <matt@ucc.asn.au>
parents: 1273
diff changeset
594 }
eed9376a4ad6 improve algorithm list parsing
Matt Johnston <matt@ucc.asn.au>
parents: 1273
diff changeset
595 if (oc == '\0') {
eed9376a4ad6 improve algorithm list parsing
Matt Johnston <matt@ucc.asn.au>
parents: 1273
diff changeset
596 break;
682
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
597 }
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
598 }
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
599 m_free(work_list);
1303
eed9376a4ad6 improve algorithm list parsing
Matt Johnston <matt@ucc.asn.au>
parents: 1273
diff changeset
600 /* n+1 to include a null terminator */
eed9376a4ad6 improve algorithm list parsing
Matt Johnston <matt@ucc.asn.au>
parents: 1273
diff changeset
601 memcpy(algos, new_algos, sizeof(*new_algos) * (n+1));
eed9376a4ad6 improve algorithm list parsing
Matt Johnston <matt@ucc.asn.au>
parents: 1273
diff changeset
602 return n;
682
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents: 595
diff changeset
603 }
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1294
diff changeset
604 #endif /* DROPBEAR_USER_ALGO_LIST */