diff options
author | Andreas Schneider <asn@cynapses.org> | 2010-09-06 14:28:38 +0200 |
---|---|---|
committer | Andreas Schneider <asn@cynapses.org> | 2010-09-06 14:28:38 +0200 |
commit | f7842e3a4b9acea2126ff725f993c299aef0e6db (patch) | |
tree | 18239f819a5edbcfc7f2961c48f3f9297314ef22 /libssh/wrapper.c | |
parent | 38421403d2dc45636e597f2a909daa6ae31976de (diff) | |
download | libssh-f7842e3a4b9acea2126ff725f993c299aef0e6db.tar.gz libssh-f7842e3a4b9acea2126ff725f993c299aef0e6db.tar.xz libssh-f7842e3a4b9acea2126ff725f993c299aef0e6db.zip |
misc: Rename libssh/ to src/
Diffstat (limited to 'libssh/wrapper.c')
-rw-r--r-- | libssh/wrapper.c | 325 |
1 files changed, 0 insertions, 325 deletions
diff --git a/libssh/wrapper.c b/libssh/wrapper.c deleted file mode 100644 index a78a93d9..00000000 --- a/libssh/wrapper.c +++ /dev/null @@ -1,325 +0,0 @@ -/* - * wrapper.c - wrapper for crytpo functions - * - * This file is part of the SSH Library - * - * Copyright (c) 2003 by Aris Adamantiadis - * - * The SSH Library is free software; you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License as published by - * the Free Software Foundation; either version 2.1 of the License, or (at your - * option) any later version. - * - * The SSH Library is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public - * License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with the SSH Library; see the file COPYING. If not, write to - * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, - * MA 02111-1307, USA. - */ - -/* - * Why a wrapper? - * - * Let's say you want to port libssh from libcrypto of openssl to libfoo - * you are going to spend hours to remove every references to SHA1_Update() - * to libfoo_sha1_update after the work is finished, you're going to have - * only this file to modify it's not needed to say that your modifications - * are welcome. - */ - -#include "config.h" - - -#include <stdlib.h> -#include <stdio.h> -#include <string.h> - -#include "libssh/priv.h" -#include "libssh/session.h" -#include "libssh/crypto.h" -#include "libssh/wrapper.h" - -/* it allocates a new cipher structure based on its offset into the global table */ -static struct crypto_struct *cipher_new(int offset) { - struct crypto_struct *cipher = NULL; - - cipher = malloc(sizeof(struct crypto_struct)); - if (cipher == NULL) { - return NULL; - } - - /* note the memcpy will copy the pointers : so, you shouldn't free them */ - memcpy(cipher, &ssh_get_ciphertab()[offset], sizeof(*cipher)); - - return cipher; -} - -static void cipher_free(struct crypto_struct *cipher) { -#ifdef HAVE_LIBGCRYPT - unsigned int i; -#endif - - if (cipher == NULL) { - return; - } - - if(cipher->key) { -#ifdef HAVE_LIBGCRYPT - for (i = 0; i < (cipher->keylen / sizeof(gcry_cipher_hd_t)); i++) { - gcry_cipher_close(cipher->key[i]); - } -#elif defined HAVE_LIBCRYPTO - /* destroy the key */ - memset(cipher->key, 0, cipher->keylen); -#endif - SAFE_FREE(cipher->key); - } - SAFE_FREE(cipher); -} - -struct ssh_crypto_struct *crypto_new(void) { - struct ssh_crypto_struct *crypto; - - crypto = malloc(sizeof(struct ssh_crypto_struct)); - if (crypto == NULL) { - return NULL; - } - ZERO_STRUCTP(crypto); - return crypto; -} - -void crypto_free(struct ssh_crypto_struct *crypto){ - if (crypto == NULL) { - return; - } - - SAFE_FREE(crypto->server_pubkey); - - cipher_free(crypto->in_cipher); - cipher_free(crypto->out_cipher); - - bignum_free(crypto->e); - bignum_free(crypto->f); - bignum_free(crypto->x); - bignum_free(crypto->y); - bignum_free(crypto->k); - /* lot