Lines Matching defs:ssh
38 int _ssh_exchange_banner(struct ssh *);
39 int _ssh_send_banner(struct ssh *, struct sshbuf *);
40 int _ssh_read_banner(struct ssh *, struct sshbuf *);
41 int _ssh_order_hostkeyalgs(struct ssh *);
42 int _ssh_verify_host_key(struct sshkey *, struct ssh *);
43 struct sshkey *_ssh_host_public_key(int, int, struct ssh *);
44 struct sshkey *_ssh_host_private_key(int, int, struct ssh *);
45 int _ssh_host_key_sign(struct ssh *, struct sshkey *, struct sshkey *,
83 ssh_init(struct ssh **sshp, int is_server, struct kex_params *kex_params)
87 struct ssh *ssh;
99 if ((ssh = ssh_packet_set_connection(NULL, -1, -1)) == NULL)
102 ssh_packet_set_server(ssh);
106 kex_proposal_populate_entries(ssh, populated,
112 r = kex_ready(ssh, populated);
115 ssh_free(ssh);
119 ssh->kex->server = is_server;
122 ssh->kex->kex[KEX_DH_GRP1_SHA1] = kex_gen_server;
123 ssh->kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_server;
124 ssh->kex->kex[KEX_DH_GRP14_SHA256] = kex_gen_server;
125 ssh->kex->kex[KEX_DH_GRP16_SHA512] = kex_gen_server;
126 ssh->kex->kex[KEX_DH_GRP18_SHA512] = kex_gen_server;
127 ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
128 ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
129 ssh->kex->kex[KEX_ECDH_SHA2] = kex_gen_server;
131 ssh->kex->kex[KEX_C25519_SHA256] = kex_gen_server;
132 ssh->kex->kex[KEX_KEM_SNTRUP761X25519_SHA512] = kex_gen_server;
133 ssh->kex->kex[KEX_KEM_MLKEM768X25519_SHA256] = kex_gen_server;
134 ssh->kex->load_host_public_key=&_ssh_host_public_key;
135 ssh->kex->load_host_private_key=&_ssh_host_private_key;
136 ssh->kex->sign=&_ssh_host_key_sign;
139 ssh->kex->kex[KEX_DH_GRP1_SHA1] = kex_gen_client;
140 ssh->kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_client;
141 ssh->kex->kex[KEX_DH_GRP14_SHA256] = kex_gen_client;
142 ssh->kex->kex[KEX_DH_GRP16_SHA512] = kex_gen_client;
143 ssh->kex->kex[KEX_DH_GRP18_SHA512] = kex_gen_client;
144 ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
145 ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;
146 ssh->kex->kex[KEX_ECDH_SHA2] = kex_gen_client;
148 ssh->kex->kex[KEX_C25519_SHA256] = kex_gen_client;
149 ssh->kex->kex[KEX_KEM_SNTRUP761X25519_SHA512] = kex_gen_client;
150 ssh->kex->kex[KEX_KEM_MLKEM768X25519_SHA256] = kex_gen_client;
151 ssh->kex->verify_host_key =&_ssh_verify_host_key;
153 *sshp = ssh;
158 ssh_free(struct ssh *ssh)
162 if (ssh == NULL)
169 while ((k = TAILQ_FIRST(&ssh->public_keys)) != NULL) {
170 TAILQ_REMOVE(&ssh->public_keys, k, next);
171 if (ssh->kex && ssh->kex->server)
175 while ((k = TAILQ_FIRST(&ssh->private_keys)) != NULL) {
176 TAILQ_REMOVE(&ssh->private_keys, k, next);
179 ssh_packet_close(ssh);
180 free(ssh);
184 ssh_set_app_data(struct ssh *ssh, void *app_data)
186 ssh->app_data = app_data;
190 ssh_get_app_data(struct ssh *ssh)
192 return ssh->app_data;
197 ssh_add_hostkey(struct ssh *ssh, struct sshkey *key)
203 if (ssh->kex->server) {
213 TAILQ_INSERT_TAIL(&ssh->private_keys, k_prv, next);
217 TAILQ_INSERT_TAIL(&ssh->public_keys, k, next);
223 TAILQ_INSERT_TAIL(&ssh->public_keys, k, next);
231 ssh_set_verify_host_key_callback(struct ssh *ssh,
232 int (*cb)(struct sshkey *, struct ssh *))
234 if (cb == NULL || ssh->kex == NULL)
237 ssh->kex->verify_host_key = cb;
243 ssh_input_append(struct ssh *ssh, const u_char *data, size_t len)
245 return sshbuf_put(ssh_packet_get_input(ssh), data, len);
249 ssh_packet_next(struct ssh *ssh, u_char *typep)
260 if (sshbuf_len(ssh->kex->client_version) == 0 ||
261 sshbuf_len(ssh->kex->server_version) == 0)
262 return _ssh_exchange_banner(ssh);
275 if ((r = ssh_packet_read_poll2(ssh, &type, &seqnr)) != 0)
279 ssh->dispatch[type] != NULL) {
280 if ((r = (*ssh->dispatch[type])(type, seqnr, ssh)) != 0)
290 ssh_packet_payload(struct ssh *ssh, size_t *lenp)
292 return sshpkt_ptr(ssh, lenp);
296 ssh_packet_put(struct ssh *ssh, int type, const u_char *data, size_t len)
300 if ((r = sshpkt_start(ssh, type)) != 0 ||
301 (r = sshpkt_put(ssh, data, len)) != 0 ||
302 (r = sshpkt_send(ssh)) != 0)
308 ssh_output_ptr(struct ssh *ssh, size_t *len)
310 struct sshbuf *output = ssh_packet_get_output(ssh);
317 ssh_output_consume(struct ssh *ssh, size_t len)
319 return sshbuf_consume(ssh_packet_get_output(ssh), len);
323 ssh_output_space(struct ssh *ssh, size_t len)
325 return (0 == sshbuf_check_reserve(ssh_packet_get_output(ssh), len));
329 ssh_input_space(struct ssh *ssh, size_t len)
331 return (0 == sshbuf_check_reserve(ssh_packet_get_input(ssh), len));
336 _ssh_read_banner(struct ssh *ssh, struct sshbuf *banner)
338 struct sshbuf *input = ssh_packet_get_input(ssh);
372 if (ssh->kex->server || ++n > SSH_MAX_PRE_BANNER_LINES) {
374 if ((r = sshbuf_put(ssh_packet_get_output(ssh),
402 compat_banner(ssh, remote_version);
419 _ssh_send_banner(struct ssh *ssh, struct sshbuf *banner)
426 if ((r = sshbuf_putb(ssh_packet_get_output(ssh), banner)) != 0)
439 _ssh_exchange_banner(struct ssh *ssh)
441 struct kex *kex = ssh->kex;
451 if (sshbuf_len(ssh->kex->server_version) == 0)
452 r = _ssh_send_banner(ssh, ssh->kex->server_version);
454 sshbuf_len(ssh->kex->server_version) != 0 &&
455 sshbuf_len(ssh->kex->client_version) == 0)
456 r = _ssh_read_banner(ssh, ssh->kex->client_version);
458 if (sshbuf_len(ssh->kex->server_version) == 0)
459 r = _ssh_read_banner(ssh, ssh->kex->server_version);
461 sshbuf_len(ssh->kex->server_version) != 0 &&
462 sshbuf_len(ssh->kex->client_version) == 0)
463 r = _ssh_send_banner(ssh, ssh->kex->client_version);
468 if (sshbuf_len(ssh->kex->server_version) != 0 &&
469 sshbuf_len(ssh->kex->client_version) != 0) {
470 if ((r = _ssh_order_hostkeyalgs(ssh)) != 0 ||
471 (r = kex_send_kexinit(ssh)) != 0)
478 _ssh_host_public_key(int type, int nid, struct ssh *ssh)
483 TAILQ_FOREACH(k, &ssh->public_keys, next) {
493 _ssh_host_private_key(int type, int nid, struct ssh *ssh)
498 TAILQ_FOREACH(k, &ssh->private_keys, next) {
508 _ssh_verify_host_key(struct sshkey *hostkey, struct ssh *ssh)
513 TAILQ_FOREACH(k, &ssh->public_keys, next) {
523 _ssh_order_hostkeyalgs(struct ssh *ssh)
531 /* XXX we de-serialize ssh->kex->my, modify it, and change it */
532 if ((r = kex_buf2prop(ssh->kex->my, NULL, &proposal)) != 0)
549 TAILQ_FOREACH(k, &ssh->public_keys, next) {
565 debug2_f("orig/%d %s", ssh->kex->server, orig);
566 debug2_f("replace/%d %s", ssh->kex->server, replace);
570 r = kex_prop2buf(ssh->kex->my, proposal);
580 _ssh_host_key_sign(struct ssh *ssh, struct sshkey *privkey,
585 alg, NULL, NULL, ssh->compat);