kex: moved KEX structures to ssh_crypto_struct

include/libssh/crypto.h

@@ -44,6 +44,7 @@
 #include <openssl/ecdh.h>
 #endif
 #include "libssh/ecdh.h"
+#include "libssh/kex.h"
 
 enum ssh_key_exchange_e {
   /* diffie-hellman-group1-sha1 */
@@ -78,6 +79,10 @@ struct ssh_crypto_struct {
     int delayed_compress_out;
     void *compress_out_ctx; /* don't touch it */
     void *compress_in_ctx; /* really, don't */
+    /* kex sent by server, client, and mutually elected methods */
+    KEX server_kex;
+    KEX client_kex;
+    char *kex_methods[SSH_KEX_METHODS];
     enum ssh_key_exchange_e kex_type;
     enum ssh_mac_e mac_type; /* Mac operations to use for key gen */
 };

include/libssh/session.h

@@ -27,7 +27,6 @@
 #include "libssh/auth.h"
 #include "libssh/channels.h"
 #include "libssh/poll.h"
-#include "libssh/kex.h"
 
 /* These are the different states a SSH session can be into its life */
 enum ssh_session_state_e {
@@ -123,11 +122,6 @@ struct ssh_session_struct {
     struct ssh_agent_state_struct *agent_state;
     struct ssh_auth_auto_state_struct *auth_auto_state;
 
-    /* kex sent by server, client, and mutually elected methods */
-    KEX server_kex;
-    KEX client_kex;
-    char *kex_methods[SSH_KEX_METHODS];
-
     ssh_buffer in_hashbuf;
     ssh_buffer out_hashbuf;
     struct ssh_crypto_struct *current_crypto;

src/client.c

@@ -545,7 +545,7 @@ static void ssh_client_connection_callback(ssh_session session){
 			break;
 		case SSH_SESSION_STATE_KEXINIT_RECEIVED:
 			set_status(session,0.6f);
-			ssh_list_kex(session, &session->server_kex);
+			ssh_list_kex(session, &session->next_crypto->server_kex);
 			if (set_client_kex(session) < 0) {
 				goto error;
 			}
@@ -810,17 +810,6 @@ error:
   session->auth_methods = 0;
   SAFE_FREE(session->serverbanner);
   SAFE_FREE(session->clientbanner);
-  if (session->client_kex.methods) {
-    for (i = 0; i < 10; i++) {
-      SAFE_FREE(session->client_kex.methods[i]);
-    }
-  }
-
-  if (session->server_kex.methods) {
-    for (i = 0; i < 10; i++) {
-      SAFE_FREE(session->server_kex.methods[i]);
-    }
-  }
 
   if(session->ssh_message_list){
     ssh_message msg;

src/dh.c

@@ -771,13 +771,13 @@ int hashbufout_add_cookie(ssh_session session) {
 
   if (session->server) {
     if (buffer_add_data(session->out_hashbuf,
-          session->server_kex.cookie, 16) < 0) {
+          session->next_crypto->server_kex.cookie, 16) < 0) {
       buffer_reinit(session->out_hashbuf);
       return -1;
     }
   } else {
     if (buffer_add_data(session->out_hashbuf,
-          session->client_kex.cookie, 16) < 0) {
+          session->next_crypto->client_kex.cookie, 16) < 0) {
       buffer_reinit(session->out_hashbuf);
       return -1;
     }

src/kex.c

@@ -260,22 +260,22 @@ SSH_PACKET_CALLBACK(ssh_packet_kexinit){
   	goto error;
   }
   if (server_kex) {
-      if (buffer_get_data(packet,session->client_kex.cookie,16) != 16) {
+      if (buffer_get_data(packet,session->next_crypto->client_kex.cookie,16) != 16) {
         ssh_set_error(session, SSH_FATAL, "ssh_packet_kexinit: no cookie in packet");
         goto error;
       }
 
-      if (hashbufin_add_cookie(session, session->client_kex.cookie) < 0) {
+      if (hashbufin_add_cookie(session, session->next_crypto->client_kex.cookie) < 0) {
         ssh_set_error(session, SSH_FATAL, "ssh_packet_kexinit: adding cookie failed");
         goto error;
       }
   } else {
-      if (buffer_get_data(packet,session->server_kex.cookie,16) != 16) {
+      if (buffer_get_data(packet,session->next_crypto->server_kex.cookie,16) != 16) {
         ssh_set_error(session, SSH_FATAL, "ssh_packet_kexinit: no cookie in packet");
         goto error;
       }
 
