diff options
Diffstat (limited to 'kex.h')
-rw-r--r-- | kex.h | 29 |
1 files changed, 29 insertions, 0 deletions
@@ -103,6 +103,15 @@ enum kex_exchange { | |||
103 | KEX_ECDH_SHA2, | 103 | KEX_ECDH_SHA2, |
104 | KEX_C25519_SHA256, | 104 | KEX_C25519_SHA256, |
105 | KEX_KEM_SNTRUP4591761X25519_SHA512, | 105 | KEX_KEM_SNTRUP4591761X25519_SHA512, |
106 | #ifdef GSSAPI | ||
107 | KEX_GSS_GRP1_SHA1, | ||
108 | KEX_GSS_GRP14_SHA1, | ||
109 | KEX_GSS_GRP14_SHA256, | ||
110 | KEX_GSS_GRP16_SHA512, | ||
111 | KEX_GSS_GEX_SHA1, | ||
112 | KEX_GSS_NISTP256_SHA256, | ||
113 | KEX_GSS_C25519_SHA256, | ||
114 | #endif | ||
106 | KEX_MAX | 115 | KEX_MAX |
107 | }; | 116 | }; |
108 | 117 | ||
@@ -154,6 +163,12 @@ struct kex { | |||
154 | u_int flags; | 163 | u_int flags; |
155 | int hash_alg; | 164 | int hash_alg; |
156 | int ec_nid; | 165 | int ec_nid; |
166 | #ifdef GSSAPI | ||
167 | int gss_deleg_creds; | ||
168 | int gss_trust_dns; | ||
169 | char *gss_host; | ||
170 | char *gss_client; | ||
171 | #endif | ||
157 | char *failed_choice; | 172 | char *failed_choice; |
158 | int (*verify_host_key)(struct sshkey *, struct ssh *); | 173 | int (*verify_host_key)(struct sshkey *, struct ssh *); |
159 | struct sshkey *(*load_host_public_key)(int, int, struct ssh *); | 174 | struct sshkey *(*load_host_public_key)(int, int, struct ssh *); |
@@ -175,8 +190,10 @@ struct kex { | |||
175 | 190 | ||
176 | int kex_names_valid(const char *); | 191 | int kex_names_valid(const char *); |
177 | char *kex_alg_list(char); | 192 | char *kex_alg_list(char); |
193 | char *kex_gss_alg_list(char); | ||
178 | char *kex_names_cat(const char *, const char *); | 194 | char *kex_names_cat(const char *, const char *); |
179 | int kex_assemble_names(char **, const char *, const char *); | 195 | int kex_assemble_names(char **, const char *, const char *); |
196 | int kex_gss_names_valid(const char *); | ||
180 | 197 | ||
181 | int kex_exchange_identification(struct ssh *, int, const char *); | 198 | int kex_exchange_identification(struct ssh *, int, const char *); |
182 | 199 | ||
@@ -203,6 +220,12 @@ int kexgex_client(struct ssh *); | |||
203 | int kexgex_server(struct ssh *); | 220 | int kexgex_server(struct ssh *); |
204 | int kex_gen_client(struct ssh *); | 221 | int kex_gen_client(struct ssh *); |
205 | int kex_gen_server(struct ssh *); | 222 | int kex_gen_server(struct ssh *); |
223 | #if defined(GSSAPI) && defined(WITH_OPENSSL) | ||
224 | int kexgssgex_client(struct ssh *); | ||
225 | int kexgssgex_server(struct ssh *); | ||
226 | int kexgss_client(struct ssh *); | ||
227 | int kexgss_server(struct ssh *); | ||
228 | #endif | ||
206 | 229 | ||
207 | int kex_dh_keypair(struct kex *); | 230 | int kex_dh_keypair(struct kex *); |
208 | int kex_dh_enc(struct kex *, const struct sshbuf *, struct sshbuf **, | 231 | int kex_dh_enc(struct kex *, const struct sshbuf *, struct sshbuf **, |
@@ -235,6 +258,12 @@ int kexgex_hash(int, const struct sshbuf *, const struct sshbuf *, | |||
235 | const BIGNUM *, const u_char *, size_t, | 258 | const BIGNUM *, const u_char *, size_t, |
236 | u_char *, size_t *); | 259 | u_char *, size_t *); |
237 | 260 | ||
261 | int kex_gen_hash(int hash_alg, const struct sshbuf *client_version, | ||
262 | const struct sshbuf *server_version, const struct sshbuf *client_kexinit, | ||
263 | const struct sshbuf *server_kexinit, const struct sshbuf *server_host_key_blob, | ||
264 | const struct sshbuf *client_pub, const struct sshbuf *server_pub, | ||
265 | const struct sshbuf *shared_secret, u_char *hash, size_t *hashlen); | ||
266 | |||
238 | void kexc25519_keygen(u_char key[CURVE25519_SIZE], u_char pub[CURVE25519_SIZE]) | 267 | void kexc25519_keygen(u_char key[CURVE25519_SIZE], u_char pub[CURVE25519_SIZE]) |
239 | __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) | 268 | __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) |
240 | __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); | 269 | __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); |