diff options
| author | Andreas Schneider <asn@cryptomilk.org> | 2011-08-22 15:22:58 +0200 |
|---|---|---|
| committer | Andreas Schneider <asn@cryptomilk.org> | 2011-08-22 15:22:58 +0200 |
| commit | 90167f09d3c797422a3701be8c576c92de520d8c (patch) | |
| tree | 369ac420a468080d7e5754579d9787b7fa3b7faf | |
| parent | 9c376dd913b40bbcf9e0fc528f53e02c104b6c58 (diff) | |
| download | libssh-90167f09d3c797422a3701be8c576c92de520d8c.tar.gz libssh-90167f09d3c797422a3701be8c576c92de520d8c.tar.xz libssh-90167f09d3c797422a3701be8c576c92de520d8c.zip | |
server: Migrate hostkey check to new pki.
| -rw-r--r-- | include/libssh/session.h | 4 | ||||
| -rw-r--r-- | src/server.c | 6 | ||||
| -rw-r--r-- | src/wrapper.c | 9 |
3 files changed, 11 insertions, 8 deletions
diff --git a/include/libssh/session.h b/include/libssh/session.h index 123050e..3914326 100644 --- a/include/libssh/session.h +++ b/include/libssh/session.h @@ -132,10 +132,12 @@ struct ssh_session_struct { struct { ssh_key rsa_key; ssh_key dsa_key; + + /* The type of host key wanted by client */ + enum ssh_keytypes_e hostkey; } srv; /* auths accepted by server */ int auth_methods; - int hostkeys; /* contains type of host key wanted by client, in server impl */ struct ssh_list *ssh_message_list; /* list of delayed SSH messages */ int (*ssh_message_callback)( struct ssh_session_struct *session, ssh_message msg, void *userdata); void *ssh_message_callback_data; diff --git a/src/server.c b/src/server.c index b189d56..faa4c4c 100644 --- a/src/server.c +++ b/src/server.c @@ -176,14 +176,16 @@ static int dh_handshake_server(ssh_session session) { return -1; } - switch(session->hostkeys){ + switch(session->srv.hostkey) { case SSH_KEYTYPE_DSS: privkey = session->srv.dsa_key; break; case SSH_KEYTYPE_RSA: + case SSH_KEYTYPE_RSA1: privkey = session->srv.rsa_key; break; - default: + case SSH_KEYTYPE_ECDSA: + case SSH_KEYTYPE_UNKNOWN: privkey = NULL; } diff --git a/src/wrapper.c b/src/wrapper.c index bbe26e6..f1eebbc 100644 --- a/src/wrapper.c +++ b/src/wrapper.c @@ -46,6 +46,7 @@ #include "libssh/session.h" #include "libssh/crypto.h" #include "libssh/wrapper.h" +#include "libssh/pki.h" /* it allocates a new cipher structure based on its offset into the global table */ static struct crypto_struct *cipher_new(int offset) { @@ -348,11 +349,9 @@ int crypt_set_algorithms_server(ssh_session session){ server=session->server_kex.methods[SSH_HOSTKEYS]; client=session->client_kex.methods[SSH_HOSTKEYS]; match=ssh_find_matching(server,client); - if(match && !strcmp(match,"ssh-dss")) - session->hostkeys=SSH_KEYTYPE_DSS; - else if(match && !strcmp(match,"ssh-rsa")) - session->hostkeys=SSH_KEYTYPE_RSA; - else { + if (match) { + session->srv.hostkey = ssh_key_type_from_name(match); + } else { ssh_set_error(session, SSH_FATAL, "Cannot know what %s is into %s", match ? match : NULL, server); SAFE_FREE(match); |