of other things */ - /* i'm lost in my own code. good work */ - memset(crypto,0,sizeof(*crypto)); - - SAFE_FREE(crypto); -} - -static int crypt_set_algorithms2(ssh_session session){ - const char *wanted; - int i = 0; - struct crypto_struct *ssh_ciphertab=ssh_get_ciphertab(); - /* we must scan the kex entries to find crypto algorithms and set their appropriate structure */ - /* out */ - wanted = session->client_kex.methods[SSH_CRYPT_C_S]; - while (ssh_ciphertab[i].name && strcmp(wanted, ssh_ciphertab[i].name)) { - i++; - } - - if (ssh_ciphertab[i].name == NULL) { - ssh_set_error(session, SSH_FATAL, - "Crypt_set_algorithms2: no crypto algorithm function found for %s", - wanted); - return SSH_ERROR; - } - ssh_log(session, SSH_LOG_PACKET, "Set output algorithm to %s", wanted); - - session->next_crypto->out_cipher = cipher_new(i); - if (session->next_crypto->out_cipher == NULL) { - ssh_set_error(session, SSH_FATAL, "No space left"); - return SSH_ERROR; - } - i = 0; - - /* in */ - wanted = session->client_kex.methods[SSH_CRYPT_S_C]; - while (ssh_ciphertab[i].name && strcmp(wanted, ssh_ciphertab[i].name)) { - i++; - } - - if (ssh_ciphertab[i].name == NULL) { - ssh_set_error(session, SSH_FATAL, - "Crypt_set_algorithms: no crypto algorithm function found for %s", - wanted); - return SSH_ERROR; - } - ssh_log(session, SSH_LOG_PACKET, "Set input algorithm to %s", wanted); - - session->next_crypto->in_cipher = cipher_new(i); - if (session->next_crypto->in_cipher == NULL) { - ssh_set_error(session, SSH_FATAL, "Not enough space"); - return SSH_ERROR; - } - - /* compression */ - if (strcmp(session->client_kex.methods[SSH_COMP_C_S], "zlib") == 0) { - session->next_crypto->do_compress_out = 1; - } - if (strcmp(session->client_kex.methods[SSH_COMP_S_C], "zlib") == 0) { - session->next_crypto->do_compress_in = 1; - } - if (strcmp(session->client_kex.methods[SSH_COMP_C_S], "zlib@openssh.org") == 0) { - session->next_crypto->delayed_compress_out = 1; - } - if (strcmp(session->client_kex.methods[SSH_COMP_S_C], "zlib@openssh.org") == 0) { - session->next_crypto->delayed_compress_in = 1; - } - return SSH_OK; -} - -static int crypt_set_algorithms1(ssh_session session) { - int i = 0; - struct crypto_struct *ssh_ciphertab=ssh_get_ciphertab(); - - /* right now, we force 3des-cbc to be taken */ - while (ssh_ciphertab[i].name && strcmp(ssh_ciphertab[i].name, - "3des-cbc-ssh1")) { - i++; - } - - if (ssh_ciphertab[i].name == NULL) { - ssh_set_error(session, SSH_FATAL, "cipher 3des-cbc-ssh1 not found!"); - return -1; - } - - session->next_crypto->out_cipher = cipher_new(i); - if (session->next_crypto->out_cipher == NULL) { - ssh_set_error(session, SSH_FATAL, "No space left"); - return SSH_ERROR; - } - - session->next_crypto->in_cipher = cipher_new(i); - if (session->next_crypto->in_cipher == NULL) { - ssh_set_error(session, SSH_FATAL, "No space left"); - return SSH_ERROR; - } - - return SSH_OK; -} - -int crypt_set_algorithms(ssh_session session) { - return (session->version == 1) ? crypt_set_algorithms1(session) : - crypt_set_algorithms2(session); -} - -// TODO Obviously too much cut and paste here -int crypt_set_algorithms_server(ssh_session session){ - char *server = NULL; - char *client = NULL; - char *match = NULL; - int i = 0; - struct crypto_struct *ssh_ciphertab=ssh_get_ciphertab(); - - /* we must scan the kex entries to find crypto algorithms and set their appropriate structure */ - enter_function(); - /* out */ - server = session->server_kex.methods[SSH_CRYPT_S_C]; - if(session && session->client_kex.methods) { - client = session->client_kex.methods[SSH_CRYPT_S_C]; - } else { - ssh_log(session,SSH_LOG_PROTOCOL, "Client KEX empty"); - } - /* That's the client algorithms that are more important */ - match = ssh_find_matching(server,client); - - - if(!match){ - ssh_set_error(session,SSH_FATAL,"Crypt_set_algorithms_server : no matching algorithm function found for %s",server); - free(match); - leave_function(); - return SSH_ERROR; - } - while(ssh_ciphertab[i].name && strcmp(match,ssh_ciphertab[i].name)) - i++; - if(!ssh_ciphertab[i].name){ - ssh_set_error(session,SSH_FATAL,"Crypt_set_algorithms_server : no crypto algorithm function found for %s",server); - free(match); - leave_function(); - return SSH_ERROR; - } - ssh_log(session,SSH_LOG_PACKET,"Set output algorithm %s",match); - SAFE_FREE(match); - - session->next_crypto->out_cipher = cipher_new(i); - if (session->next_crypto->out_cipher == NULL) { - ssh_set_error(session, SSH_FATAL, "No space left"); - leave_function(); - return SSH_ERROR; - } - i=0; - /* in */ - client=session->client_kex.methods[SSH_CRYPT_C_S]; - server=session->server_kex.methods[SSH_CRYPT_S_C]; - match=ssh_find_matching(server,client); - if(!match){ - ssh_set_error(session,SSH_FATAL,"Crypt_set_algorithms_server : no matching algorithm function found for %s",server); - free(match); - leave_function(); - return SSH_ERROR; - } - while(ssh_ciphertab[i].name && strcmp(match,ssh_ciphertab[i].name)) - i++; - if(!ssh_ciphertab[i].name){ - ssh_set_error(session,SSH_FATAL,"Crypt_set_algorithms_server : no crypto algorithm function found for %s",server); - free(match); - leave_function(); - return SSH_ERROR; - } - ssh_log(session,SSH_LOG_PACKET,"Set input algorithm %s",match); - SAFE_FREE(match); - - session->next_crypto->in_cipher = cipher_new(i); - if (session->next_crypto->in_cipher == NULL) { - ssh_set_error(session, SSH_FATAL, "No space left"); - leave_function(); - return SSH_ERROR; - } - - /* compression */ - client=session->client_kex.methods[SSH_CRYPT_C_S]; - server=session->server_kex.methods[SSH_CRYPT_C_S]; - match=ssh_find_matching(server,client); - if(match && !strcmp(match,"zlib")){ - ssh_log(session,SSH_LOG_PACKET,"enabling C->S compression"); - session->next_crypto->do_compress_in=1; - } - SAFE_FREE(match); - - client=session->client_kex.methods[SSH_CRYPT_S_C]; - server=session->server_kex.methods[SSH_CRYPT_S_C]; - match=ssh_find_matching(server,client); - if(match && !strcmp(match,"zlib")){ - ssh_log(session,SSH_LOG_PACKET,"enabling S->C compression\n"); - session->next_crypto->do_compress_out=1; - } - SAFE_FREE(match); - - server=session->server_kex.methods[SSH_HOSTKEYS]; - client=session->client_kex.methods[SSH_HOSTKEYS]; - match=ssh_find_matching(server,client); - if(match && !strcmp(match,"ssh-dss")) - session->hostkeys=SSH_KEYTYPE_DSS; - else if(match && !strcmp(match,"ssh-rsa")) - session->hostkeys=SSH_KEYTYPE_RSA; - else { - ssh_set_error(session, SSH_FATAL, "Cannot know what %s is into %s", - match ? match : NULL, server); - SAFE_FREE(match); - leave_function(); - return SSH_ERROR; - } - SAFE_FREE(match); - leave_function(); - return SSH_OK; -} - -/* vim: set ts=2 sw=2 et cindent: */ |