aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/auth.c5
-rw-r--r--src/base64.c4
-rw-r--r--src/bignum.c2
-rw-r--r--src/buffer.c4
-rw-r--r--src/channels.c4
-rw-r--r--src/client.c4
-rw-r--r--src/config.c1
-rw-r--r--src/connector.c2
-rw-r--r--src/dh.c7
-rw-r--r--src/error.c2
-rw-r--r--src/external/bcrypt_pbkdf.c2
-rw-r--r--src/external/fe25519.c2
-rw-r--r--src/external/ge25519.c2
-rw-r--r--src/external/sc25519.c2
-rw-r--r--src/match.c4
-rw-r--r--src/packet.c2
-rw-r--r--src/pki_crypto.c15
-rw-r--r--src/pki_ed25519.c2
-rw-r--r--src/server.c27
-rw-r--r--src/sftp.c4
-rw-r--r--src/sftpserver.c4
-rw-r--r--src/socket.c4
-rw-r--r--src/string.c4
23 files changed, 83 insertions, 26 deletions
diff --git a/src/auth.c b/src/auth.c
index 8a686dc2..59b6f134 100644
--- a/src/auth.c
+++ b/src/auth.c
@@ -22,9 +22,9 @@
* MA 02111-1307, USA.
*/
-#include <stdlib.h>
+#include "config.h"
+
#include <stdio.h>
-#include <string.h>
#ifndef _WIN32
#include <netinet/in.h>
@@ -707,6 +707,7 @@ static int ssh_userauth_agent_publickey(ssh_session session,
rc = ssh_buffer_add_ssh_string(session->out_buffer, str);
ssh_string_free(str);
+ str = NULL;
if (rc < 0) {
goto fail;
}
diff --git a/src/base64.c b/src/base64.c
index 2a162d0b..2bb33ee6 100644
--- a/src/base64.c
+++ b/src/base64.c
@@ -22,9 +22,9 @@
*/
/* just the dirtiest part of code i ever made */
-#include <string.h>
+#include "config.h"
+
#include <stdio.h>
-#include <stdlib.h>
#include "libssh/priv.h"
#include "libssh/buffer.h"
diff --git a/src/bignum.c b/src/bignum.c
index fd6cf954..346a08a8 100644
--- a/src/bignum.c
+++ b/src/bignum.c
@@ -19,6 +19,8 @@
* MA 02111-1307, USA.
*/
+#include "config.h"
+
#include <stdio.h>
#include "libssh/priv.h"
diff --git a/src/buffer.c b/src/buffer.c
index 2da6758a..96250e90 100644
--- a/src/buffer.c
+++ b/src/buffer.c
@@ -21,9 +21,9 @@
* MA 02111-1307, USA.
*/
+#include "config.h"
+
#include <limits.h>
-#include <stdlib.h>
-#include <string.h>
#include <stdarg.h>
#ifndef _WIN32
diff --git a/src/channels.c b/src/channels.c
index d32f0d7a..b74c4f3d 100644
--- a/src/channels.c
+++ b/src/channels.c
@@ -22,9 +22,9 @@
* MA 02111-1307, USA.
*/
+#include "config.h"
+
#include <limits.h>
-#include <string.h>
-#include <stdlib.h>
#include <stdio.h>
#include <errno.h>
#include <time.h>
diff --git a/src/client.c b/src/client.c
index 11a00229..6343dc6a 100644
--- a/src/client.c
+++ b/src/client.c
@@ -21,9 +21,9 @@
* MA 02111-1307, USA.
*/
+#include "config.h"
+
#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
#ifndef _WIN32
#include <netinet/in.h>
diff --git a/src/config.c b/src/config.c
index 42148df7..25d64998 100644
--- a/src/config.c
+++ b/src/config.c
@@ -251,6 +251,7 @@ static int ssh_config_parse_line(ssh_session session, const char *line,
opcode = ssh_config_get_opcode(keyword);
if (*parsing == 1 && opcode != SOC_HOST && opcode != SOC_UNSUPPORTED && opcode != SOC_INCLUDE) {
if (seen[opcode] != 0) {
+ SAFE_FREE(x);
return 0;
}
seen[opcode] = 1;
diff --git a/src/connector.c b/src/connector.c
index 54e85241..6f15ee28 100644
--- a/src/connector.c
+++ b/src/connector.c
@@ -19,6 +19,8 @@
* MA 02111-1307, USA.
*/
+#include "config.h"
+
#include "libssh/priv.h"
#include "libssh/poll.h"
#include "libssh/callbacks.h"
diff --git a/src/dh.c b/src/dh.c
index 0339be02..968af8ce 100644
--- a/src/dh.c
+++ b/src/dh.c
@@ -131,11 +131,18 @@ int ssh_get_random(void *where, int len, int strong){
return 1;
#elif defined HAVE_LIBCRYPTO
+# if OPENSSL_VERSION_NUMBER > 0x10100000L
+ /* variable not used in new libcrypto */
+ (void) strong;
+
+ return RAND_bytes(where, len);
+# else /* OPENSSL_VERSION_NUMBER */
if (strong) {
return RAND_bytes(where,len);
} else {
return RAND_pseudo_bytes(where,len);
}
+# endif /* OPENSSL_VERSION_NUMBER */
#endif
/* never reached */
diff --git a/src/error.c b/src/error.c
index bd755c4f..f1ba945b 100644
--- a/src/error.c
+++ b/src/error.c
@@ -21,6 +21,8 @@
* MA 02111-1307, USA.
*/
+#include "config.h"
+
#include <stdio.h>
#include <stdarg.h>
#include "libssh/priv.h"
diff --git a/src/external/bcrypt_pbkdf.c b/src/external/bcrypt_pbkdf.c
index 55868819..fdf84d0f 100644
--- a/src/external/bcrypt_pbkdf.c
+++ b/src/external/bcrypt_pbkdf.c
@@ -19,6 +19,8 @@
#ifndef HAVE_BCRYPT_PBKDF
+#include "config.h"
+
#include "libssh/priv.h"
#include "libssh/wrapper.h"
#include <stdlib.h>
diff --git a/src/external/fe25519.c b/src/external/fe25519.c
index db31f651..2b0b673e 100644
--- a/src/external/fe25519.c
+++ b/src/external/fe25519.c
@@ -4,6 +4,8 @@
* Copied from supercop-20130419/crypto_sign/ed25519/ref/fe25519.c
*/
+#include "config.h"
+
#define WINDOWSIZE 1 /* Should be 1,2, or 4 */
#define WINDOWMASK ((1<<WINDOWSIZE)-1)
diff --git a/src/external/ge25519.c b/src/external/ge25519.c
index b098cc5e..ffeb1d58 100644
--- a/src/external/ge25519.c
+++ b/src/external/ge25519.c
@@ -6,6 +6,8 @@
* Copied from supercop-20130419/crypto_sign/ed25519/ref/ge25519.c
*/
+#include "config.h"
+
#include "libssh/fe25519.h"
#include "libssh/sc25519.h"
#include "libssh/ge25519.h"
diff --git a/src/external/sc25519.c b/src/external/sc25519.c
index c7a02ee6..5f198d5b 100644
--- a/src/external/sc25519.c
+++ b/src/external/sc25519.c
@@ -4,6 +4,8 @@
* Copied from supercop-20130419/crypto_sign/ed25519/ref/sc25519.c
*/
+#include "config.h"
+
#include "libssh/priv.h"
#include "libssh/sc25519.h"
diff --git a/src/match.c b/src/match.c
index 53620bdd..c613a2e6 100644
--- a/src/match.c
+++ b/src/match.c
@@ -35,8 +35,9 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
+#include "config.h"
+
#include <ctype.h>
-#include <string.h>
#include <sys/types.h>
#include "libssh/priv.h"
@@ -109,6 +110,7 @@ static int match_pattern(const char *s, const char *pattern) {
}
/* NOTREACHED */
+ return 0;
}
/*
diff --git a/src/packet.c b/src/packet.c
index 33943aef..6e84dc80 100644
--- a/src/packet.c
+++ b/src/packet.c
@@ -220,7 +220,7 @@ int ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user)
/* Saves the status of the current operations */
session->in_packet.len = len;
session->packet_state = PACKET_STATE_SIZEREAD;
- /* FALL TROUGH */
+ FALL_THROUGH;
case PACKET_STATE_SIZEREAD:
len = session->in_packet.len;
to_be_read = len - blocksize + sizeof(uint32_t) + current_macsize;
diff --git a/src/pki_crypto.c b/src/pki_crypto.c
index 70ac6854..19821725 100644
--- a/src/pki_crypto.c
+++ b/src/pki_crypto.c
@@ -25,6 +25,8 @@
#ifndef _PKI_CRYPTO_H
#define _PKI_CRYPTO_H
+#include "config.h"
+
#include "libssh/priv.h"
#include <openssl/pem.h>
@@ -451,11 +453,24 @@ int pki_key_generate_rsa(ssh_key key, int parameter){
int pki_key_generate_dss(ssh_key key, int parameter){
int rc;
+#if OPENSSL_VERSION_NUMBER > 0x10100000L
+ rc = DSA_generate_parameters_ex(key->dsa,
+ parameter,
+ NULL, /* seed */
+ 0, /* seed_len */
+ NULL, /* counter_ret */
+ NULL, /* h_ret */
+ NULL); /* cb */
+ if (rc != 1) {
+ return SSH_ERROR;
+ }
+#else
key->dsa = DSA_generate_parameters(parameter, NULL, 0, NULL, NULL,
NULL, NULL);
if(key->dsa == NULL){
return SSH_ERROR;
}
+#endif
rc = DSA_generate_key(key->dsa);
if (rc != 1){
DSA_free(key->dsa);
diff --git a/src/pki_ed25519.c b/src/pki_ed25519.c
index 393948ac..8ff398cb 100644
--- a/src/pki_ed25519.c
+++ b/src/pki_ed25519.c
@@ -21,6 +21,8 @@
* MA 02111-1307, USA.
*/
+#include "config.h"
+
#include "libssh/pki.h"
#include "libssh/pki_priv.h"
#include "libssh/ed25519.h"
diff --git a/src/server.c b/src/server.c
index 25fdd0c5..b2552eaa 100644
--- a/src/server.c
+++ b/src/server.c
@@ -75,12 +75,12 @@ static int dh_handshake_server(ssh_session session);
*/
/** @internal
- * This functions sets the Key Exchange protocols to be accepted
- * by the server. They depend on
- * -What the user asked (via options)
- * -What is available (keys)
- * It should then accept the intersection of what the user asked
- * and what is available, and return an error if nothing matches
+ *
+ * @brief initialize the set of key exchange, hostkey, ciphers, MACs, and
+ * compression algorithms for the given ssh_session
+ *
+ * The selection of algorithms and keys used are determined by the
+ * options that are currently set in the given ssh_session structure.
*/
static int server_set_kex(ssh_session session) {
@@ -149,6 +149,21 @@ static int server_set_kex(ssh_session session) {
return 0;
}
+int ssh_server_init_kex(ssh_session session) {
+ int i;
+
+ if (session->session_state > SSH_SESSION_STATE_BANNER_RECEIVED) {
+ return SSH_ERROR;
+ }
+
+ /* free any currently-set methods: server_set_kex will allocate new ones */
+ for (i = 0; i < 10 /* SSH_KEX_METHODS */; i++) {
+ SAFE_FREE(session->next_crypto->server_kex.methods[i]);
+ }
+
+ return server_set_kex(session);
+}
+
/** @internal
* @brief parse an incoming SSH_MSG_KEXDH_INIT packet and complete
* key exchange
diff --git a/src/sftp.c b/src/sftp.c
index 3b8e0985..3b017baf 100644
--- a/src/sftp.c
+++ b/src/sftp.c
@@ -24,12 +24,12 @@
/* This file contains code written by Nick Zitzmann */
+#include "config.h"
+
#include <errno.h>
#include <ctype.h>
#include <fcntl.h>
-#include <stdlib.h>
#include <stdio.h>
-#include <string.h>
#include <stdio.h>
#include <sys/types.h>
#include <sys/stat.h>
diff --git a/src/sftpserver.c b/src/sftpserver.c
index 659a688a..820e9668 100644
--- a/src/sftpserver.c
+++ b/src/sftpserver.c
@@ -21,8 +21,8 @@
* MA 02111-1307, USA.
*/
-#include <stdlib.h>
-#include <string.h>
+#include "config.h"
+
#include <stdio.h>
#ifndef _WIN32
diff --git a/src/socket.c b/src/socket.c
index 76dc55e5..95dedbb2 100644
--- a/src/socket.c
+++ b/src/socket.c
@@ -21,9 +21,9 @@
* MA 02111-1307, USA.
*/
+#include "config.h"
+
#include <errno.h>
-#include <string.h>
-#include <stdlib.h>
#include <stdio.h>
#ifdef _WIN32
#include <winsock2.h>
diff --git a/src/string.c b/src/string.c
index ba112716..67bce7dc 100644
--- a/src/string.c
+++ b/src/string.c
@@ -21,10 +21,10 @@
* MA 02111-1307, USA.
*/
+#include "config.h"
+
#include <errno.h>
#include <limits.h>
-#include <stdlib.h>
-#include <string.h>
#ifndef _WIN32
#include <netinet/in.h>