aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/CMakeLists.txt8
-rw-r--r--src/client.c4
-rw-r--r--src/dh.c2
-rw-r--r--src/kex.c15
-rw-r--r--src/wrapper.c4
5 files changed, 32 insertions, 1 deletions
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index ff3b3a47..3261d42c 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -126,7 +126,6 @@ set(libssh_SRCS
connector.c
curve25519.c
dh.c
- dh-gex.c
ecdh.c
error.c
getpass.c
@@ -243,6 +242,13 @@ if (WITH_SERVER)
)
endif (WITH_SERVER)
+if (WITH_GEX)
+ set(libssh_SRCS
+ ${libssh_SRCS}
+ dh-gex.c
+ )
+endif (WITH_GEX)
+
if (WITH_ZLIB)
set(libssh_SRCS
${libssh_SRCS}
diff --git a/src/client.c b/src/client.c
index 64e81115..a36358fe 100644
--- a/src/client.c
+++ b/src/client.c
@@ -38,7 +38,9 @@
#include "libssh/socket.h"
#include "libssh/session.h"
#include "libssh/dh.h"
+#ifdef WITH_GEX
#include "libssh/dh-gex.h"
+#endif /* WITH_GEX */
#include "libssh/ecdh.h"
#include "libssh/threads.h"
#include "libssh/misc.h"
@@ -254,10 +256,12 @@ static int dh_handshake(ssh_session session) {
case SSH_KEX_DH_GROUP18_SHA512:
rc = ssh_client_dh_init(session);
break;
+#ifdef WITH_GEX
case SSH_KEX_DH_GEX_SHA1:
case SSH_KEX_DH_GEX_SHA256:
rc = ssh_client_dhgex_init(session);
break;
+#endif /* WITH_GEX */
#ifdef HAVE_ECDH
case SSH_KEX_ECDH_SHA2_NISTP256:
case SSH_KEX_ECDH_SHA2_NISTP384:
diff --git a/src/dh.c b/src/dh.c
index c4867995..b6ae33c6 100644
--- a/src/dh.c
+++ b/src/dh.c
@@ -673,10 +673,12 @@ int ssh_server_dh_process_init(ssh_session session, ssh_buffer packet)
case SSH_KEX_DH_GROUP18_SHA512:
packet_type = SSH2_MSG_KEXDH_REPLY;
break;
+#ifdef WITH_GEX
case SSH_KEX_DH_GEX_SHA1:
case SSH_KEX_DH_GEX_SHA256:
packet_type = SSH2_MSG_KEX_DH_GEX_REPLY;
break;
+#endif /* WITH_GEX */
default:
ssh_set_error(session, SSH_FATAL, "Invalid kex type");
goto error;
diff --git a/src/kex.c b/src/kex.c
index c5bb7e1d..463bbbff 100644
--- a/src/kex.c
+++ b/src/kex.c
@@ -31,7 +31,9 @@
#include "libssh/priv.h"
#include "libssh/buffer.h"
#include "libssh/dh.h"
+#ifdef WITH_GEX
#include "libssh/dh-gex.h"
+#endif /* WITH_GEX */
#include "libssh/kex.h"
#include "libssh/session.h"
#include "libssh/ssh2.h"
@@ -114,8 +116,13 @@
#define ECDH ""
#endif
+#ifdef WITH_GEX
#define GEX_SHA256 "diffie-hellman-group-exchange-sha256,"
#define GEX_SHA1 "diffie-hellman-group-exchange-sha1,"
+#else
+#define GEX_SHA256
+#define GEX_SHA1
+#endif /* WITH_GEX */
#define CHACHA20 "chacha20-poly1305@openssh.com,"
@@ -838,10 +845,12 @@ int ssh_kex_select_methods (ssh_session session){
session->next_crypto->kex_type=SSH_KEX_DH_GROUP16_SHA512;
} else if(strcmp(session->next_crypto->kex_methods[SSH_KEX], "diffie-hellman-group18-sha512") == 0){
session->next_crypto->kex_type=SSH_KEX_DH_GROUP18_SHA512;
+#ifdef WITH_GEX
} else if(strcmp(session->next_crypto->kex_methods[SSH_KEX], "diffie-hellman-group-exchange-sha1") == 0){
session->next_crypto->kex_type=SSH_KEX_DH_GEX_SHA1;
} else if(strcmp(session->next_crypto->kex_methods[SSH_KEX], "diffie-hellman-group-exchange-sha256") == 0){
session->next_crypto->kex_type=SSH_KEX_DH_GEX_SHA256;
+#endif /* WITH_GEX */
} else if(strcmp(session->next_crypto->kex_methods[SSH_KEX], "ecdh-sha2-nistp256") == 0){
session->next_crypto->kex_type=SSH_KEX_ECDH_SHA2_NISTP256;
} else if(strcmp(session->next_crypto->kex_methods[SSH_KEX], "ecdh-sha2-nistp384") == 0){
@@ -1096,6 +1105,7 @@ int ssh_make_sessionid(ssh_session session)
goto error;
}
break;
+#ifdef WITH_GEX
case SSH_KEX_DH_GEX_SHA1:
case SSH_KEX_DH_GEX_SHA256:
rc = ssh_buffer_pack(buf,
@@ -1111,6 +1121,7 @@ int ssh_make_sessionid(ssh_session session)
goto error;
}
break;
+#endif /* WITH_GEX */
#ifdef HAVE_ECDH
case SSH_KEX_ECDH_SHA2_NISTP256:
case SSH_KEX_ECDH_SHA2_NISTP384:
@@ -1157,7 +1168,9 @@ int ssh_make_sessionid(ssh_session session)
switch (session->next_crypto->kex_type) {
case SSH_KEX_DH_GROUP1_SHA1:
case SSH_KEX_DH_GROUP14_SHA1:
+#ifdef WITH_GEX
case SSH_KEX_DH_GEX_SHA1:
+#endif /* WITH_GEX */
session->next_crypto->digest_len = SHA_DIGEST_LENGTH;
session->next_crypto->mac_type = SSH_MAC_SHA1;
session->next_crypto->secret_hash = malloc(session->next_crypto->digest_len);
@@ -1171,7 +1184,9 @@ int ssh_make_sessionid(ssh_session session)
case SSH_KEX_ECDH_SHA2_NISTP256:
case SSH_KEX_CURVE25519_SHA256:
case SSH_KEX_CURVE25519_SHA256_LIBSSH_ORG:
+#ifdef WITH_GEX
case SSH_KEX_DH_GEX_SHA256:
+#endif /* WITH_GEX */
session->next_crypto->digest_len = SHA256_DIGEST_LENGTH;
session->next_crypto->mac_type = SSH_MAC_SHA256;
session->next_crypto->secret_hash = malloc(session->next_crypto->digest_len);
diff --git a/src/wrapper.c b/src/wrapper.c
index 46ab22c5..79603455 100644
--- a/src/wrapper.c
+++ b/src/wrapper.c
@@ -49,7 +49,9 @@
#include "libssh/pki.h"
#include "libssh/poly1305.h"
#include "libssh/dh.h"
+#ifdef WITH_GEX
#include "libssh/dh-gex.h"
+#endif /* WITH_GEX */
#include "libssh/ecdh.h"
#include "libssh/curve25519.h"
@@ -539,10 +541,12 @@ int crypt_set_algorithms_server(ssh_session session){
case SSH_KEX_DH_GROUP18_SHA512:
ssh_server_dh_init(session);
break;
+#ifdef WITH_GEX
case SSH_KEX_DH_GEX_SHA1:
case SSH_KEX_DH_GEX_SHA256:
ssh_server_dhgex_init(session);
break;
+#endif /* WITH_GEX */
#ifdef HAVE_ECDH
case SSH_KEX_ECDH_SHA2_NISTP256:
case SSH_KEX_ECDH_SHA2_NISTP384: