server: Support for extension negotiation

This includes intercepting the ext-info-c string from the client kex proposal, configuring the server to allow using this extension and sending the SSH_MSG_EXT_INFO packet back to the client after the new keys are in use. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2025-12-12 15:41:16 +03:00 · 2018-07-03 16:16:25 +02:00
parent 60ad7ee15d
commit 6fa5e8adb0
3 changed files with 58 additions and 2 deletions
--- a/src/server.c
+++ b/src/server.c
@@ -67,7 +67,6 @@

 static int dh_handshake_server(ssh_session session);

-
 /**
 * @addtogroup libssh_server
 *
@@ -194,6 +193,37 @@ static int ssh_server_kexdh_init(ssh_session session, ssh_buffer packet){
    return SSH_OK;
 }

+static int ssh_server_send_extensions(ssh_session session) {
+    int rc;
+    const char *hostkey_algorithms;
+
+    SSH_LOG(SSH_LOG_PACKET, "Sending SSH_MSG_EXT_INFO");
+    /*
+     * We can list here all the default hostkey methods, since
+     * they already contain the SHA2 extension algorithms
+     */
+    hostkey_algorithms = ssh_kex_get_default_methods(SSH_HOSTKEYS);
+    rc = ssh_buffer_pack(session->out_buffer,
+                         "bdss",
+                         SSH2_MSG_EXT_INFO,
+                         1, /* nr. of extensions */
+                         "server-sig-algs",
+                         hostkey_algorithms);
+    if (rc != SSH_OK) {
+        goto error;
+    }
+
+    if (ssh_packet_send(session) == SSH_ERROR) {
+        goto error;
+    }
+
+    return 0;
+error:
+    ssh_buffer_reinit(session->out_buffer);
+
+    return -1;
+}
+
 SSH_PACKET_CALLBACK(ssh_packet_kexdh_init){
  int rc = SSH_ERROR;
  (void)type;
@@ -486,6 +516,15 @@ static void ssh_server_connection_callback(ssh_session session){
                session->session_state=SSH_SESSION_STATE_AUTHENTICATING;
                if (session->flags & SSH_SESSION_FLAG_AUTHENTICATED)
                    session->session_state = SSH_SESSION_STATE_AUTHENTICATED;
+
+               /*
+                * If the client supports extension negotiation, we will send
+                * our supported extensions now. This is the first message after
+                * sending NEWKEYS message and after turning on crypto.
+                */
+               if (session->extensions) {
+                   ssh_server_send_extensions(session);
+               }
            }
            break;
        case SSH_SESSION_STATE_AUTHENTICATING: