diff options
| author | Aris Adamantiadis <aris@0xbadc0de.be> | 2014-09-03 09:32:32 +0200 |
|---|---|---|
| committer | Andreas Schneider <asn@cryptomilk.org> | 2015-02-02 14:45:52 +0100 |
| commit | c02b260e7ef8548d61d6491d76d0150da66c19c7 (patch) | |
| tree | 21a8ac17e9a2953210135ba38eef37da0d5f151d | |
| parent | 01a6004171c6a899192c87dfe5a8ff27c30b1eaf (diff) | |
| download | libssh-c02b260e7ef8548d61d6491d76d0150da66c19c7.tar.gz libssh-c02b260e7ef8548d61d6491d76d0150da66c19c7.tar.xz libssh-c02b260e7ef8548d61d6491d76d0150da66c19c7.zip | |
server: Add support for ed25519 keys in the server.
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
| -rw-r--r-- | include/libssh/bind.h | 2 | ||||
| -rw-r--r-- | include/libssh/session.h | 2 | ||||
| -rw-r--r-- | src/bind.c | 11 | ||||
| -rw-r--r-- | src/options.c | 4 | ||||
| -rw-r--r-- | src/server.c | 14 | ||||
| -rw-r--r-- | src/session.c | 2 |
6 files changed, 32 insertions, 3 deletions
diff --git a/include/libssh/bind.h b/include/libssh/bind.h index ced1c494..edbc7b77 100644 --- a/include/libssh/bind.h +++ b/include/libssh/bind.h @@ -36,9 +36,11 @@ struct ssh_bind_struct { char *ecdsakey; char *dsakey; char *rsakey; + char *ed25519key; ssh_key ecdsa; ssh_key dsa; ssh_key rsa; + ssh_key ed25519; char *bindaddr; socket_t bindfd; unsigned int bindport; diff --git a/include/libssh/session.h b/include/libssh/session.h index 29bdd60b..60d78578 100644 --- a/include/libssh/session.h +++ b/include/libssh/session.h @@ -156,7 +156,7 @@ struct ssh_session_struct { ssh_key rsa_key; ssh_key dsa_key; ssh_key ecdsa_key; - + ssh_key ed25519_key; /* The type of host key wanted by client */ enum ssh_keytypes_e hostkey; } srv; @@ -365,6 +365,7 @@ void ssh_bind_free(ssh_bind sshbind){ SAFE_FREE(sshbind->dsakey); SAFE_FREE(sshbind->rsakey); SAFE_FREE(sshbind->ecdsakey); + SAFE_FREE(sshbind->ed25519key); ssh_key_free(sshbind->dsa); sshbind->dsa = NULL; @@ -372,6 +373,8 @@ void ssh_bind_free(ssh_bind sshbind){ sshbind->rsa = NULL; ssh_key_free(sshbind->ecdsa); sshbind->ecdsa = NULL; + ssh_key_free(sshbind->ed25519); + sshbind->ed25519 = NULL; for (i = 0; i < 10; i++) { if (sshbind->wanted_methods[i]) { @@ -459,6 +462,14 @@ int ssh_bind_accept_fd(ssh_bind sshbind, ssh_session session, socket_t fd){ return SSH_ERROR; } } + if (sshbind->ed25519 != NULL) { + session->srv.ed25519_key = ssh_key_dup(sshbind->ed25519); + if (session->srv.ed25519_key == NULL){ + ssh_set_error_oom(sshbind); + return SSH_ERROR; + } + } + /* force PRNG to change state in case we fork after ssh_bind_accept */ ssh_reseed(); return SSH_OK; diff --git a/src/options.c b/src/options.c index 2b8abb48..44b1a888 100644 --- a/src/options.c +++ b/src/options.c @@ -1436,6 +1436,10 @@ int ssh_bind_options_set(ssh_bind sshbind, enum ssh_bind_options_e type, bind_key_loc = &sshbind->rsa; bind_key_path_loc = &sshbind->rsakey; break; + case SSH_KEYTYPE_ED25519: + bind_key_loc = &sshbind->ed25519; + bind_key_path_loc = &sshbind->ed25519key; + break; default: ssh_set_error(sshbind, SSH_FATAL, diff --git a/src/server.c b/src/server.c index 3a38fc7b..61641a6e 100644 --- a/src/server.c +++ b/src/server.c @@ -94,10 +94,17 @@ static int server_set_kex(ssh_session session) { ZERO_STRUCTP(server); ssh_get_random(server->cookie, 16, 0); + if (session->srv.ed25519_key != NULL) { + snprintf(hostkeys, + sizeof(hostkeys), + "%s", + ssh_key_type_to_char(ssh_key_type(session->srv.ed25519_key))); + } #ifdef HAVE_ECC if (session->srv.ecdsa_key != NULL) { - snprintf(hostkeys, sizeof(hostkeys), - "%s", session->srv.ecdsa_key->type_c); + len = strlen(hostkeys); + snprintf(hostkeys + len, sizeof(hostkeys) - len, + ",%s", session->srv.ecdsa_key->type_c); } #endif if (session->srv.dsa_key != NULL) { @@ -225,6 +232,9 @@ int ssh_get_key_params(ssh_session session, ssh_key *privkey){ case SSH_KEYTYPE_ECDSA: *privkey = session->srv.ecdsa_key; break; + case SSH_KEYTYPE_ED25519: + *privkey = session->srv.ed25519_key; + break; case SSH_KEYTYPE_UNKNOWN: default: *privkey = NULL; diff --git a/src/session.c b/src/session.c index 63364c51..ad1b3a87 100644 --- a/src/session.c +++ b/src/session.c @@ -231,6 +231,8 @@ void ssh_free(ssh_session session) { session->srv.rsa_key = NULL; ssh_key_free(session->srv.ecdsa_key); session->srv.ecdsa_key = NULL; + ssh_key_free(session->srv.ed25519_key); + session->srv.ed25519_key = NULL; if (session->ssh_message_list) { ssh_message msg; |