aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJakub Jelen <jjelen@redhat.com>2019-11-01 14:59:27 +0100
committerAndreas Schneider <asn@cryptomilk.org>2019-11-18 11:59:01 +0100
commitc8a621c6063f205e631d83a8ccd4befc60056e93 (patch)
treea22b2067f408fb2b8d9dadfd0bb3b4d84dc785f6
parentec67ad47ebe200ad8a6b508e8ca061a073a3fde1 (diff)
downloadlibssh-c8a621c6063f205e631d83a8ccd4befc60056e93.tar.gz
libssh-c8a621c6063f205e631d83a8ccd4befc60056e93.tar.xz
libssh-c8a621c6063f205e631d83a8ccd4befc60056e93.zip
Use only one variable denoting the size of methods arrays
Previously, there was non-consistent usage of constans SSH_KEX_METHODS, KEX_METHODS_SIZE and of magic number 10 to reference the arrays used for algorithm negotiation by peers. This commit settles down to the single constant and its usage throughout the whole codebase. Fixes T195 Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
-rw-r--r--include/libssh/bind.h3
-rw-r--r--include/libssh/session.h2
-rw-r--r--src/bind.c4
-rw-r--r--src/kex.c22
-rw-r--r--src/options.c2
-rw-r--r--src/server.c4
-rw-r--r--src/session.c2
-rw-r--r--tests/unittests/torture_options.c2
8 files changed, 20 insertions, 21 deletions
diff --git a/include/libssh/bind.h b/include/libssh/bind.h
index 4ca23760..6b5f19dd 100644
--- a/include/libssh/bind.h
+++ b/include/libssh/bind.h
@@ -22,6 +22,7 @@
#define BIND_H_
#include "libssh/priv.h"
+#include "libssh/kex.h"
#include "libssh/session.h"
struct ssh_bind_struct {
@@ -31,7 +32,7 @@ struct ssh_bind_struct {
struct ssh_poll_handle_struct *poll;
/* options */
- char *wanted_methods[10];
+ char *wanted_methods[SSH_KEX_METHODS];
char *banner;
char *ecdsakey;
char *dsakey;
diff --git a/include/libssh/session.h b/include/libssh/session.h
index af02237d..22256150 100644
--- a/include/libssh/session.h
+++ b/include/libssh/session.h
@@ -213,7 +213,7 @@ struct ssh_session_struct {
char *sshdir;
char *knownhosts;
char *global_knownhosts;
- char *wanted_methods[10];
+ char *wanted_methods[SSH_KEX_METHODS];
char *pubkey_accepted_types;
char *ProxyCommand;
char *custombanner;
diff --git a/src/bind.c b/src/bind.c
index 8b45ef8b..fa8df9ea 100644
--- a/src/bind.c
+++ b/src/bind.c
@@ -411,7 +411,7 @@ void ssh_bind_free(ssh_bind sshbind){
ssh_key_free(sshbind->ed25519);
sshbind->ed25519 = NULL;
- for (i = 0; i < 10; i++) {
+ for (i = 0; i < SSH_KEX_METHODS; i++) {
if (sshbind->wanted_methods[i]) {
SAFE_FREE(sshbind->wanted_methods[i]);
}
@@ -442,7 +442,7 @@ int ssh_bind_accept_fd(ssh_bind sshbind, ssh_session session, socket_t fd){
session->server = 1;
/* Copy options from bind to session */
- for (i = 0; i < 10; i++) {
+ for (i = 0; i < SSH_KEX_METHODS; i++) {
if (sshbind->wanted_methods[i]) {
session->opts.wanted_methods[i] = strdup(sshbind->wanted_methods[i]);
if (session->opts.wanted_methods[i] == NULL) {
diff --git a/src/kex.c b/src/kex.c
index ae0e3b42..a0e14266 100644
--- a/src/kex.c
+++ b/src/kex.c
@@ -159,8 +159,6 @@
GEX_SHA1 \
KEY_EXCHANGE
-#define KEX_METHODS_SIZE 10
-
/* RFC 8308 */
#define KEX_EXTENSION_CLIENT "ext-info-c"
@@ -257,7 +255,7 @@ static const char *ssh_kex_descriptions[] = {
const char *ssh_kex_get_default_methods(uint32_t algo)
{
- if (algo >= KEX_METHODS_SIZE) {
+ if (algo >= SSH_KEX_METHODS) {
return NULL;
}
@@ -266,7 +264,7 @@ const char *ssh_kex_get_default_methods(uint32_t algo)
const char *ssh_kex_get_supported_method(uint32_t algo)
{
- if (algo >= KEX_METHODS_SIZE) {
+ if (algo >= SSH_KEX_METHODS) {
return NULL;
}
@@ -274,7 +272,7 @@ const char *ssh_kex_get_supported_method(uint32_t algo)
}
const char *ssh_kex_get_description(uint32_t algo) {
- if (algo >= KEX_METHODS_SIZE) {
+ if (algo >= SSH_KEX_METHODS) {
return NULL;
}
@@ -282,7 +280,7 @@ const char *ssh_kex_get_description(uint32_t algo) {
}
const char *ssh_kex_get_fips_methods(uint32_t algo) {
- if (algo >= KEX_METHODS_SIZE) {
+ if (algo >= SSH_KEX_METHODS) {
return NULL;
}
@@ -333,7 +331,7 @@ SSH_PACKET_CALLBACK(ssh_packet_kexinit)
int i, ok;
int server_kex = session->server;
ssh_string str = NULL;
- char *strings[KEX_METHODS_SIZE] = {0};
+ char *strings[SSH_KEX_METHODS] = {0};
char *rsa_sig_ext = NULL;
int rc = SSH_ERROR;
@@ -376,7 +374,7 @@ SSH_PACKET_CALLBACK(ssh_packet_kexinit)
}
}
- for (i = 0; i < KEX_METHODS_SIZE; i++) {
+ for (i = 0; i < SSH_KEX_METHODS; i++) {
str = ssh_buffer_get_ssh_string(packet);
if (str == NULL) {
goto error;
@@ -677,11 +675,11 @@ int ssh_set_client_kex(ssh_session session)
return SSH_ERROR;
}
- memset(client->methods, 0, KEX_METHODS_SIZE * sizeof(char **));
+ memset(client->methods, 0, SSH_KEX_METHODS * sizeof(char **));
/* Set the list of allowed algorithms in order of preference, if it hadn't
* been set yet. */
- for (i = 0; i < KEX_METHODS_SIZE; i++) {
+ for (i = 0; i < SSH_KEX_METHODS; i++) {
if (i == SSH_HOSTKEYS) {
/* Set the hostkeys in the following order:
* - First: keys present in known_hosts files ordered by preference
@@ -750,7 +748,7 @@ int ssh_kex_select_methods (ssh_session session){
ext_start[0] = '\0';
}
- for (i = 0; i < KEX_METHODS_SIZE; i++) {
+ for (i = 0; i < SSH_KEX_METHODS; i++) {
session->next_crypto->kex_methods[i]=ssh_find_matching(server->methods[i],client->methods[i]);
if(session->next_crypto->kex_methods[i] == NULL && i < SSH_LANG_C_S){
ssh_set_error(session,SSH_FATAL,"kex error : no match for method %s: server [%s], client [%s]",
@@ -823,7 +821,7 @@ int ssh_send_kex(ssh_session session, int server_kex) {
ssh_list_kex(kex);
- for (i = 0; i < KEX_METHODS_SIZE; i++) {
+ for (i = 0; i < SSH_KEX_METHODS; i++) {
str = ssh_string_from_char(kex->methods[i]);
if (str == NULL) {
goto error;
diff --git a/src/options.c b/src/options.c
index d9799e86..9c1a478f 100644
--- a/src/options.c
+++ b/src/options.c
@@ -154,7 +154,7 @@ int ssh_options_copy(ssh_session src, ssh_session *dest)
}
}
- for (i = 0; i < 10; i++) {
+ for (i = 0; i < SSH_KEX_METHODS; i++) {
if (src->opts.wanted_methods[i] != NULL) {
new->opts.wanted_methods[i] = strdup(src->opts.wanted_methods[i]);
if (new->opts.wanted_methods[i] == NULL) {
diff --git a/src/server.c b/src/server.c
index 14295fca..d34dee9d 100644
--- a/src/server.c
+++ b/src/server.c
@@ -166,7 +166,7 @@ int server_set_kex(ssh_session session)
return -1;
}
- for (i = 0; i < 10; i++) {
+ for (i = 0; i < SSH_KEX_METHODS; i++) {
wanted = session->opts.wanted_methods[i];
if (wanted == NULL) {
if (ssh_fips_mode()) {
@@ -195,7 +195,7 @@ int ssh_server_init_kex(ssh_session session) {
}
/* free any currently-set methods: server_set_kex will allocate new ones */
- for (i = 0; i < 10 /* SSH_KEX_METHODS */; i++) {
+ for (i = 0; i < SSH_KEX_METHODS; i++) {
SAFE_FREE(session->next_crypto->server_kex.methods[i]);
}
diff --git a/src/session.c b/src/session.c
index 126562e2..9f1adc0d 100644
--- a/src/session.c
+++ b/src/session.c
@@ -314,7 +314,7 @@ void ssh_free(ssh_session session)
SAFE_FREE(session->opts.gss_client_identity);
SAFE_FREE(session->opts.pubkey_accepted_types);
- for (i = 0; i < 10; i++) {
+ for (i = 0; i < SSH_KEX_METHODS; i++) {
if (session->opts.wanted_methods[i]) {
SAFE_FREE(session->opts.wanted_methods[i]);
}
diff --git a/tests/unittests/torture_options.c b/tests/unittests/torture_options.c
index 63fa63d2..98dc5476 100644
--- a/tests/unittests/torture_options.c
+++ b/tests/unittests/torture_options.c
@@ -876,7 +876,7 @@ static void torture_options_copy(void **state)
assert_string_equal(session->opts.knownhosts, new->opts.knownhosts);
assert_string_equal(session->opts.global_knownhosts,
new->opts.global_knownhosts);
- for (i = 0; i < 10; i++) {
+ for (i = 0; i < SSH_KEX_METHODS; i++) {
if (session->opts.wanted_methods[i] == NULL) {
assert_null(new->opts.wanted_methods[i]);
} else {