dropbear: common-algo.c annotate

annotate common-algo.c @ 994:5c5ade336926

Prefer stronger algorithms in algorithm negotiation. Prefer diffie-hellman-group14-sha1 (2048 bit) over diffie-hellman-group1-sha1 (1024 bit). Due to meet-in-the-middle attacks the effective key length of three key 3DES is 112 bits. AES is stronger and faster then 3DES. Prefer to delay the start of compression until after authentication has completed. This avoids exposing compression code to attacks from unauthenticated users. (github pull request #9)

author	Fedor Brunner <fedor.brunner@azet.sk>
date	Fri, 23 Jan 2015 23:00:25 +0800
parents	731f624af902
children	47643024fc90

rev	line source
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1 /*
74 e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	2 * Dropbear SSH
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	3 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	4 * Copyright (c) 2002,2003 Matt Johnston
74 e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	5 * Copyright (c) 2004 by Mihnea Stoenescu
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	6 * All rights reserved.
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	7 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	8 * Permission is hereby granted, free of charge, to any person obtaining a copy
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	9 * of this software and associated documentation files (the "Software"), to deal
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	10 * in the Software without restriction, including without limitation the rights
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	11 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	12 * copies of the Software, and to permit persons to whom the Software is
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	13 * furnished to do so, subject to the following conditions:
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	14 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	15 * The above copyright notice and this permission notice shall be included in
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	16 * all copies or substantial portions of the Software.
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	17 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	18 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	19 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	20 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	21 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	22 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	23 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	24 * SOFTWARE. */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	25
761 ac2158e3e403 ecc kind of works, needs fixing/testing Matt Johnston <matt@ucc.asn.au> parents: 759 diff changeset	26 #include "includes.h"
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	27 #include "algo.h"
741 eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	28 #include "session.h"
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	29 #include "dbutil.h"
759 76fba0856749 More changes for KEX and ECDH. Set up hash descriptors, make ECC code work, Matt Johnston <matt@ucc.asn.au> parents: 756 diff changeset	30 #include "kex.h"
761 ac2158e3e403 ecc kind of works, needs fixing/testing Matt Johnston <matt@ucc.asn.au> parents: 759 diff changeset	31 #include "ltc_prng.h"
ac2158e3e403 ecc kind of works, needs fixing/testing Matt Johnston <matt@ucc.asn.au> parents: 759 diff changeset	32 #include "ecc.h"
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	33
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	34 /* This file (algo.c) organises the ciphers which can be used, and is used to
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	35 * decide which ciphers/hashes/compression/signing to use during key exchange*/
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	36
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	37 static int void_cipher(const unsigned char* in, unsigned char* out,
761 ac2158e3e403 ecc kind of works, needs fixing/testing Matt Johnston <matt@ucc.asn.au> parents: 759 diff changeset	38 unsigned long len, void* UNUSED(cipher_state)) {
543 e12c9225acbd - Don't memcpy() in place with void_encrypt Matt Johnston <matt@ucc.asn.au> parents: 503 diff changeset	39 if (in != out) {
e12c9225acbd - Don't memcpy() in place with void_encrypt Matt Johnston <matt@ucc.asn.au> parents: 503 diff changeset	40 memmove(out, in, len);
e12c9225acbd - Don't memcpy() in place with void_encrypt Matt Johnston <matt@ucc.asn.au> parents: 503 diff changeset	41 }
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	42 return CRYPT_OK;
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	43 }
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	44
761 ac2158e3e403 ecc kind of works, needs fixing/testing Matt Johnston <matt@ucc.asn.au> parents: 759 diff changeset	45 static int void_start(int UNUSED(cipher), const unsigned char* UNUSED(IV),
ac2158e3e403 ecc kind of works, needs fixing/testing Matt Johnston <matt@ucc.asn.au> parents: 759 diff changeset	46 const unsigned char* UNUSED(key),
ac2158e3e403 ecc kind of works, needs fixing/testing Matt Johnston <matt@ucc.asn.au> parents: 759 diff changeset	47 int UNUSED(keylen), int UNUSED(num_rounds), void* UNUSED(cipher_state)) {
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	48 return CRYPT_OK;
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	49 }
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	50
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	51 /* Mappings for ciphers, parameters are
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	52 {&cipher_desc, keysize, blocksize} */
715 cd3d3c63d189 Make hmac-sha2-256 and hmac-sha2-512 work Matt Johnston <matt@ucc.asn.au> parents: 686 diff changeset	53
cd3d3c63d189 Make hmac-sha2-256 and hmac-sha2-512 work Matt Johnston <matt@ucc.asn.au> parents: 686 diff changeset	54 /* Remember to add new ciphers/hashes to regciphers/reghashes too */
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	55
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	56 #ifdef DROPBEAR_AES256
228 5e4110bb753a - Fixed twofish algorithm naming so it actually works. Matt Johnston <matt@ucc.asn.au> parents: 227 diff changeset	57 static const struct dropbear_cipher dropbear_aes256 =
5e4110bb753a - Fixed twofish algorithm naming so it actually works. Matt Johnston <matt@ucc.asn.au> parents: 227 diff changeset	58 {&aes_desc, 32, 16};
5e4110bb753a - Fixed twofish algorithm naming so it actually works. Matt Johnston <matt@ucc.asn.au> parents: 227 diff changeset	59 #endif
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	60 #ifdef DROPBEAR_AES128
227 ad1b24e39bf3 Make a variables static Matt Johnston <matt@ucc.asn.au> parents: 194 diff changeset	61 static const struct dropbear_cipher dropbear_aes128 =
150 82fcf3185616 Cleaning out various dead wood found with -dead_strip Matt Johnston <matt@ucc.asn.au> parents: 74 diff changeset	62 {&aes_desc, 16, 16};
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	63 #endif
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	64 #ifdef DROPBEAR_BLOWFISH
227 ad1b24e39bf3 Make a variables static Matt Johnston <matt@ucc.asn.au> parents: 194 diff changeset	65 static const struct dropbear_cipher dropbear_blowfish =
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	66 {&blowfish_desc, 16, 8};
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	67 #endif
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	68 #ifdef DROPBEAR_TWOFISH256
