server: Migrate hostkey check to new pki.

2025-11-29 01:03:57 +03:00 · 2011-08-22 15:22:58 +02:00
parent 9c376dd913
commit 90167f09d3
3 changed files with 11 additions and 8 deletions
--- a/include/libssh/session.h
+++ b/include/libssh/session.h
@@ -132,10 +132,12 @@ struct ssh_session_struct {
    struct {
        ssh_key rsa_key;
        ssh_key dsa_key;
+
+        /* The type of host key wanted by client */
+        enum ssh_keytypes_e hostkey;
    } srv;
    /* auths accepted by server */
    int auth_methods;
-    int hostkeys; /* contains type of host key wanted by client, in server impl */
    struct ssh_list *ssh_message_list; /* list of delayed SSH messages */
    int (*ssh_message_callback)( struct ssh_session_struct *session, ssh_message msg, void *userdata);
    void *ssh_message_callback_data;
--- a/src/server.c
+++ b/src/server.c
@@ -176,14 +176,16 @@ static int dh_handshake_server(ssh_session session) {
    return -1;
  }

-  switch(session->hostkeys){
+  switch(session->srv.hostkey) {
    case SSH_KEYTYPE_DSS:
      privkey = session->srv.dsa_key;
      break;
    case SSH_KEYTYPE_RSA:
+    case SSH_KEYTYPE_RSA1:
      privkey = session->srv.rsa_key;
      break;
-    default:
+    case SSH_KEYTYPE_ECDSA:
+    case SSH_KEYTYPE_UNKNOWN:
      privkey = NULL;
  }

--- a/src/wrapper.c
+++ b/src/wrapper.c
@@ -46,6 +46,7 @@
 #include "libssh/session.h"
 #include "libssh/crypto.h"
 #include "libssh/wrapper.h"
+#include "libssh/pki.h"

 /* it allocates a new cipher structure based on its offset into the global table */
 static struct crypto_struct *cipher_new(int offset) {
@@ -348,11 +349,9 @@ int crypt_set_algorithms_server(ssh_session session){
    server=session->server_kex.methods[SSH_HOSTKEYS];
    client=session->client_kex.methods[SSH_HOSTKEYS];
    match=ssh_find_matching(server,client);
-    if(match && !strcmp(match,"ssh-dss"))
-        session->hostkeys=SSH_KEYTYPE_DSS;
-    else if(match && !strcmp(match,"ssh-rsa"))
-        session->hostkeys=SSH_KEYTYPE_RSA;
-    else {
+    if (match) {
+        session->srv.hostkey = ssh_key_type_from_name(match);
+    } else {
        ssh_set_error(session, SSH_FATAL, "Cannot know what %s is into %s",
            match ? match : NULL, server);
        SAFE_FREE(match);