lib/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2025-11-29 01:03:57 +03:00
Code Activity

server: Migrate hostkey check to new pki.

Browse Source
This commit is contained in:
Andreas Schneider
2011-08-22 15:22:58 +02:00
parent 9c376dd913
commit 90167f09d3
3 changed files with 11 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
include/libssh/session.h
View File

@@ -132,10 +132,12 @@ struct ssh_session_struct {
struct { struct {
ssh_key rsa_key; ssh_key rsa_key;
ssh_key dsa_key; ssh_key dsa_key;
/* The type of host key wanted by client */
enum ssh_keytypes_e hostkey;
} srv; } srv;
/* auths accepted by server */ /* auths accepted by server */
int auth_methods; int auth_methods;
int hostkeys; /* contains type of host key wanted by client, in server impl */
struct ssh_list *ssh_message_list; /* list of delayed SSH messages */ struct ssh_list *ssh_message_list; /* list of delayed SSH messages */
int (*ssh_message_callback)( struct ssh_session_struct *session, ssh_message msg, void *userdata); int (*ssh_message_callback)( struct ssh_session_struct *session, ssh_message msg, void *userdata);
void *ssh_message_callback_data; void *ssh_message_callback_data;

6
src/server.c
View File

@@ -176,14 +176,16 @@ static int dh_handshake_server(ssh_session session) {
return -1; return -1;
} }
switch(session->hostkeys){ switch(session->srv.hostkey) {
case SSH_KEYTYPE_DSS: case SSH_KEYTYPE_DSS:
privkey = session->srv.dsa_key; privkey = session->srv.dsa_key;
break; break;
case SSH_KEYTYPE_RSA: case SSH_KEYTYPE_RSA:
case SSH_KEYTYPE_RSA1:
privkey = session->srv.rsa_key; privkey = session->srv.rsa_key;
break; break;
default: case SSH_KEYTYPE_ECDSA:
case SSH_KEYTYPE_UNKNOWN:
privkey = NULL; privkey = NULL;
} }

9
src/wrapper.c
View File

@@ -46,6 +46,7 @@
#include "libssh/session.h" #include "libssh/session.h"
#include "libssh/crypto.h" #include "libssh/crypto.h"
#include "libssh/wrapper.h" #include "libssh/wrapper.h"
#include "libssh/pki.h"
/* it allocates a new cipher structure based on its offset into the global table */ /* it allocates a new cipher structure based on its offset into the global table */
static struct crypto_struct *cipher_new(int offset) { static struct crypto_struct *cipher_new(int offset) {
@@ -348,11 +349,9 @@ int crypt_set_algorithms_server(ssh_session session){
server=session->server_kex.methods[SSH_HOSTKEYS]; server=session->server_kex.methods[SSH_HOSTKEYS];
client=session->client_kex.methods[SSH_HOSTKEYS]; client=session->client_kex.methods[SSH_HOSTKEYS];
match=ssh_find_matching(server,client); match=ssh_find_matching(server,client);
if(match && !strcmp(match,"ssh-dss")) if (match) {
session->hostkeys=SSH_KEYTYPE_DSS; session->srv.hostkey = ssh_key_type_from_name(match);
else if(match && !strcmp(match,"ssh-rsa")) } else {
session->hostkeys=SSH_KEYTYPE_RSA;
else {
ssh_set_error(session, SSH_FATAL, "Cannot know what %s is into %s", ssh_set_error(session, SSH_FATAL, "Cannot know what %s is into %s",
match ? match : NULL, server); match ? match : NULL, server);
SAFE_FREE(match); SAFE_FREE(match);