diff options
-rw-r--r-- | include/libssh/bind.h | 3 | ||||
-rw-r--r-- | include/libssh/session.h | 2 | ||||
-rw-r--r-- | src/bind.c | 4 | ||||
-rw-r--r-- | src/kex.c | 22 | ||||
-rw-r--r-- | src/options.c | 2 | ||||
-rw-r--r-- | src/server.c | 4 | ||||
-rw-r--r-- | src/session.c | 2 | ||||
-rw-r--r-- | tests/unittests/torture_options.c | 2 |
8 files changed, 20 insertions, 21 deletions
diff --git a/include/libssh/bind.h b/include/libssh/bind.h index 4ca23760..6b5f19dd 100644 --- a/include/libssh/bind.h +++ b/include/libssh/bind.h @@ -22,6 +22,7 @@ #define BIND_H_ #include "libssh/priv.h" +#include "libssh/kex.h" #include "libssh/session.h" struct ssh_bind_struct { @@ -31,7 +32,7 @@ struct ssh_bind_struct { struct ssh_poll_handle_struct *poll; /* options */ - char *wanted_methods[10]; + char *wanted_methods[SSH_KEX_METHODS]; char *banner; char *ecdsakey; char *dsakey; diff --git a/include/libssh/session.h b/include/libssh/session.h index af02237d..22256150 100644 --- a/include/libssh/session.h +++ b/include/libssh/session.h @@ -213,7 +213,7 @@ struct ssh_session_struct { char *sshdir; char *knownhosts; char *global_knownhosts; - char *wanted_methods[10]; + char *wanted_methods[SSH_KEX_METHODS]; char *pubkey_accepted_types; char *ProxyCommand; char *custombanner; @@ -411,7 +411,7 @@ void ssh_bind_free(ssh_bind sshbind){ ssh_key_free(sshbind->ed25519); sshbind->ed25519 = NULL; - for (i = 0; i < 10; i++) { + for (i = 0; i < SSH_KEX_METHODS; i++) { if (sshbind->wanted_methods[i]) { SAFE_FREE(sshbind->wanted_methods[i]); } @@ -442,7 +442,7 @@ int ssh_bind_accept_fd(ssh_bind sshbind, ssh_session session, socket_t fd){ session->server = 1; /* Copy options from bind to session */ - for (i = 0; i < 10; i++) { + for (i = 0; i < SSH_KEX_METHODS; i++) { if (sshbind->wanted_methods[i]) { session->opts.wanted_methods[i] = strdup(sshbind->wanted_methods[i]); if (session->opts.wanted_methods[i] == NULL) { @@ -159,8 +159,6 @@ GEX_SHA1 \ KEY_EXCHANGE -#define KEX_METHODS_SIZE 10 - /* RFC 8308 */ #define KEX_EXTENSION_CLIENT "ext-info-c" @@ -257,7 +255,7 @@ static const char *ssh_kex_descriptions[] = { const char *ssh_kex_get_default_methods(uint32_t algo) { - if (algo >= KEX_METHODS_SIZE) { + if (algo >= SSH_KEX_METHODS) { return NULL; } @@ -266,7 +264,7 @@ const char *ssh_kex_get_default_methods(uint32_t algo) const char *ssh_kex_get_supported_method(uint32_t algo) { - if (algo >= KEX_METHODS_SIZE) { + if (algo >= SSH_KEX_METHODS) { return NULL; } @@ -274,7 +272,7 @@ const char *ssh_kex_get_supported_method(uint32_t algo) } const char *ssh_kex_get_description(uint32_t algo) { - if (algo >= KEX_METHODS_SIZE) { + if (algo >= SSH_KEX_METHODS) { return NULL; } @@ -282,7 +280,7 @@ const char *ssh_kex_get_description(uint32_t algo) { } const char *ssh_kex_get_fips_methods(uint32_t algo) { - if (algo >= KEX_METHODS_SIZE) { + if (algo >= SSH_KEX_METHODS) { return NULL; } @@ -333,7 +331,7 @@ SSH_PACKET_CALLBACK(ssh_packet_kexinit) int i, ok; int server_kex = session->server; ssh_string str = NULL; - char *strings[KEX_METHODS_SIZE] = {0}; + char *strings[SSH_KEX_METHODS] = {0}; char *rsa_sig_ext = NULL; int rc = SSH_ERROR; @@ -376,7 +374,7 @@ SSH_PACKET_CALLBACK(ssh_packet_kexinit) } } - for (i = 0; i < KEX_METHODS_SIZE; i++) { + for (i = 0; i < SSH_KEX_METHODS; i++) { str = ssh_buffer_get_ssh_string(packet); if (str == NULL) { goto error; @@ -677,11 +675,11 @@ int ssh_set_client_kex(ssh_session session) return SSH_ERROR; } - memset(client->methods, 0, KEX_METHODS_SIZE * sizeof(char **)); + memset(client->methods, 0, SSH_KEX_METHODS * sizeof(char **)); /* Set the list of allowed algorithms in order of preference, if it hadn't * been set yet. */ - for (i = 0; i < KEX_METHODS_SIZE; i++) { + for (i = 0; i < SSH_KEX_METHODS; i++) { if (i == SSH_HOSTKEYS) { /* Set the hostkeys in the following order: * - First: keys present in known_hosts files ordered by preference @@ -750,7 +748,7 @@ int ssh_kex_select_methods (ssh_session session){ ext_start[0] = '\0'; } - for (i = 0; i < KEX_METHODS_SIZE; i++) { + for (i = 0; i < SSH_KEX_METHODS; i++) { session->next_crypto->kex_methods[i]=ssh_find_matching(server->methods[i],client->methods[i]); if(session->next_crypto->kex_methods[i] == NULL && i < SSH_LANG_C_S){ ssh_set_error(session,SSH_FATAL,"kex error : no match for method %s: server [%s], client [%s]", @@ -823,7 +821,7 @@ int ssh_send_kex(ssh_session session, int server_kex) { ssh_list_kex(kex); - for (i = 0; i < KEX_METHODS_SIZE; i++) { + for (i = 0; i < SSH_KEX_METHODS; i++) { str = ssh_string_from_char(kex->methods[i]); if (str == NULL) { goto error; diff --git a/src/options.c b/src/options.c index d9799e86..9c1a478f 100644 --- a/src/options.c +++ b/src/options.c @@ -154,7 +154,7 @@ int ssh_options_copy(ssh_session src, ssh_session *dest) } } - for (i = 0; i < 10; i++) { + for (i = 0; i < SSH_KEX_METHODS; i++) { if (src->opts.wanted_methods[i] != NULL) { new->opts.wanted_methods[i] = strdup(src->opts.wanted_methods[i]); if (new->opts.wanted_methods[i] == NULL) { diff --git a/src/server.c b/src/server.c index 14295fca..d34dee9d 100644 --- a/src/server.c +++ b/src/server.c @@ -166,7 +166,7 @@ int server_set_kex(ssh_session session) return -1; } - for (i = 0; i < 10; i++) { + for (i = 0; i < SSH_KEX_METHODS; i++) { wanted = session->opts.wanted_methods[i]; if (wanted == NULL) { if (ssh_fips_mode()) { @@ -195,7 +195,7 @@ int ssh_server_init_kex(ssh_session session) { } /* free any currently-set methods: server_set_kex will allocate new ones */ - for (i = 0; i < 10 /* SSH_KEX_METHODS */; i++) { + for (i = 0; i < SSH_KEX_METHODS; i++) { SAFE_FREE(session->next_crypto->server_kex.methods[i]); } diff --git a/src/session.c b/src/session.c index 126562e2..9f1adc0d 100644 --- a/src/session.c +++ b/src/session.c @@ -314,7 +314,7 @@ void ssh_free(ssh_session session) SAFE_FREE(session->opts.gss_client_identity); SAFE_FREE(session->opts.pubkey_accepted_types); - for (i = 0; i < 10; i++) { + for (i = 0; i < SSH_KEX_METHODS; i++) { if (session->opts.wanted_methods[i]) { SAFE_FREE(session->opts.wanted_methods[i]); } diff --git a/tests/unittests/torture_options.c b/tests/unittests/torture_options.c index 63fa63d2..98dc5476 100644 --- a/tests/unittests/torture_options.c +++ b/tests/unittests/torture_options.c @@ -876,7 +876,7 @@ static void torture_options_copy(void **state) assert_string_equal(session->opts.knownhosts, new->opts.knownhosts); assert_string_equal(session->opts.global_knownhosts, new->opts.global_knownhosts); - for (i = 0; i < 10; i++) { + for (i = 0; i < SSH_KEX_METHODS; i++) { if (session->opts.wanted_methods[i] == NULL) { assert_null(new->opts.wanted_methods[i]); } else { |