packet: Implement rekeying based on the recommendation from RFC's

The default rekeying recommendations are specified in RFC4344 Section 3 (First and Second Rekeying Recommendations). Additionally, the rekeying can be specified in configuration file/options allowing us to turn the rekeying off, base it on time or make it more strict. The code is highly inspired by the OpenSSH rekeying code. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Daiki Ueno <dueno@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2025-12-02 01:17:52 +03:00 · 2018-11-15 13:43:18 +01:00
parent c86a00d06b
commit 58cae2366a
6 changed files with 248 additions and 6 deletions
--- a/src/session.c
+++ b/src/session.c
@@ -85,6 +85,11 @@ ssh_session ssh_new(void) {
    goto err;
  }

+  session->out_queue = ssh_list_new();
+  if (session->out_queue == NULL) {
+    goto err;
+  }
+
  session->alive = 0;
  session->auth.supported_methods = 0;
  ssh_set_blocking(session, 1);
@@ -166,9 +171,11 @@ err:
 * @see ssh_disconnect()
 * @see ssh_new()
 */
-void ssh_free(ssh_session session) {
+void ssh_free(ssh_session session)
+{
  int i;
-  struct ssh_iterator *it;
+  struct ssh_iterator *it = NULL;
+  struct ssh_buffer_struct *b = NULL;

  if (session == NULL) {
    return;
@@ -262,6 +269,12 @@ void ssh_free(ssh_session session) {
      ssh_list_free(session->opts.identity);
  }

+    while ((b = ssh_list_pop_head(struct ssh_buffer_struct *,
+                                  session->out_queue)) != NULL) {
+        ssh_buffer_free(b);
+    }
+    ssh_list_free(session->out_queue);
+
 #ifndef _WIN32
  ssh_agent_state_free (session->agent_state);
 #endif