diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/auth.c | 5 | ||||
| -rw-r--r-- | src/base64.c | 4 | ||||
| -rw-r--r-- | src/bignum.c | 2 | ||||
| -rw-r--r-- | src/buffer.c | 4 | ||||
| -rw-r--r-- | src/channels.c | 4 | ||||
| -rw-r--r-- | src/client.c | 4 | ||||
| -rw-r--r-- | src/config.c | 1 | ||||
| -rw-r--r-- | src/connector.c | 2 | ||||
| -rw-r--r-- | src/dh.c | 7 | ||||
| -rw-r--r-- | src/error.c | 2 | ||||
| -rw-r--r-- | src/external/bcrypt_pbkdf.c | 2 | ||||
| -rw-r--r-- | src/external/fe25519.c | 2 | ||||
| -rw-r--r-- | src/external/ge25519.c | 2 | ||||
| -rw-r--r-- | src/external/sc25519.c | 2 | ||||
| -rw-r--r-- | src/match.c | 4 | ||||
| -rw-r--r-- | src/packet.c | 2 | ||||
| -rw-r--r-- | src/pki_crypto.c | 15 | ||||
| -rw-r--r-- | src/pki_ed25519.c | 2 | ||||
| -rw-r--r-- | src/server.c | 27 | ||||
| -rw-r--r-- | src/sftp.c | 4 | ||||
| -rw-r--r-- | src/sftpserver.c | 4 | ||||
| -rw-r--r-- | src/socket.c | 4 | ||||
| -rw-r--r-- | src/string.c | 4 |
23 files changed, 83 insertions, 26 deletions
@@ -22,9 +22,9 @@ * MA 02111-1307, USA. */ -#include <stdlib.h> +#include "config.h" + #include <stdio.h> -#include <string.h> #ifndef _WIN32 #include <netinet/in.h> @@ -707,6 +707,7 @@ static int ssh_userauth_agent_publickey(ssh_session session, rc = ssh_buffer_add_ssh_string(session->out_buffer, str); ssh_string_free(str); + str = NULL; if (rc < 0) { goto fail; } diff --git a/src/base64.c b/src/base64.c index 2a162d0b..2bb33ee6 100644 --- a/src/base64.c +++ b/src/base64.c @@ -22,9 +22,9 @@ */ /* just the dirtiest part of code i ever made */ -#include <string.h> +#include "config.h" + #include <stdio.h> -#include <stdlib.h> #include "libssh/priv.h" #include "libssh/buffer.h" diff --git a/src/bignum.c b/src/bignum.c index fd6cf954..346a08a8 100644 --- a/src/bignum.c +++ b/src/bignum.c @@ -19,6 +19,8 @@ * MA 02111-1307, USA. */ +#include "config.h" + #include <stdio.h> #include "libssh/priv.h" diff --git a/src/buffer.c b/src/buffer.c index 2da6758a..96250e90 100644 --- a/src/buffer.c +++ b/src/buffer.c @@ -21,9 +21,9 @@ * MA 02111-1307, USA. */ +#include "config.h" + #include <limits.h> -#include <stdlib.h> -#include <string.h> #include <stdarg.h> #ifndef _WIN32 diff --git a/src/channels.c b/src/channels.c index d32f0d7a..b74c4f3d 100644 --- a/src/channels.c +++ b/src/channels.c @@ -22,9 +22,9 @@ * MA 02111-1307, USA. */ +#include "config.h" + #include <limits.h> -#include <string.h> -#include <stdlib.h> #include <stdio.h> #include <errno.h> #include <time.h> diff --git a/src/client.c b/src/client.c index 11a00229..6343dc6a 100644 --- a/src/client.c +++ b/src/client.c @@ -21,9 +21,9 @@ * MA 02111-1307, USA. */ +#include "config.h" + #include <stdio.h> -#include <stdlib.h> -#include <string.h> #ifndef _WIN32 #include <netinet/in.h> diff --git a/src/config.c b/src/config.c index 42148df7..25d64998 100644 --- a/src/config.c +++ b/src/config.c @@ -251,6 +251,7 @@ static int ssh_config_parse_line(ssh_session session, const char *line, opcode = ssh_config_get_opcode(keyword); if (*parsing == 1 && opcode != SOC_HOST && opcode != SOC_UNSUPPORTED && opcode != SOC_INCLUDE) { if (seen[opcode] != 0) { + SAFE_FREE(x); return 0; } seen[opcode] = 1; diff --git a/src/connector.c b/src/connector.c index 54e85241..6f15ee28 100644 --- a/src/connector.c +++ b/src/connector.c @@ -19,6 +19,8 @@ * MA 02111-1307, USA. */ +#include "config.h" + #include "libssh/priv.h" #include "libssh/poll.h" #include "libssh/callbacks.h" @@ -131,11 +131,18 @@ int ssh_get_random(void *where, int len, int strong){ return 1; #elif defined HAVE_LIBCRYPTO +# if OPENSSL_VERSION_NUMBER > 0x10100000L + /* variable not used in new libcrypto */ + (void) strong; + + return RAND_bytes(where, len); +# else /* OPENSSL_VERSION_NUMBER */ if (strong) { return RAND_bytes(where,len); } else { return RAND_pseudo_bytes(where,len); } +# endif /* OPENSSL_VERSION_NUMBER */ #endif /* never reached */ diff --git a/src/error.c b/src/error.c index bd755c4f..f1ba945b 100644 --- a/src/error.c +++ b/src/error.c @@ -21,6 +21,8 @@ * MA 02111-1307, USA. */ +#include "config.h" + #include <stdio.h> #include <stdarg.h> #include "libssh/priv.h" diff --git a/src/external/bcrypt_pbkdf.c b/src/external/bcrypt_pbkdf.c index 55868819..fdf84d0f 100644 --- a/src/external/bcrypt_pbkdf.c +++ b/src/external/bcrypt_pbkdf.c @@ -19,6 +19,8 @@ #ifndef HAVE_BCRYPT_PBKDF +#include "config.h" + #include "libssh/priv.h" #include "libssh/wrapper.h" #include <stdlib.h> diff --git a/src/external/fe25519.c b/src/external/fe25519.c index db31f651..2b0b673e 100644 --- a/src/external/fe25519.c +++ b/src/external/fe25519.c @@ -4,6 +4,8 @@ * Copied from supercop-20130419/crypto_sign/ed25519/ref/fe25519.c */ +#include "config.h" + #define WINDOWSIZE 1 /* Should be 1,2, or 4 */ #define WINDOWMASK ((1<<WINDOWSIZE)-1) diff --git a/src/external/ge25519.c b/src/external/ge25519.c index b098cc5e..ffeb1d58 100644 --- a/src/external/ge25519.c +++ b/src/external/ge25519.c @@ -6,6 +6,8 @@ * Copied from supercop-20130419/crypto_sign/ed25519/ref/ge25519.c */ +#include "config.h" + #include "libssh/fe25519.h" #include "libssh/sc25519.h" #include "libssh/ge25519.h" diff --git a/src/external/sc25519.c b/src/external/sc25519.c index c7a02ee6..5f198d5b 100644 --- a/src/external/sc25519.c +++ b/src/external/sc25519.c @@ -4,6 +4,8 @@ * Copied from supercop-20130419/crypto_sign/ed25519/ref/sc25519.c */ +#include "config.h" + #include "libssh/priv.h" #include "libssh/sc25519.h" diff --git a/src/match.c b/src/match.c index 53620bdd..c613a2e6 100644 --- a/src/match.c +++ b/src/match.c @@ -35,8 +35,9 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ +#include "config.h" + #include <ctype.h> -#include <string.h> #include <sys/types.h> #include "libssh/priv.h" @@ -109,6 +110,7 @@ static int match_pattern(const char *s, const char *pattern) { } /* NOTREACHED */ + return 0; } /* diff --git a/src/packet.c b/src/packet.c index 33943aef..6e84dc80 100644 --- a/src/packet.c +++ b/src/packet.c @@ -220,7 +220,7 @@ int ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user) /* Saves the status of the current operations */ session->in_packet.len = len; session->packet_state = PACKET_STATE_SIZEREAD; - /* FALL TROUGH */ + FALL_THROUGH; case PACKET_STATE_SIZEREAD: len = session->in_packet.len; to_be_read = len - blocksize + sizeof(uint32_t) + current_macsize; diff --git a/src/pki_crypto.c b/src/pki_crypto.c index 70ac6854..19821725 100644 --- a/src/pki_crypto.c +++ b/src/pki_crypto.c @@ -25,6 +25,8 @@ #ifndef _PKI_CRYPTO_H #define _PKI_CRYPTO_H +#include "config.h" + #include "libssh/priv.h" #include <openssl/pem.h> @@ -451,11 +453,24 @@ int pki_key_generate_rsa(ssh_key key, int parameter){ int pki_key_generate_dss(ssh_key key, int parameter){ int rc; +#if OPENSSL_VERSION_NUMBER > 0x10100000L + rc = DSA_generate_parameters_ex(key->dsa, + parameter, + NULL, /* seed */ + 0, /* seed_len */ + NULL, /* counter_ret */ + NULL, /* h_ret */ + NULL); /* cb */ + if (rc != 1) { + return SSH_ERROR; + } +#else key->dsa = DSA_generate_parameters(parameter, NULL, 0, NULL, NULL, NULL, NULL); if(key->dsa == NULL){ return SSH_ERROR; } +#endif rc = DSA_generate_key(key->dsa); if (rc != 1){ DSA_free(key->dsa); diff --git a/src/pki_ed25519.c b/src/pki_ed25519.c index 393948ac..8ff398cb 100644 --- a/src/pki_ed25519.c +++ b/src/pki_ed25519.c @@ -21,6 +21,8 @@ * MA 02111-1307, USA. */ +#include "config.h" + #include "libssh/pki.h" #include "libssh/pki_priv.h" #include "libssh/ed25519.h" diff --git a/src/server.c b/src/server.c index 25fdd0c5..b2552eaa 100644 --- a/src/server.c +++ b/src/server.c @@ -75,12 +75,12 @@ static int dh_handshake_server(ssh_session session); */ /** @internal - * This functions sets the Key Exchange protocols to be accepted - * by the server. They depend on - * -What the user asked (via options) - * -What is available (keys) - * It should then accept the intersection of what the user asked - * and what is available, and return an error if nothing matches + * + * @brief initialize the set of key exchange, hostkey, ciphers, MACs, and + * compression algorithms for the given ssh_session + * + * The selection of algorithms and keys used are determined by the + * options that are currently set in the given ssh_session structure. */ static int server_set_kex(ssh_session session) { @@ -149,6 +149,21 @@ static int server_set_kex(ssh_session session) { return 0; } +int ssh_server_init_kex(ssh_session session) { + int i; + + if (session->session_state > SSH_SESSION_STATE_BANNER_RECEIVED) { + return SSH_ERROR; + } + + /* free any currently-set methods: server_set_kex will allocate new ones */ + for (i = 0; i < 10 /* SSH_KEX_METHODS */; i++) { + SAFE_FREE(session->next_crypto->server_kex.methods[i]); + } + + return server_set_kex(session); +} + /** @internal * @brief parse an incoming SSH_MSG_KEXDH_INIT packet and complete * key exchange @@ -24,12 +24,12 @@ /* This file contains code written by Nick Zitzmann */ +#include "config.h" + #include <errno.h> #include <ctype.h> #include <fcntl.h> -#include <stdlib.h> #include <stdio.h> -#include <string.h> #include <stdio.h> #include <sys/types.h> #include <sys/stat.h> diff --git a/src/sftpserver.c b/src/sftpserver.c index 659a688a..820e9668 100644 --- a/src/sftpserver.c +++ b/src/sftpserver.c @@ -21,8 +21,8 @@ * MA 02111-1307, USA. */ -#include <stdlib.h> -#include <string.h> +#include "config.h" + #include <stdio.h> #ifndef _WIN32 diff --git a/src/socket.c b/src/socket.c index 76dc55e5..95dedbb2 100644 --- a/src/socket.c +++ b/src/socket.c @@ -21,9 +21,9 @@ * MA 02111-1307, USA. */ +#include "config.h" + #include <errno.h> -#include <string.h> -#include <stdlib.h> #include <stdio.h> #ifdef _WIN32 #include <winsock2.h> diff --git a/src/string.c b/src/string.c index ba112716..67bce7dc 100644 --- a/src/string.c +++ b/src/string.c @@ -21,10 +21,10 @@ * MA 02111-1307, USA. */ +#include "config.h" + #include <errno.h> #include <limits.h> -#include <stdlib.h> -#include <string.h> #ifndef _WIN32 #include <netinet/in.h> |