8 files changed, 20 insertions, 21 deletions

diff --git a/include/libssh/bind.h b/include/libssh/bind.h
index 4ca23760..6b5f19dd 100644
--- a/include/libssh/bind.h
+++ b/include/libssh/bind.h
@@ -22,6 +22,7 @@
 #define BIND_H_
 
 #include "libssh/priv.h"
+#include "libssh/kex.h"
 #include "libssh/session.h"
 
 struct ssh_bind_struct {
@@ -31,7 +32,7 @@ struct ssh_bind_struct {
 
   struct ssh_poll_handle_struct *poll;
   /* options */
-  char *wanted_methods[10];
+  char *wanted_methods[SSH_KEX_METHODS];
   char *banner;
   char *ecdsakey;
   char *dsakey;
diff --git a/include/libssh/session.h b/include/libssh/session.h
index af02237d..22256150 100644
--- a/include/libssh/session.h
+++ b/include/libssh/session.h
@@ -213,7 +213,7 @@ struct ssh_session_struct {
         char *sshdir;
         char *knownhosts;
         char *global_knownhosts;
-        char *wanted_methods[10];
+        char *wanted_methods[SSH_KEX_METHODS];
         char *pubkey_accepted_types;
         char *ProxyCommand;
         char *custombanner;
diff --git a/src/bind.c b/src/bind.c
index 8b45ef8b..fa8df9ea 100644
--- a/src/bind.c
+++ b/src/bind.c
@@ -411,7 +411,7 @@ void ssh_bind_free(ssh_bind sshbind){
   ssh_key_free(sshbind->ed25519);
   sshbind->ed25519 = NULL;
 
-  for (i = 0; i < 10; i++) {
+  for (i = 0; i < SSH_KEX_METHODS; i++) {
     if (sshbind->wanted_methods[i]) {
       SAFE_FREE(sshbind->wanted_methods[i]);
     }
@@ -442,7 +442,7 @@ int ssh_bind_accept_fd(ssh_bind sshbind, ssh_session session, socket_t fd){
     session->server = 1;
 
     /* Copy options from bind to session */
-    for (i = 0; i < 10; i++) {
+    for (i = 0; i < SSH_KEX_METHODS; i++) {
       if (sshbind->wanted_methods[i]) {
         session->opts.wanted_methods[i] = strdup(sshbind->wanted_methods[i]);
         if (session->opts.wanted_methods[i] == NULL) {
diff --git a/src/kex.c b/src/kex.c
index ae0e3b42..a0e14266 100644
--- a/src/kex.c
+++ b/src/kex.c
@@ -159,8 +159,6 @@
     GEX_SHA1 \
     KEY_EXCHANGE
 
-#define KEX_METHODS_SIZE 10
-
 /* RFC 8308 */
 #define KEX_EXTENSION_CLIENT "ext-info-c"
 
@@ -257,7 +255,7 @@ static const char *ssh_kex_descriptions[] = {
 
 const char *ssh_kex_get_default_methods(uint32_t algo)
 {
-    if (algo >= KEX_METHODS_SIZE) {
+    if (algo >= SSH_KEX_METHODS) {
         return NULL;
     }
 
@@ -266,7 +264,7 @@ const char *ssh_kex_get_default_methods(uint32_t algo)
 
 const char *ssh_kex_get_supported_method(uint32_t algo)
 {
-    if (algo >= KEX_METHODS_SIZE) {
+    if (algo >= SSH_KEX_METHODS) {
         return NULL;
     }
 
@@ -274,7 +272,7 @@ const char *ssh_kex_get_supported_method(uint32_t algo)
 }
 
 const char *ssh_kex_get_description(uint32_t algo) {
-  if (algo >= KEX_METHODS_SIZE) {
+  if (algo >= SSH_KEX_METHODS) {
     return NULL;
   }
 
@@ -282,7 +280,7 @@ const char *ssh_kex_get_description(uint32_t algo) {
 }
 
 const char *ssh_kex_get_fips_methods(uint32_t algo) {
-  if (algo >= KEX_METHODS_SIZE) {
+  if (algo >= SSH_KEX_METHODS) {
     return NULL;
   }
 
@@ -333,7 +331,7 @@ SSH_PACKET_CALLBACK(ssh_packet_kexinit)
     int i, ok;
     int server_kex = session->server;
     ssh_string str = NULL;
-    char *strings[KEX_METHODS_SIZE] = {0};
+    char *strings[SSH_KEX_METHODS] = {0};
     char *rsa_sig_ext = NULL;
     int rc = SSH_ERROR;
 
@@ -376,7 +374,7 @@ SSH_PACKET_CALLBACK(ssh_packet_kexinit)
         }
     }
 
-    for (i = 0; i < KEX_METHODS_SIZE; i++) {
+    for (i = 0; i < SSH_KEX_METHODS; i++) {
         str = ssh_buffer_get_ssh_string(packet);
         if (str == NULL) {
           goto error;
@@ -677,11 +675,11 @@ int ssh_set_client_kex(ssh_session session)
         return SSH_ERROR;
     }
 
-    memset(client->methods, 0, KEX_METHODS_SIZE * sizeof(char **));
+    memset(client->methods, 0, SSH_KEX_METHODS * sizeof(char **));
 
     /* Set the list of allowed algorithms in order of preference, if it hadn't
      * been set yet. */
-    for (i = 0; i < KEX_METHODS_SIZE; i++) {
+    for (i = 0; i < SSH_KEX_METHODS; i++) {
         if (i == SSH_HOSTKEYS) {
             /* Set the hostkeys in the following order:
              * - First: keys present in known_hosts files ordered by preference
@@ -750,7 +748,7 @@ int ssh_kex_select_methods (ssh_session session){
         ext_start[0] = '\0';
     }
 
-    for (i = 0; i < KEX_METHODS_SIZE; i++) {
+    for (i = 0; i < SSH_KEX_METHODS; i++) {
         session->next_crypto->kex_methods[i]=ssh_find_matching(server->methods[i],client->methods[i]);
         if(session->next_crypto->kex_methods[i] == NULL && i < SSH_LANG_C_S){
             ssh_set_error(session,SSH_FATAL,"kex error : no match for method %s: server [%s], client [%s]",
@@ -823,7 +821,7 @@ int ssh_send_kex(ssh_session session, int server_kex) {
 
   ssh_list_kex(kex);
 
-  for (i = 0; i < KEX_METHODS_SIZE; i++) {
+  for (i = 0; i < SSH_KEX_METHODS; i++) {
     str = ssh_string_from_char(kex->methods[i]);
     if (str == NULL) {
       goto error;
diff --git a/src/options.c b/src/options.c
index d9799e86..9c1a478f 100644
--- a/src/options.c
+++ b/src/options.c
@@ -154,7 +154,7 @@ int ssh_options_copy(ssh_session src, ssh_session *dest)
         }
     }
 
-    for (i = 0; i < 10; i++) {
+    for (i = 0; i < SSH_KEX_METHODS; i++) {
         if (src->opts.wanted_methods[i] != NULL) {
             new->opts.wanted_methods[i] = strdup(src->opts.wanted_methods[i]);
             if (new->opts.wanted_methods[i] == NULL) {
diff --git a/src/server.c b/src/server.c
index 14295fca..d34dee9d 100644
--- a/src/server.c
+++ b/src/server.c
@@ -166,7 +166,7 @@ int server_set_kex(ssh_session session)
         return -1;
     }
 
-    for (i = 0; i < 10; i++) {
+    for (i = 0; i < SSH_KEX_METHODS; i++) {
         wanted = session->opts.wanted_methods[i];
         if (wanted  == NULL) {
             if (ssh_fips_mode()) {
@@ -195,7 +195,7 @@ int ssh_server_init_kex(ssh_session session) {
     }
 
     /* free any currently-set methods: server_set_kex will allocate new ones */
-    for (i = 0; i < 10 /* SSH_KEX_METHODS */; i++) {
+    for (i = 0; i < SSH_KEX_METHODS; i++) {
         SAFE_FREE(session->next_crypto->server_kex.methods[i]);
     }
 
diff --git a/src/session.c b/src/session.c
index 126562e2..9f1adc0d 100644
--- a/src/session.c
+++ b/src/session.c
@@ -314,7 +314,7 @@ void ssh_free(ssh_session session)
   SAFE_FREE(session->opts.gss_client_identity);
   SAFE_FREE(session->opts.pubkey_accepted_types);
 
-  for (i = 0; i < 10; i++) {
+  for (i = 0; i < SSH_KEX_METHODS; i++) {
       if (session->opts.wanted_methods[i]) {
           SAFE_FREE(session->opts.wanted_methods[i]);
       }
diff --git a/tests/unittests/torture_options.c b/tests/unittests/torture_options.c
index 63fa63d2..98dc5476 100644
--- a/tests/unittests/torture_options.c
+++ b/tests/unittests/torture_options.c
@@ -876,7 +876,7 @@ static void torture_options_copy(void **state)
     assert_string_equal(session->opts.knownhosts, new->opts.knownhosts);
     assert_string_equal(session->opts.global_knownhosts,
                         new->opts.global_knownhosts);
-    for (i = 0; i < 10; i++) {
+    for (i = 0; i < SSH_KEX_METHODS; i++) {
         if (session->opts.wanted_methods[i] == NULL) {
             assert_null(new->opts.wanted_methods[i]);
         } else {