-      if (hashbufin_add_cookie(session, session->server_kex.cookie) < 0) {
+      if (hashbufin_add_cookie(session, session->next_crypto->server_kex.cookie) < 0) {
         ssh_set_error(session, SSH_FATAL, "ssh_packet_kexinit: adding cookie failed");
         goto error;
       }
@@ -303,12 +303,12 @@ SSH_PACKET_CALLBACK(ssh_packet_kexinit){
 
   /* copy the server kex info into an array of strings */
   if (server_kex) {
-    for (i = 0; i < 10; i++) {
+    for (i = 0; i < SSH_KEX_METHODS; i++) {
-      session->client_kex.methods[i] = strings[i];
+      session->next_crypto->client_kex.methods[i] = strings[i];
     }
   } else { /* client */
-    for (i = 0; i < 10; i++) {
+    for (i = 0; i < SSH_KEX_METHODS; i++) {
-      session->server_kex.methods[i] = strings[i];
+      session->next_crypto->server_kex.methods[i] = strings[i];
     }
   }
 
@@ -348,7 +348,7 @@ void ssh_list_kex(ssh_session session, KEX *kex) {
  *        in function of the options and available methods.
  */
 int set_client_kex(ssh_session session){
-    KEX *client= &session->client_kex;
+    KEX *client= &session->next_crypto->client_kex;
     int i;
     const char *wanted;
     enter_function();
@@ -368,27 +368,27 @@ int set_client_kex(ssh_session session){
  * server's kex messages, and watches out if a match is possible.
  */
 int ssh_kex_select_methods (ssh_session session){
-    KEX *server = &session->server_kex;
+    KEX *server = &session->next_crypto->server_kex;
-    KEX *client = &session->client_kex;
+    KEX *client = &session->next_crypto->client_kex;
     int rc = SSH_ERROR;
     int i;
 
     enter_function();
 
     for (i=0;i<10;i++){
-        session->kex_methods[i]=ssh_find_matching(server->methods[i],client->methods[i]);
+        session->next_crypto->kex_methods[i]=ssh_find_matching(server->methods[i],client->methods[i]);
-        if(session->kex_methods[i] == NULL && i < SSH_LANG_C_S){
+        if(session->next_crypto->kex_methods[i] == NULL && i < SSH_LANG_C_S){
             ssh_set_error(session,SSH_FATAL,"kex error : no match for method %s: server [%s], client [%s]",
                     ssh_kex_nums[i],server->methods[i],client->methods[i]);
             goto error;
-        } else if ((i >= SSH_LANG_C_S) && (session->kex_methods[i] == NULL)) {
+        } else if ((i >= SSH_LANG_C_S) && (session->next_crypto->kex_methods[i] == NULL)) {
             /* we can safely do that for languages */
-            session->kex_methods[i] = strdup("");
+            session->next_crypto->kex_methods[i] = strdup("");
         }
     }
-    if(strcmp(session->kex_methods[SSH_KEX], "diffie-hellman-group1-sha1") == 0){
+    if(strcmp(session->next_crypto->kex_methods[SSH_KEX], "diffie-hellman-group1-sha1") == 0){
       session->next_crypto->kex_type=SSH_KEX_DH_GROUP1_SHA1;
-    } else if(strcmp(session->kex_methods[SSH_KEX], "ecdh-sha2-nistp256") == 0){
+    } else if(strcmp(session->next_crypto->kex_methods[SSH_KEX], "ecdh-sha2-nistp256") == 0){
       session->next_crypto->kex_type=SSH_KEX_ECDH_SHA2_NISTP256;
     }
     rc = SSH_OK;
@@ -400,7 +400,8 @@ error:
 
 /* this function only sends the predefined set of kex methods */
 int ssh_send_kex(ssh_session session, int server_kex) {
-  KEX *kex = (server_kex ? &session->server_kex : &session->client_kex);
+  KEX *kex = (server_kex ? &session->next_crypto->server_kex :
+      &session->next_crypto->client_kex);
   ssh_string str = NULL;
   int i;
 

src/kex1.c

@@ -85,7 +85,7 @@ static int build_session_id1(ssh_session session, ssh_string servern,
 #endif
   md5_update(md5,ssh_string_data(hostn),ssh_string_len(hostn));
   md5_update(md5,ssh_string_data(servern),ssh_string_len(servern));
-  md5_update(md5,session->server_kex.cookie,8);
+  md5_update(md5,session->next_crypto->server_kex.cookie,8);
   if(session->next_crypto->session_id != NULL)
       SAFE_FREE(session->next_crypto->session_id);
   session->next_crypto->session_id = malloc(MD5_DIGEST_LEN);
@@ -319,7 +319,7 @@ SSH_PACKET_CALLBACK(ssh_packet_publickey1){
     ssh_set_error(session,SSH_FATAL,"SSH_KEXINIT received in wrong state");
     goto error;
   }
-  if (buffer_get_data(packet, session->server_kex.cookie, 8) != 8) {
+  if (buffer_get_data(packet, session->next_crypto->server_kex.cookie, 8) != 8) {
     ssh_set_error(session, SSH_FATAL, "Can't get cookie in buffer");
     goto error;
   }
@@ -408,7 +408,7 @@ SSH_PACKET_CALLBACK(ssh_packet_publickey1){
    if (buffer_add_u8(session->out_buffer, SSH_CIPHER_3DES) < 0) {
      goto error;
    }
-   if (buffer_add_data(session->out_buffer, session->server_kex.cookie, 8) < 0) {
+   if (buffer_add_data(session->out_buffer, session->next_crypto->server_kex.cookie, 8) < 0) {
      goto error;
    }
 

src/server.c

@@ -83,7 +83,7 @@ extern const char *supported_methods[];
  */
 
 static int server_set_kex(ssh_session session) {
-  KEX *server = &session->server_kex;
+  KEX *server = &session->next_crypto->server_kex;
   int i, j;
   const char *wanted;
 
@@ -356,7 +356,7 @@ static void ssh_server_connection_callback(ssh_session session){
 			break;
 		case SSH_SESSION_STATE_KEXINIT_RECEIVED:
 			set_status(session,0.6f);
-			ssh_list_kex(session, &session->client_kex); // log client kex
+			ssh_list_kex(session, &session->next_crypto->client_kex); // log client kex
 			if (ssh_kex_select_methods(session) < 0) {
 				goto error;
 			}

src/session.c

@@ -197,17 +197,6 @@ void ssh_free(ssh_session session) {
 #ifndef _WIN32
   agent_free(session->agent);
 #endif /* _WIN32 */
-  if (session->client_kex.methods) {
-    for (i = 0; i < 10; i++) {
-      SAFE_FREE(session->client_kex.methods[i]);
-    }
-  }
-
-  if (session->server_kex.methods) {
-    for (i = 0; i < 10; i++) {
-      SAFE_FREE(session->server_kex.methods[i]);
-    }
-  }
 
   ssh_key_free(session->srv.dsa_key);
   ssh_key_free(session->srv.rsa_key);

src/wrapper.c

@@ -98,6 +98,7 @@ struct ssh_crypto_struct *crypto_new(void) {
 }
 
 void crypto_free(struct ssh_crypto_struct *crypto){
+  int i;
   if (crypto == NULL) {
     return;
   }
@@ -148,6 +149,12 @@ void crypto_free(struct ssh_crypto_struct *crypto){
     SAFE_FREE(crypto->decryptkey);
   }
 
+  for (i = 0; i < SSH_KEX_METHODS; i++) {
+      SAFE_FREE(crypto->client_kex.methods[i]);
+      SAFE_FREE(crypto->server_kex.methods[i]);
+      SAFE_FREE(crypto->kex_methods[i]);
+  }
+
   memset(crypto,0,sizeof(*crypto));
 
   SAFE_FREE(crypto);
@@ -162,7 +169,7 @@ static int crypt_set_algorithms2(ssh_session session){
   enter_function();
   /* we must scan the kex entries to find crypto algorithms and set their appropriate structure */
   /* out */
-  wanted = session->kex_methods[SSH_CRYPT_C_S];
+  wanted = session->next_crypto->kex_methods[SSH_CRYPT_C_S];
   while (ssh_ciphertab[i].name && strcmp(wanted, ssh_ciphertab[i].name)) {
     i++;
   }
@@ -183,7 +190,7 @@ static int crypt_set_algorithms2(ssh_session session){
   i = 0;
 
