diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/CMakeLists.txt | 8 | ||||
-rw-r--r-- | src/client.c | 4 | ||||
-rw-r--r-- | src/dh.c | 2 | ||||
-rw-r--r-- | src/kex.c | 15 | ||||
-rw-r--r-- | src/wrapper.c | 4 |
5 files changed, 32 insertions, 1 deletions
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index ff3b3a47..3261d42c 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -126,7 +126,6 @@ set(libssh_SRCS connector.c curve25519.c dh.c - dh-gex.c ecdh.c error.c getpass.c @@ -243,6 +242,13 @@ if (WITH_SERVER) ) endif (WITH_SERVER) +if (WITH_GEX) + set(libssh_SRCS + ${libssh_SRCS} + dh-gex.c + ) +endif (WITH_GEX) + if (WITH_ZLIB) set(libssh_SRCS ${libssh_SRCS} diff --git a/src/client.c b/src/client.c index 64e81115..a36358fe 100644 --- a/src/client.c +++ b/src/client.c @@ -38,7 +38,9 @@ #include "libssh/socket.h" #include "libssh/session.h" #include "libssh/dh.h" +#ifdef WITH_GEX #include "libssh/dh-gex.h" +#endif /* WITH_GEX */ #include "libssh/ecdh.h" #include "libssh/threads.h" #include "libssh/misc.h" @@ -254,10 +256,12 @@ static int dh_handshake(ssh_session session) { case SSH_KEX_DH_GROUP18_SHA512: rc = ssh_client_dh_init(session); break; +#ifdef WITH_GEX case SSH_KEX_DH_GEX_SHA1: case SSH_KEX_DH_GEX_SHA256: rc = ssh_client_dhgex_init(session); break; +#endif /* WITH_GEX */ #ifdef HAVE_ECDH case SSH_KEX_ECDH_SHA2_NISTP256: case SSH_KEX_ECDH_SHA2_NISTP384: @@ -673,10 +673,12 @@ int ssh_server_dh_process_init(ssh_session session, ssh_buffer packet) case SSH_KEX_DH_GROUP18_SHA512: packet_type = SSH2_MSG_KEXDH_REPLY; break; +#ifdef WITH_GEX case SSH_KEX_DH_GEX_SHA1: case SSH_KEX_DH_GEX_SHA256: packet_type = SSH2_MSG_KEX_DH_GEX_REPLY; break; +#endif /* WITH_GEX */ default: ssh_set_error(session, SSH_FATAL, "Invalid kex type"); goto error; @@ -31,7 +31,9 @@ #include "libssh/priv.h" #include "libssh/buffer.h" #include "libssh/dh.h" +#ifdef WITH_GEX #include "libssh/dh-gex.h" +#endif /* WITH_GEX */ #include "libssh/kex.h" #include "libssh/session.h" #include "libssh/ssh2.h" @@ -114,8 +116,13 @@ #define ECDH "" #endif +#ifdef WITH_GEX #define GEX_SHA256 "diffie-hellman-group-exchange-sha256," #define GEX_SHA1 "diffie-hellman-group-exchange-sha1," +#else +#define GEX_SHA256 +#define GEX_SHA1 +#endif /* WITH_GEX */ #define CHACHA20 "chacha20-poly1305@openssh.com," @@ -838,10 +845,12 @@ int ssh_kex_select_methods (ssh_session session){ session->next_crypto->kex_type=SSH_KEX_DH_GROUP16_SHA512; } else if(strcmp(session->next_crypto->kex_methods[SSH_KEX], "diffie-hellman-group18-sha512") == 0){ session->next_crypto->kex_type=SSH_KEX_DH_GROUP18_SHA512; +#ifdef WITH_GEX } else if(strcmp(session->next_crypto->kex_methods[SSH_KEX], "diffie-hellman-group-exchange-sha1") == 0){ session->next_crypto->kex_type=SSH_KEX_DH_GEX_SHA1; } else if(strcmp(session->next_crypto->kex_methods[SSH_KEX], "diffie-hellman-group-exchange-sha256") == 0){ session->next_crypto->kex_type=SSH_KEX_DH_GEX_SHA256; +#endif /* WITH_GEX */ } else if(strcmp(session->next_crypto->kex_methods[SSH_KEX], "ecdh-sha2-nistp256") == 0){ session->next_crypto->kex_type=SSH_KEX_ECDH_SHA2_NISTP256; } else if(strcmp(session->next_crypto->kex_methods[SSH_KEX], "ecdh-sha2-nistp384") == 0){ @@ -1096,6 +1105,7 @@ int ssh_make_sessionid(ssh_session session) goto error; } break; +#ifdef WITH_GEX case SSH_KEX_DH_GEX_SHA1: case SSH_KEX_DH_GEX_SHA256: rc = ssh_buffer_pack(buf, @@ -1111,6 +1121,7 @@ int ssh_make_sessionid(ssh_session session) goto error; } break; +#endif /* WITH_GEX */ #ifdef HAVE_ECDH case SSH_KEX_ECDH_SHA2_NISTP256: case SSH_KEX_ECDH_SHA2_NISTP384: @@ -1157,7 +1168,9 @@ int ssh_make_sessionid(ssh_session session) switch (session->next_crypto->kex_type) { case SSH_KEX_DH_GROUP1_SHA1: case SSH_KEX_DH_GROUP14_SHA1: +#ifdef WITH_GEX case SSH_KEX_DH_GEX_SHA1: +#endif /* WITH_GEX */ session->next_crypto->digest_len = SHA_DIGEST_LENGTH; session->next_crypto->mac_type = SSH_MAC_SHA1; session->next_crypto->secret_hash = malloc(session->next_crypto->digest_len); @@ -1171,7 +1184,9 @@ int ssh_make_sessionid(ssh_session session) case SSH_KEX_ECDH_SHA2_NISTP256: case SSH_KEX_CURVE25519_SHA256: case SSH_KEX_CURVE25519_SHA256_LIBSSH_ORG: +#ifdef WITH_GEX case SSH_KEX_DH_GEX_SHA256: +#endif /* WITH_GEX */ session->next_crypto->digest_len = SHA256_DIGEST_LENGTH; session->next_crypto->mac_type = SSH_MAC_SHA256; session->next_crypto->secret_hash = malloc(session->next_crypto->digest_len); diff --git a/src/wrapper.c b/src/wrapper.c index 46ab22c5..79603455 100644 --- a/src/wrapper.c +++ b/src/wrapper.c @@ -49,7 +49,9 @@ #include "libssh/pki.h" #include "libssh/poly1305.h" #include "libssh/dh.h" +#ifdef WITH_GEX #include "libssh/dh-gex.h" +#endif /* WITH_GEX */ #include "libssh/ecdh.h" #include "libssh/curve25519.h" @@ -539,10 +541,12 @@ int crypt_set_algorithms_server(ssh_session session){ case SSH_KEX_DH_GROUP18_SHA512: ssh_server_dh_init(session); break; +#ifdef WITH_GEX case SSH_KEX_DH_GEX_SHA1: case SSH_KEX_DH_GEX_SHA256: ssh_server_dhgex_init(session); break; +#endif /* WITH_GEX */ #ifdef HAVE_ECDH case SSH_KEX_ECDH_SHA2_NISTP256: case SSH_KEX_ECDH_SHA2_NISTP384: |