228 5e4110bb753a - Fixed twofish algorithm naming so it actually works. Matt Johnston <matt@ucc.asn.au> parents: 227 diff changeset	69 static const struct dropbear_cipher dropbear_twofish256 =
5e4110bb753a - Fixed twofish algorithm naming so it actually works. Matt Johnston <matt@ucc.asn.au> parents: 227 diff changeset	70 {&twofish_desc, 32, 16};
5e4110bb753a - Fixed twofish algorithm naming so it actually works. Matt Johnston <matt@ucc.asn.au> parents: 227 diff changeset	71 #endif
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	72 #ifdef DROPBEAR_TWOFISH128
227 ad1b24e39bf3 Make a variables static Matt Johnston <matt@ucc.asn.au> parents: 194 diff changeset	73 static const struct dropbear_cipher dropbear_twofish128 =
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	74 {&twofish_desc, 16, 16};
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	75 #endif
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	76 #ifdef DROPBEAR_3DES
227 ad1b24e39bf3 Make a variables static Matt Johnston <matt@ucc.asn.au> parents: 194 diff changeset	77 static const struct dropbear_cipher dropbear_3des =
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	78 {&des3_desc, 24, 8};
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	79 #endif
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	80
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	81 /* used to indicate no encryption, as defined in rfc2410 */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	82 const struct dropbear_cipher dropbear_nocipher =
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	83 {NULL, 16, 8};
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	84
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	85 /* A few void* s are required to silence warnings
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	86 * about the symmetric_CBC vs symmetric_CTR cipher_state pointer */
992 731f624af902 Add config option to disable cbc. Disable twofish by default Matt Johnston <matt@ucc.asn.au> parents: 857 diff changeset	87 #ifdef DROPBEAR_ENABLE_CBC_MODE
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	88 const struct dropbear_cipher_mode dropbear_mode_cbc =
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	89 {(void)cbc_start, (void)cbc_encrypt, (void*)cbc_decrypt};
992 731f624af902 Add config option to disable cbc. Disable twofish by default Matt Johnston <matt@ucc.asn.au> parents: 857 diff changeset	90 #endif // DROPBEAR_ENABLE_CBC_MODE
731f624af902 Add config option to disable cbc. Disable twofish by default Matt Johnston <matt@ucc.asn.au> parents: 857 diff changeset	91
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	92 const struct dropbear_cipher_mode dropbear_mode_none =
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	93 {void_start, void_cipher, void_cipher};
992 731f624af902 Add config option to disable cbc. Disable twofish by default Matt Johnston <matt@ucc.asn.au> parents: 857 diff changeset	94
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	95 #ifdef DROPBEAR_ENABLE_CTR_MODE
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	96 /* a wrapper to make ctr_start and cbc_start look the same */
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	97 static int dropbear_big_endian_ctr_start(int cipher,
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	98 const unsigned char *IV,
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	99 const unsigned char *key, int keylen,
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	100 int num_rounds, symmetric_CTR *ctr) {
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	101 return ctr_start(cipher, IV, key, keylen, num_rounds, CTR_COUNTER_BIG_ENDIAN, ctr);
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	102 }
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	103 const struct dropbear_cipher_mode dropbear_mode_ctr =
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	104 {(void)dropbear_big_endian_ctr_start, (void)ctr_encrypt, (void*)ctr_decrypt};
992 731f624af902 Add config option to disable cbc. Disable twofish by default Matt Johnston <matt@ucc.asn.au> parents: 857 diff changeset	105 #endif // DROPBEAR_ENABLE_CTR_MODE
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	106
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	107 /* Mapping of ssh hashes to libtomcrypt hashes, including keysize etc.
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	108 {&hash_desc, keysize, hashsize} */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	109
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	110 #ifdef DROPBEAR_SHA1_HMAC
227 ad1b24e39bf3 Make a variables static Matt Johnston <matt@ucc.asn.au> parents: 194 diff changeset	111 static const struct dropbear_hash dropbear_sha1 =
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	112 {&sha1_desc, 20, 20};
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	113 #endif
228 5e4110bb753a - Fixed twofish algorithm naming so it actually works. Matt Johnston <matt@ucc.asn.au> parents: 227 diff changeset	114 #ifdef DROPBEAR_SHA1_96_HMAC
5e4110bb753a - Fixed twofish algorithm naming so it actually works. Matt Johnston <matt@ucc.asn.au> parents: 227 diff changeset	115 static const struct dropbear_hash dropbear_sha1_96 =
5e4110bb753a - Fixed twofish algorithm naming so it actually works. Matt Johnston <matt@ucc.asn.au> parents: 227 diff changeset	116 {&sha1_desc, 20, 12};
5e4110bb753a - Fixed twofish algorithm naming so it actually works. Matt Johnston <matt@ucc.asn.au> parents: 227 diff changeset	117 #endif
679 03073a27abb3 - Add hmac-sha2-256 and hmac-sha2-512. Needs debugging, seems to be Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	118 #ifdef DROPBEAR_SHA2_256_HMAC
03073a27abb3 - Add hmac-sha2-256 and hmac-sha2-512. Needs debugging, seems to be Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	119 static const struct dropbear_hash dropbear_sha2_256 =
03073a27abb3 - Add hmac-sha2-256 and hmac-sha2-512. Needs debugging, seems to be Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	120 {&sha256_desc, 32, 32};
03073a27abb3 - Add hmac-sha2-256 and hmac-sha2-512. Needs debugging, seems to be Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	121 #endif
03073a27abb3 - Add hmac-sha2-256 and hmac-sha2-512. Needs debugging, seems to be Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	122 #ifdef DROPBEAR_SHA2_512_HMAC
03073a27abb3 - Add hmac-sha2-256 and hmac-sha2-512. Needs debugging, seems to be Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	123 static const struct dropbear_hash dropbear_sha2_512 =
03073a27abb3 - Add hmac-sha2-256 and hmac-sha2-512. Needs debugging, seems to be Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	124 {&sha512_desc, 64, 64};
03073a27abb3 - Add hmac-sha2-256 and hmac-sha2-512. Needs debugging, seems to be Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	125 #endif
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	126 #ifdef DROPBEAR_MD5_HMAC
227 ad1b24e39bf3 Make a variables static Matt Johnston <matt@ucc.asn.au> parents: 194 diff changeset	127 static const struct dropbear_hash dropbear_md5 =
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	128 {&md5_desc, 16, 16};
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	129 #endif
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	130
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	131 const struct dropbear_hash dropbear_nohash =
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	132 {NULL, 16, 0}; /* used initially */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	133
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	134
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	135 /* The following map ssh names to internal values.
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	136 * The ordering here is important for the client - the first mode
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	137 * that is also supported by the server will get used. */
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	138
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	139 algo_type sshciphers[] = {
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	140 #ifdef DROPBEAR_ENABLE_CTR_MODE
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	141 #ifdef DROPBEAR_AES128
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	142 {"aes128-ctr", 0, &dropbear_aes128, 1, &dropbear_mode_ctr},
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	143 #endif
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	144 #ifdef DROPBEAR_AES256
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	145 {"aes256-ctr", 0, &dropbear_aes256, 1, &dropbear_mode_ctr},
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	146 #endif
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	147 #endif /* DROPBEAR_ENABLE_CTR_MODE */
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	148
992 731f624af902 Add config option to disable cbc. Disable twofish by default Matt Johnston <matt@ucc.asn.au> parents: 857 diff changeset	149 #ifdef DROPBEAR_ENABLE_CBC_MODE
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	150 #ifdef DROPBEAR_AES128
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	151 {"aes128-cbc", 0, &dropbear_aes128, 1, &dropbear_mode_cbc},
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	152 #endif
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	153 #ifdef DROPBEAR_AES256
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	154 {"aes256-cbc", 0, &dropbear_aes256, 1, &dropbear_mode_cbc},
235 c3dbd3e1a8ce Change the preferred algorithm order Matt Johnston <matt@ucc.asn.au> parents: 234 diff changeset	155 #endif
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	156 #ifdef DROPBEAR_TWOFISH256
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	157 {"twofish256-cbc", 0, &dropbear_twofish256, 1, &dropbear_mode_cbc},
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	158 {"twofish-cbc", 0, &dropbear_twofish256, 1, &dropbear_mode_cbc},
235 c3dbd3e1a8ce Change the preferred algorithm order Matt Johnston <matt@ucc.asn.au> parents: 234 diff changeset	159 #endif
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	160 #ifdef DROPBEAR_TWOFISH128
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	161 {"twofish128-cbc", 0, &dropbear_twofish128, 1, &dropbear_mode_cbc},
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	162 #endif
994 5c5ade336926 Prefer stronger algorithms in algorithm negotiation. Fedor Brunner <fedor.brunner@azet.sk> parents: 992 diff changeset	163 #ifdef DROPBEAR_3DES
5c5ade336926 Prefer stronger algorithms in algorithm negotiation. Fedor Brunner <fedor.brunner@azet.sk> parents: 992 diff changeset	164 {"3des-ctr", 0, &dropbear_3des, 1, &dropbear_mode_ctr},
5c5ade336926 Prefer stronger algorithms in algorithm negotiation. Fedor Brunner <fedor.brunner@azet.sk> parents: 992 diff changeset	165 #endif
5c5ade336926 Prefer stronger algorithms in algorithm negotiation. Fedor Brunner <fedor.brunner@azet.sk> parents: 992 diff changeset	166 #ifdef DROPBEAR_3DES
5c5ade336926 Prefer stronger algorithms in algorithm negotiation. Fedor Brunner <fedor.brunner@azet.sk> parents: 992 diff changeset	167 {"3des-cbc", 0, &dropbear_3des, 1, &dropbear_mode_cbc},
5c5ade336926 Prefer stronger algorithms in algorithm negotiation. Fedor Brunner <fedor.brunner@azet.sk> parents: 992 diff changeset	168 #endif
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	169 #ifdef DROPBEAR_BLOWFISH
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	170 {"blowfish-cbc", 0, &dropbear_blowfish, 1, &dropbear_mode_cbc},
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	171 #endif
992 731f624af902 Add config option to disable cbc. Disable twofish by default Matt Johnston <matt@ucc.asn.au> parents: 857 diff changeset	172 #endif /* DROPBEAR_ENABLE_CBC_MODE */
252 29afa62b5450 - a hack for grahame to run dropbear with "none" cipher. Matt Johnston <matt@ucc.asn.au> parents: 238 diff changeset	173 #ifdef DROPBEAR_NONE_CIPHER
512 0129fd8ccc71 Update nocrypto branch to current head Matt Johnston <matt@ucc.asn.au> parents: 511 diff changeset	174 {"none", 0, (void*)&dropbear_nocipher, 1, &dropbear_mode_none},
252 29afa62b5450 - a hack for grahame to run dropbear with "none" cipher. Matt Johnston <matt@ucc.asn.au> parents: 238 diff changeset	175 #endif
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	176 {NULL, 0, NULL, 0, NULL}
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	177 };
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	178
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	179 algo_type sshhashes[] = {
679 03073a27abb3 - Add hmac-sha2-256 and hmac-sha2-512. Needs debugging, seems to be Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	180 #ifdef DROPBEAR_SHA2_256_HMAC
715 cd3d3c63d189 Make hmac-sha2-256 and hmac-sha2-512 work Matt Johnston <matt@ucc.asn.au> parents: 686 diff changeset	181 {"hmac-sha2-256", 0, &dropbear_sha2_256, 1, NULL},
679 03073a27abb3 - Add hmac-sha2-256 and hmac-sha2-512. Needs debugging, seems to be Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	182 #endif
03073a27abb3 - Add hmac-sha2-256 and hmac-sha2-512. Needs debugging, seems to be Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	183 #ifdef DROPBEAR_SHA2_512_HMAC
715 cd3d3c63d189 Make hmac-sha2-256 and hmac-sha2-512 work Matt Johnston <matt@ucc.asn.au> parents: 686 diff changeset	184 {"hmac-sha2-512", 0, &dropbear_sha2_512, 1, NULL},
679 03073a27abb3 - Add hmac-sha2-256 and hmac-sha2-512. Needs debugging, seems to be Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	185 #endif
228 5e4110bb753a - Fixed twofish algorithm naming so it actually works. Matt Johnston <matt@ucc.asn.au> parents: 227 diff changeset	186 #ifdef DROPBEAR_SHA1_96_HMAC
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	187 {"hmac-sha1-96", 0, &dropbear_sha1_96, 1, NULL},
228 5e4110bb753a - Fixed twofish algorithm naming so it actually works. Matt Johnston <matt@ucc.asn.au> parents: 227 diff changeset	188 #endif
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	189 #ifdef DROPBEAR_SHA1_HMAC
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	190 {"hmac-sha1", 0, &dropbear_sha1, 1, NULL},
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	191 #endif
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	192 #ifdef DROPBEAR_MD5_HMAC
681 a4b7627b3157 Update insecure-nocrypto to current head Matt Johnston <matt@ucc.asn.au> parents: 679 512 diff changeset	193 {"hmac-md5", 0, (void*)&dropbear_md5, 1, NULL},
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	194 #endif
252 29afa62b5450 - a hack for grahame to run dropbear with "none" cipher. Matt Johnston <matt@ucc.asn.au> parents: 238 diff changeset	195 #ifdef DROPBEAR_NONE_INTEGRITY
681 a4b7627b3157 Update insecure-nocrypto to current head Matt Johnston <matt@ucc.asn.au> parents: 679 512 diff changeset	196 {"none", 0, (void*)&dropbear_nohash, 1, NULL},
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	197 #endif
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	198 {NULL, 0, NULL, 0, NULL}
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	199 };
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	200
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	201 #ifndef DISABLE_ZLIB
575 f9b5dc0cba61 - Disable compression for non-final multihops Matt Johnston <matt@ucc.asn.au> parents: 543 diff changeset	202 algo_type ssh_compress[] = {
994 5c5ade336926 Prefer stronger algorithms in algorithm negotiation. Fedor Brunner <fedor.brunner@azet.sk> parents: 992 diff changeset	203 {"[email protected]", DROPBEAR_COMP_ZLIB_DELAY, NULL, 1, NULL},
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	204 {"zlib", DROPBEAR_COMP_ZLIB, NULL, 1, NULL},
575 f9b5dc0cba61 - Disable compression for non-final multihops Matt Johnston <matt@ucc.asn.au> parents: 543 diff changeset	205 {"none", DROPBEAR_COMP_NONE, NULL, 1, NULL},
f9b5dc0cba61 - Disable compression for non-final multihops Matt Johnston <matt@ucc.asn.au> parents: 543 diff changeset	206 {NULL, 0, NULL, 0, NULL}
f9b5dc0cba61 - Disable compression for non-final multihops Matt Johnston <matt@ucc.asn.au> parents: 543 diff changeset	207 };
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	208 #endif
575 f9b5dc0cba61 - Disable compression for non-final multihops Matt Johnston <matt@ucc.asn.au> parents: 543 diff changeset	209
f9b5dc0cba61 - Disable compression for non-final multihops Matt Johnston <matt@ucc.asn.au> parents: 543 diff changeset	210 algo_type ssh_nocompress[] = {
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	211 {"none", DROPBEAR_COMP_NONE, NULL, 1, NULL},
43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	212 {NULL, 0, NULL, 0, NULL}
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	213 };
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	214
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	215 algo_type sshhostkey[] = {
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	216 #ifdef DROPBEAR_ECDSA
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	217 #ifdef DROPBEAR_ECC_256
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	218 {"ecdsa-sha2-nistp256", DROPBEAR_SIGNKEY_ECDSA_NISTP256, NULL, 1, NULL},
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	219 #endif
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	220 #ifdef DROPBEAR_ECC_384
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	221 {"ecdsa-sha2-nistp384", DROPBEAR_SIGNKEY_ECDSA_NISTP384, NULL, 1, NULL},
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	222 #endif
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	223 #ifdef DROPBEAR_ECC_521
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	224 {"ecdsa-sha2-nistp521", DROPBEAR_SIGNKEY_ECDSA_NISTP521, NULL, 1, NULL},
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	225 #endif
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 766 diff changeset	226 #endif
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	227 #ifdef DROPBEAR_RSA
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	228 {"ssh-rsa", DROPBEAR_SIGNKEY_RSA, NULL, 1, NULL},
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	229 #endif
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	230 #ifdef DROPBEAR_DSS
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	231 {"ssh-dss", DROPBEAR_SIGNKEY_DSS, NULL, 1, NULL},
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	232 #endif
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	233 {NULL, 0, NULL, 0, NULL}
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	234 };
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	235
848 6c69e7df3621 curve25519 Matt Johnston <matt@ucc.asn.au> parents: 840 diff changeset	236 static const struct dropbear_kex kex_dh_group1 = {DROPBEAR_KEX_NORMAL_DH, dh_p_1, DH_P_1_LEN, NULL, &sha1_desc };
6c69e7df3621 curve25519 Matt Johnston <matt@ucc.asn.au> parents: 840 diff changeset	237 static const struct dropbear_kex kex_dh_group14 = {DROPBEAR_KEX_NORMAL_DH, dh_p_14, DH_P_14_LEN, NULL, &sha1_desc };
756 bf9dc2d9c2b1 more bits on ecc branch Matt Johnston <matt@ucc.asn.au> parents: 755 diff changeset	238
852 7540c0822374 Various cleanups and fixes for warnings Matt Johnston <matt@ucc.asn.au> parents: 848 diff changeset	239 /* These can't be const since dropbear_ecc_fill_dp() fills out
7540c0822374 Various cleanups and fixes for warnings Matt Johnston <matt@ucc.asn.au> parents: 848 diff changeset	240 ecc_curve at runtime */
761 ac2158e3e403 ecc kind of works, needs fixing/testing Matt Johnston <matt@ucc.asn.au> parents: 759 diff changeset	241 #ifdef DROPBEAR_ECDH
756 bf9dc2d9c2b1 more bits on ecc branch Matt Johnston <matt@ucc.asn.au> parents: 755 diff changeset	242 #ifdef DROPBEAR_ECC_256
848 6c69e7df3621 curve25519 Matt Johnston <matt@ucc.asn.au> parents: 840 diff changeset	243 static struct dropbear_kex kex_ecdh_nistp256 = {DROPBEAR_KEX_ECDH, NULL, 0, &ecc_curve_nistp256, &sha256_desc };
756 bf9dc2d9c2b1 more bits on ecc branch Matt Johnston <matt@ucc.asn.au> parents: 755 diff changeset	244 #endif
bf9dc2d9c2b1 more bits on ecc branch Matt Johnston <matt@ucc.asn.au> parents: 755 diff changeset	245 #ifdef DROPBEAR_ECC_384
848 6c69e7df3621 curve25519 Matt Johnston <matt@ucc.asn.au> parents: 840 diff changeset	246 static struct dropbear_kex kex_ecdh_nistp384 = {DROPBEAR_KEX_ECDH, NULL, 0, &ecc_curve_nistp384, &sha384_desc };
756 bf9dc2d9c2b1 more bits on ecc branch Matt Johnston <matt@ucc.asn.au> parents: 755 diff changeset	247 #endif
bf9dc2d9c2b1 more bits on ecc branch Matt Johnston <matt@ucc.asn.au> parents: 755 diff changeset	248 #ifdef DROPBEAR_ECC_521
848 6c69e7df3621 curve25519 Matt Johnston <matt@ucc.asn.au> parents: 840 diff changeset	249 static struct dropbear_kex kex_ecdh_nistp521 = {DROPBEAR_KEX_ECDH, NULL, 0, &ecc_curve_nistp521, &sha512_desc };
756 bf9dc2d9c2b1 more bits on ecc branch Matt Johnston <matt@ucc.asn.au> parents: 755 diff changeset	250 #endif
848 6c69e7df3621 curve25519 Matt Johnston <matt@ucc.asn.au> parents: 840 diff changeset	251 #endif /* DROPBEAR_ECDH */
756 bf9dc2d9c2b1 more bits on ecc branch Matt Johnston <matt@ucc.asn.au> parents: 755 diff changeset	252
848 6c69e7df3621 curve25519 Matt Johnston <matt@ucc.asn.au> parents: 840 diff changeset	253 #ifdef DROPBEAR_CURVE25519
6c69e7df3621 curve25519 Matt Johnston <matt@ucc.asn.au> parents: 840 diff changeset	254 /* Referred to directly */
852 7540c0822374 Various cleanups and fixes for warnings Matt Johnston <matt@ucc.asn.au> parents: 848 diff changeset	255 static const struct dropbear_kex kex_curve25519 = {DROPBEAR_KEX_CURVE25519, NULL, 0, NULL, &sha256_desc };
848 6c69e7df3621 curve25519 Matt Johnston <matt@ucc.asn.au> parents: 840 diff changeset	256 #endif
756 bf9dc2d9c2b1 more bits on ecc branch Matt Johnston <matt@ucc.asn.au> parents: 755 diff changeset	257
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	258 algo_type sshkex[] = {
848 6c69e7df3621 curve25519 Matt Johnston <matt@ucc.asn.au> parents: 840 diff changeset	259 #ifdef DROPBEAR_CURVE25519
6c69e7df3621 curve25519 Matt Johnston <matt@ucc.asn.au> parents: 840 diff changeset	260 {"[email protected]", 0, &kex_curve25519, 1, NULL},
6c69e7df3621 curve25519 Matt Johnston <matt@ucc.asn.au> parents: 840 diff changeset	261 #endif
761 ac2158e3e403 ecc kind of works, needs fixing/testing Matt Johnston <matt@ucc.asn.au> parents: 759 diff changeset	262 #ifdef DROPBEAR_ECDH
840 5128e525c8fa Default to some larger key sizes Matt Johnston <matt@ucc.asn.au> parents: 801 diff changeset	263 #ifdef DROPBEAR_ECC_521
5128e525c8fa Default to some larger key sizes Matt Johnston <matt@ucc.asn.au> parents: 801 diff changeset	264 {"ecdh-sha2-nistp521", 0, &kex_ecdh_nistp521, 1, NULL},
756 bf9dc2d9c2b1 more bits on ecc branch Matt Johnston <matt@ucc.asn.au> parents: 755 diff changeset	265 #endif
bf9dc2d9c2b1 more bits on ecc branch Matt Johnston <matt@ucc.asn.au> parents: 755 diff changeset	266 #ifdef DROPBEAR_ECC_384
762 a78a38e402d1 - Fix various hardcoded uses of SHA1 Matt Johnston <matt@ucc.asn.au> parents: 761 diff changeset	267 {"ecdh-sha2-nistp384", 0, &kex_ecdh_nistp384, 1, NULL},
756 bf9dc2d9c2b1 more bits on ecc branch Matt Johnston <matt@ucc.asn.au> parents: 755 diff changeset	268 #endif
840 5128e525c8fa Default to some larger key sizes Matt Johnston <matt@ucc.asn.au> parents: 801 diff changeset	269 #ifdef DROPBEAR_ECC_256
5128e525c8fa Default to some larger key sizes Matt Johnston <matt@ucc.asn.au> parents: 801 diff changeset	270 {"ecdh-sha2-nistp256", 0, &kex_ecdh_nistp256, 1, NULL},
756 bf9dc2d9c2b1 more bits on ecc branch Matt Johnston <matt@ucc.asn.au> parents: 755 diff changeset	271 #endif
bf9dc2d9c2b1 more bits on ecc branch Matt Johnston <matt@ucc.asn.au> parents: 755 diff changeset	272 #endif
994 5c5ade336926 Prefer stronger algorithms in algorithm negotiation. Fedor Brunner <fedor.brunner@azet.sk> parents: 992 diff changeset	273 {"diffie-hellman-group14-sha1", 0, &kex_dh_group14, 1, NULL},
756 bf9dc2d9c2b1 more bits on ecc branch Matt Johnston <matt@ucc.asn.au> parents: 755 diff changeset	274 {"diffie-hellman-group1-sha1", 0, &kex_dh_group1, 1, NULL},
746 465fefc4f6e0 Put some #ifdef options around first-follows options in case they Matt Johnston <matt@ucc.asn.au> parents: 745 diff changeset	275 #ifdef USE_KEXGUESS2
740 3062da90dab8 Add kexguess2 behaviour Matt Johnston <matt@ucc.asn.au> parents: 715 diff changeset	276 {KEXGUESS2_ALGO_NAME, KEXGUESS2_ALGO_ID, NULL, 1, NULL},
746 465fefc4f6e0 Put some #ifdef options around first-follows options in case they Matt Johnston <matt@ucc.asn.au> parents: 745 diff changeset	277 #endif
502 43bbe17d6ba0 - Add Counter Mode support Matt Johnston <matt@ucc.asn.au> parents: 501 diff changeset	278 {NULL, 0, NULL, 0, NULL}
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	279 };
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	280
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	281 /* algolen specifies the length of algo, algos is our local list to match
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	282 * against.
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	283 * Returns DROPBEAR_SUCCESS if we have a match for algo, DROPBEAR_FAILURE
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	284 * otherwise */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	285 int have_algo(char* algo, size_t algolen, algo_type algos[]) {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	286
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	287 int i;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	288
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	289 for (i = 0; algos[i].name != NULL; i++) {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	290 if (strlen(algos[i].name) == algolen
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	291 && (strncmp(algos[i].name, algo, algolen) == 0)) {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	292 return DROPBEAR_SUCCESS;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	293 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	294 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	295
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	296 return DROPBEAR_FAILURE;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	297 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	298
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	299 /* Output a comma separated list of algorithms to a buffer */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	300 void buf_put_algolist(buffer * buf, algo_type localalgos[]) {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	301
238 e923801a7678 use a buffer rather than raw char array for creating Matt Johnston <matt@ucc.asn.au> parents: 237 diff changeset	302 unsigned int i, len;
e923801a7678 use a buffer rather than raw char array for creating Matt Johnston <matt@ucc.asn.au> parents: 237 diff changeset	303 unsigned int donefirst = 0;
e923801a7678 use a buffer rather than raw char array for creating Matt Johnston <matt@ucc.asn.au> parents: 237 diff changeset	304 buffer *algolist = NULL;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	305
848 6c69e7df3621 curve25519 Matt Johnston <matt@ucc.asn.au> parents: 840 diff changeset	306 algolist = buf_new(200);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	307 for (i = 0; localalgos[i].name != NULL; i++) {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	308 if (localalgos[i].usable) {
238 e923801a7678 use a buffer rather than raw char array for creating Matt Johnston <matt@ucc.asn.au> parents: 237 diff changeset	309 if (donefirst)
e923801a7678 use a buffer rather than raw char array for creating Matt Johnston <matt@ucc.asn.au> parents: 237 diff changeset	310 buf_putbyte(algolist, ',');
e923801a7678 use a buffer rather than raw char array for creating Matt Johnston <matt@ucc.asn.au> parents: 237 diff changeset	311 donefirst = 1;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	312 len = strlen(localalgos[i].name);
238 e923801a7678 use a buffer rather than raw char array for creating Matt Johnston <matt@ucc.asn.au> parents: 237 diff changeset	313 buf_putbytes(algolist, localalgos[i].name, len);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	314 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	315 }
238 e923801a7678 use a buffer rather than raw char array for creating Matt Johnston <matt@ucc.asn.au> parents: 237 diff changeset	316 buf_putstring(buf, algolist->data, algolist->len);
e923801a7678 use a buffer rather than raw char array for creating Matt Johnston <matt@ucc.asn.au> parents: 237 diff changeset	317 buf_free(algolist);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	318 }
682 4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	319
741 eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	320 /* match the first algorithm in the comma-separated list in buf which is
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	321 * also in localalgos[], or return NULL on failure.
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	322 * (*goodguess) is set to 1 if the preferred client/server algos match,
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	323 * 0 otherwise. This is used for checking if the kexalgo/hostkeyalgos are
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	324 * guessed correctly */
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	325 algo_type * buf_match_algo(buffer* buf, algo_type localalgos[],
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	326 enum kexguess2_used kexguess2, int goodguess)
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	327 {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	328
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	329 unsigned char * algolist = NULL;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	330 const unsigned char remotenames[MAX_PROPOSED_ALGO], localnames[MAX_PROPOSED_ALGO];
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	331 unsigned int len;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	332 unsigned int remotecount, localcount, clicount, servcount, i, j;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	333 algo_type * ret = NULL;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	334 const unsigned char clinames, servnames;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	335
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	336 if (goodguess) {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	337 *goodguess = 0;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	338 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	339
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	340 /* get the comma-separated list from the buffer ie "algo1,algo2,algo3" */
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	341 algolist = buf_getstring(buf, &len);
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	342 TRACE(("buf_match_algo: %s", algolist))
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	343 if (len > MAX_PROPOSED_ALGO*(MAX_NAME_LEN+1)) {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	344 goto out;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	345 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	346
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	347 /* remotenames will contain a list of the strings parsed out */
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	348 /* We will have at least one string (even if it's just "") */
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	349 remotenames[0] = algolist;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	350 remotecount = 1;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	351 for (i = 0; i < len; i++) {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	352 if (algolist[i] == '\0') {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	353 /* someone is trying something strange */
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	354 goto out;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	355 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	356 if (algolist[i] == ',') {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	357 algolist[i] = '\0';
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	358 remotenames[remotecount] = &algolist[i+1];
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	359 remotecount++;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	360 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	361 if (remotecount >= MAX_PROPOSED_ALGO) {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	362 break;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	363 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	364 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	365 if (kexguess2 && *kexguess2 == KEXGUESS2_LOOK) {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	366 for (i = 0; i < remotecount; i++)
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	367 {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	368 if (strcmp(remotenames[i], KEXGUESS2_ALGO_NAME) == 0) {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	369 *kexguess2 = KEXGUESS2_YES;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	370 break;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	371 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	372 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	373 if (*kexguess2 == KEXGUESS2_LOOK) {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	374 *kexguess2 = KEXGUESS2_NO;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	375 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	376 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	377
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	378 for (i = 0; localalgos[i].name != NULL; i++) {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	379 if (localalgos[i].usable) {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	380 localnames[i] = localalgos[i].name;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	381 } else {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	382 localnames[i] = NULL;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	383 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	384 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	385 localcount = i;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	386
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	387 if (IS_DROPBEAR_SERVER) {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	388 clinames = remotenames;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	389 clicount = remotecount;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	390 servnames = localnames;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	391 servcount = localcount;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	392 } else {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	393 clinames = localnames;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	394 clicount = localcount;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	395 servnames = remotenames;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	396 servcount = remotecount;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	397 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	398
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	399 /* iterate and find the first match */
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	400 for (i = 0; i < clicount; i++) {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	401 for (j = 0; j < servcount; j++) {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	402 if (!(servnames[j] && clinames[i])) {
857 c19acba28590 use oldstyle comments Matt Johnston <matt@ucc.asn.au> parents: 852 diff changeset	403 /* unusable algos are NULL */
741 eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	404 continue;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	405 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	406 if (strcmp(servnames[j], clinames[i]) == 0) {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	407 /* set if it was a good guess */
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	408 if (goodguess && kexguess2) {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	409 if (*kexguess2 == KEXGUESS2_YES) {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	410 if (i == 0) {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	411 *goodguess = 1;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	412 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	413
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	414 } else {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	415 if (i == 0 && j == 0) {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	416 *goodguess = 1;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	417 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	418 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	419 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	420 /* set the algo to return */
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	421 if (IS_DROPBEAR_SERVER) {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	422 ret = &localalgos[j];
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	423 } else {
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	424 ret = &localalgos[i];
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	425 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	426 goto out;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	427 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	428 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	429 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	430
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	431 out:
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	432 m_free(algolist);
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	433 return ret;
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	434 }
eafdf8b363f5 Get rid of client/server specific buf_match_algo, use single Matt Johnston <matt@ucc.asn.au> parents: 740 diff changeset	435
686 983a817f8e41 - Only request "none" cipher after auth has succeeded Matt Johnston <matt@ucc.asn.au> parents: 684 diff changeset	436 #ifdef DROPBEAR_NONE_CIPHER
983a817f8e41 - Only request "none" cipher after auth has succeeded Matt Johnston <matt@ucc.asn.au> parents: 684 diff changeset	437
983a817f8e41 - Only request "none" cipher after auth has succeeded Matt Johnston <matt@ucc.asn.au> parents: 684 diff changeset	438 void
983a817f8e41 - Only request "none" cipher after auth has succeeded Matt Johnston <matt@ucc.asn.au> parents: 684 diff changeset	439 set_algo_usable(algo_type algos[], const char * algo_name, int usable)
983a817f8e41 - Only request "none" cipher after auth has succeeded Matt Johnston <matt@ucc.asn.au> parents: 684 diff changeset	440 {
983a817f8e41 - Only request "none" cipher after auth has succeeded Matt Johnston <matt@ucc.asn.au> parents: 684 diff changeset	441 algo_type *a;
983a817f8e41 - Only request "none" cipher after auth has succeeded Matt Johnston <matt@ucc.asn.au> parents: 684 diff changeset	442 for (a = algos; a->name != NULL; a++)
983a817f8e41 - Only request "none" cipher after auth has succeeded Matt Johnston <matt@ucc.asn.au> parents: 684 diff changeset	443 {
983a817f8e41 - Only request "none" cipher after auth has succeeded Matt Johnston <matt@ucc.asn.au> parents: 684 diff changeset	444 if (strcmp(a->name, algo_name) == 0)
983a817f8e41 - Only request "none" cipher after auth has succeeded Matt Johnston <matt@ucc.asn.au> parents: 684 diff changeset	445 {
983a817f8e41 - Only request "none" cipher after auth has succeeded Matt Johnston <matt@ucc.asn.au> parents: 684 diff changeset	446 a->usable = usable;
983a817f8e41 - Only request "none" cipher after auth has succeeded Matt Johnston <matt@ucc.asn.au> parents: 684 diff changeset	447 return;
983a817f8e41 - Only request "none" cipher after auth has succeeded Matt Johnston <matt@ucc.asn.au> parents: 684 diff changeset	448 }
983a817f8e41 - Only request "none" cipher after auth has succeeded Matt Johnston <matt@ucc.asn.au> parents: 684 diff changeset	449 }
983a817f8e41 - Only request "none" cipher after auth has succeeded Matt Johnston <matt@ucc.asn.au> parents: 684 diff changeset	450 }
983a817f8e41 - Only request "none" cipher after auth has succeeded Matt Johnston <matt@ucc.asn.au> parents: 684 diff changeset	451
983a817f8e41 - Only request "none" cipher after auth has succeeded Matt Johnston <matt@ucc.asn.au> parents: 684 diff changeset	452 int
983a817f8e41 - Only request "none" cipher after auth has succeeded Matt Johnston <matt@ucc.asn.au> parents: 684 diff changeset	453 get_algo_usable(algo_type algos[], const char * algo_name)
983a817f8e41 - Only request "none" cipher after auth has succeeded Matt Johnston <matt@ucc.asn.au> parents: 684 diff changeset	454 {
983a817f8e41 - Only request "none" cipher after auth has succeeded Matt Johnston <matt@ucc.asn.au> parents: 684 diff changeset	455 algo_type *a;
983a817f8e41 - Only request "none" cipher after auth has succeeded Matt Johnston <matt@ucc.asn.au> parents: 684 diff changeset	456 for (a = algos; a->name != NULL; a++)
983a817f8e41 - Only request "none" cipher after auth has succeeded Matt Johnston <matt@ucc.asn.au> parents: 684 diff changeset	457 {
983a817f8e41 - Only request "none" cipher after auth has succeeded Matt Johnston <matt@ucc.asn.au> parents: 684 diff changeset	458 if (strcmp(a->name, algo_name) == 0)
983a817f8e41 - Only request "none" cipher after auth has succeeded Matt Johnston <matt@ucc.asn.au> parents: 684 diff changeset	459 {
983a817f8e41 - Only request "none" cipher after auth has succeeded Matt Johnston <matt@ucc.asn.au> parents: 684 diff changeset	460 return a->usable;
983a817f8e41 - Only request "none" cipher after auth has succeeded Matt Johnston <matt@ucc.asn.au> parents: 684 diff changeset	461 }
983a817f8e41 - Only request "none" cipher after auth has succeeded Matt Johnston <matt@ucc.asn.au> parents: 684 diff changeset	462 }
983a817f8e41 - Only request "none" cipher after auth has succeeded Matt Johnston <matt@ucc.asn.au> parents: 684 diff changeset	463 return 0;
983a817f8e41 - Only request "none" cipher after auth has succeeded Matt Johnston <matt@ucc.asn.au> parents: 684 diff changeset	464 }
983a817f8e41 - Only request "none" cipher after auth has succeeded Matt Johnston <matt@ucc.asn.au> parents: 684 diff changeset	465
857 c19acba28590 use oldstyle comments Matt Johnston <matt@ucc.asn.au> parents: 852 diff changeset	466 #endif /* DROPBEAR_NONE_CIPHER */
686 983a817f8e41 - Only request "none" cipher after auth has succeeded Matt Johnston <matt@ucc.asn.au> parents: 684 diff changeset	467
682 4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	468 #ifdef ENABLE_USER_ALGO_LIST
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	469
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	470 char *
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	471 algolist_string(algo_type algos[])
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	472 {
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	473 char *ret_list;
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	474 buffer *b = buf_new(200);
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	475 buf_put_algolist(b, algos);
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	476 buf_setpos(b, b->len);
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	477 buf_putbyte(b, '\0');
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	478 buf_setpos(b, 4);
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	479 ret_list = m_strdup(buf_getptr(b, b->len - b->pos));
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	480 buf_free(b);
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	481 return ret_list;
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	482 }
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	483
683 63f8d6c469cf ENABLE_USER_ALGO_LIST should work for the client Matt Johnston <matt@ucc.asn.au> parents: 682 diff changeset	484 static algo_type*
682 4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	485 check_algo(const char* algo_name, algo_type *algos)
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	486 {
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	487 algo_type *a;
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	488 for (a = algos; a->name != NULL; a++)
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	489 {
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	490 if (strcmp(a->name, algo_name) == 0)
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	491 {
683 63f8d6c469cf ENABLE_USER_ALGO_LIST should work for the client Matt Johnston <matt@ucc.asn.au> parents: 682 diff changeset	492 return a;
682 4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	493 }
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	494 }
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	495
683 63f8d6c469cf ENABLE_USER_ALGO_LIST should work for the client Matt Johnston <matt@ucc.asn.au> parents: 682 diff changeset	496 return NULL;
682 4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	497 }
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	498
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	499 static void
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	500 try_add_algo(const char algo_name, algo_type algos,
683 63f8d6c469cf ENABLE_USER_ALGO_LIST should work for the client Matt Johnston <matt@ucc.asn.au> parents: 682 diff changeset	501 const char algo_desc, algo_type new_algos, int *num_ret)
682 4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	502 {
683 63f8d6c469cf ENABLE_USER_ALGO_LIST should work for the client Matt Johnston <matt@ucc.asn.au> parents: 682 diff changeset	503 algo_type *match_algo = check_algo(algo_name, algos);
63f8d6c469cf ENABLE_USER_ALGO_LIST should work for the client Matt Johnston <matt@ucc.asn.au> parents: 682 diff changeset	504 if (!match_algo)
682 4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	505 {
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	506 dropbear_log(LOG_WARNING, "This Dropbear program does not support '%s' %s algorithm", algo_name, algo_desc);
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	507 return;
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	508 }
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	509
683 63f8d6c469cf ENABLE_USER_ALGO_LIST should work for the client Matt Johnston <matt@ucc.asn.au> parents: 682 diff changeset	510 new_algos[num_ret] = match_algo;
682 4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	511 (*num_ret)++;
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	512 }
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	513
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	514 /* Checks a user provided comma-separated algorithm list for available
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	515 * options. Any that are not acceptable are removed in-place. Returns the
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	516 * number of valid algorithms. */
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	517 int
683 63f8d6c469cf ENABLE_USER_ALGO_LIST should work for the client Matt Johnston <matt@ucc.asn.au> parents: 682 diff changeset	518 check_user_algos(const char* user_algo_list, algo_type * algos,
682 4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	519 const char *algo_desc)
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	520 {
683 63f8d6c469cf ENABLE_USER_ALGO_LIST should work for the client Matt Johnston <matt@ucc.asn.au> parents: 682 diff changeset	521 algo_type new_algos[MAX_PROPOSED_ALGO];
682 4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	522 /* this has two passes. first we sweep through the given list of
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	523 * algorithms and mark them as usable=2 in the algo_type[] array... */
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	524 int num_ret = 0;
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	525 char *work_list = m_strdup(user_algo_list);
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	526 char *last_name = work_list;
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	527 char *c;
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	528 for (c = work_list; *c; c++)
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	529 {
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	530 if (*c == ',')
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	531 {
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	532 *c = '\0';
683 63f8d6c469cf ENABLE_USER_ALGO_LIST should work for the client Matt Johnston <matt@ucc.asn.au> parents: 682 diff changeset	533 try_add_algo(last_name, algos, algo_desc, new_algos, &num_ret);
686 983a817f8e41 - Only request "none" cipher after auth has succeeded Matt Johnston <matt@ucc.asn.au> parents: 684 diff changeset	534 c++;
983a817f8e41 - Only request "none" cipher after auth has succeeded Matt Johnston <matt@ucc.asn.au> parents: 684 diff changeset	535 last_name = c;
682 4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	536 }
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	537 }
683 63f8d6c469cf ENABLE_USER_ALGO_LIST should work for the client Matt Johnston <matt@ucc.asn.au> parents: 682 diff changeset	538 try_add_algo(last_name, algos, algo_desc, new_algos, &num_ret);
682 4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	539 m_free(work_list);
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	540
683 63f8d6c469cf ENABLE_USER_ALGO_LIST should work for the client Matt Johnston <matt@ucc.asn.au> parents: 682 diff changeset	541 new_algos[num_ret].name = NULL;
63f8d6c469cf ENABLE_USER_ALGO_LIST should work for the client Matt Johnston <matt@ucc.asn.au> parents: 682 diff changeset	542
63f8d6c469cf ENABLE_USER_ALGO_LIST should work for the client Matt Johnston <matt@ucc.asn.au> parents: 682 diff changeset	543 /* Copy one more as a blank delimiter */
63f8d6c469cf ENABLE_USER_ALGO_LIST should work for the client Matt Johnston <matt@ucc.asn.au> parents: 682 diff changeset	544 memcpy(algos, new_algos, sizeof(new_algos) (num_ret+1));
682 4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	545 return num_ret;
4edea9f363d0 Add rough support for choosing ciphers/hashes with "-c" or "-m" Matt Johnston <matt@ucc.asn.au> parents: 595 diff changeset	546 }
857 c19acba28590 use oldstyle comments Matt Johnston <matt@ucc.asn.au> parents: 852 diff changeset	547 #endif /* ENABLE_USER_ALGO_LIST */

Mercurial > dropbear

annotate common-algo.c @ 994:5c5ade336926