   /* in */
-  wanted = session->kex_methods[SSH_CRYPT_S_C];
+  wanted = session->next_crypto->kex_methods[SSH_CRYPT_S_C];
   while (ssh_ciphertab[i].name && strcmp(wanted, ssh_ciphertab[i].name)) {
     i++;
   }
@@ -203,16 +210,16 @@ static int crypt_set_algorithms2(ssh_session session){
   }
 
   /* compression */
-  if (strcmp(session->kex_methods[SSH_COMP_C_S], "zlib") == 0) {
+  if (strcmp(session->next_crypto->kex_methods[SSH_COMP_C_S], "zlib") == 0) {
     session->next_crypto->do_compress_out = 1;
   }
-  if (strcmp(session->kex_methods[SSH_COMP_S_C], "zlib") == 0) {
+  if (strcmp(session->next_crypto->kex_methods[SSH_COMP_S_C], "zlib") == 0) {
     session->next_crypto->do_compress_in = 1;
   }
-  if (strcmp(session->kex_methods[SSH_COMP_C_S], "zlib@openssh.com") == 0) {
+  if (strcmp(session->next_crypto->kex_methods[SSH_COMP_C_S], "zlib@openssh.com") == 0) {
     session->next_crypto->delayed_compress_out = 1;
   }
-  if (strcmp(session->kex_methods[SSH_COMP_S_C], "zlib@openssh.com") == 0) {
+  if (strcmp(session->next_crypto->kex_methods[SSH_COMP_S_C], "zlib@openssh.com") == 0) {
     session->next_crypto->delayed_compress_in = 1;
   }
   rc = SSH_OK;
@@ -270,7 +277,7 @@ int crypt_set_algorithms_server(ssh_session session){
     /* we must scan the kex entries to find crypto algorithms and set their appropriate structure */
     enter_function();
     /* out */
-    method = session->kex_methods[SSH_CRYPT_S_C];
+    method = session->next_crypto->kex_methods[SSH_CRYPT_S_C];
     while(ssh_ciphertab[i].name && strcmp(method,ssh_ciphertab[i].name))
         i++;
     if(!ssh_ciphertab[i].name){
@@ -287,7 +294,7 @@ int crypt_set_algorithms_server(ssh_session session){
     }
     i=0;
     /* in */
-    method = session->kex_methods[SSH_CRYPT_C_S];
+    method = session->next_crypto->kex_methods[SSH_CRYPT_C_S];
     while(ssh_ciphertab[i].name && strcmp(method,ssh_ciphertab[i].name))
         i++;
     if(!ssh_ciphertab[i].name){
@@ -304,7 +311,7 @@ int crypt_set_algorithms_server(ssh_session session){
     }
 
     /* compression */
-    method = session->kex_methods[SSH_CRYPT_C_S];
+    method = session->next_crypto->kex_methods[SSH_CRYPT_C_S];
     if(strcmp(method,"zlib") == 0){
         ssh_log(session,SSH_LOG_PACKET,"enabling C->S compression");
         session->next_crypto->do_compress_in=1;
@@ -313,7 +320,7 @@ int crypt_set_algorithms_server(ssh_session session){
         ssh_set_error(session,SSH_FATAL,"zlib@openssh.com not supported");
         goto error;
     }
-    method = session->kex_methods[SSH_CRYPT_S_C];
+    method = session->next_crypto->kex_methods[SSH_CRYPT_S_C];
     if(strcmp(method,"zlib") == 0){
         ssh_log(session,SSH_LOG_PACKET,"enabling S->C compression\n");
         session->next_crypto->do_compress_out=1;
@@ -323,7 +330,7 @@ int crypt_set_algorithms_server(ssh_session session){
         goto error;
     }
 
-    method = session->kex_methods[SSH_HOSTKEYS];
+    method = session->next_crypto->kex_methods[SSH_HOSTKEYS];
     session->srv.hostkey = ssh_key_type_from_name(method);
     rc = SSH_OK;
     error: