packet: Implement rekeying based on the recommendation from RFC's

The default rekeying recommendations are specified in RFC4344 Section 3 (First and Second Rekeying Recommendations). Additionally, the rekeying can be specified in configuration file/options allowing us to turn the rekeying off, base it on time or make it more strict. The code is highly inspired by the OpenSSH rekeying code. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Daiki Ueno <dueno@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
author: Jakub Jelen <jjelen@redhat.com> 2018-11-15 13:43:18 +0100
committer: Andreas Schneider <asn@cryptomilk.org> 2019-01-09 10:31:49 +0100
commit: 58cae2366a801d6d3702d2fa8895976d4c169bd7 (patch)
tree: 7234181cbf462cf18938fd34f7f8d1bce7a0e800 /src/server.c
parent: c86a00d06b732c57153bdd5677a5d77f7f1be0a9 (diff)
download: libssh-58cae2366a801d6d3702d2fa8895976d4c169bd7.tar.gz
libssh-58cae2366a801d6d3702d2fa8895976d4c169bd7.tar.xz
libssh-58cae2366a801d6d3702d2fa8895976d4c169bd7.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/src/server.c b/src/server.c
index 78e5ece6..c3e92ba6 100644
--- a/src/server.c
+++ b/src/server.c
@@ -82,7 +82,8 @@ static int dh_handshake_server(ssh_session session);
  * options that are currently set in the given ssh_session structure.
  */
 
-static int server_set_kex(ssh_session session) {
+int server_set_kex(ssh_session session)
+{
   struct ssh_kex_struct *server = &session->next_crypto->server_kex;
   int i, j, rc;
   const char *wanted;
author	Jakub Jelen <jjelen@redhat.com>	2018-11-15 13:43:18 +0100
committer	Andreas Schneider <asn@cryptomilk.org>	2019-01-09 10:31:49 +0100
commit	58cae2366a801d6d3702d2fa8895976d4c169bd7 (patch)
tree	7234181cbf462cf18938fd34f7f8d1bce7a0e800 /src/server.c
parent	c86a00d06b732c57153bdd5677a5d77f7f1be0a9 (diff)
download	libssh-58cae2366a801d6d3702d2fa8895976d4c169bd7.tar.gz libssh-58cae2366a801d6d3702d2fa8895976d4c169bd7.tar.xz libssh-58cae2366a801d6d3702d2fa8895976d4c169bd7.zip