mirror of
https://github.com/PowerShell/Win32-OpenSSH.git
synced 2025-07-24 14:35:35 +02:00
Add CNG KEX hooks
Add conditional hooks to use CNG for KEX. Switches based upon USE_MSCNG define
This commit is contained in:
parent
02e784565a
commit
5bc1a58689
@ -76,6 +76,12 @@
|
||||
#include "ssh-gss.h"
|
||||
#endif
|
||||
|
||||
#ifdef USE_MSCNG
|
||||
/* CNG KEX imports */
|
||||
int cng_kexgex_client(struct ssh *ssh);
|
||||
int cng_kexdh_client(struct ssh *ssh);
|
||||
#endif
|
||||
|
||||
/* import */
|
||||
extern char *client_version_string;
|
||||
extern char *server_version_string;
|
||||
@ -212,10 +218,17 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
|
||||
fatal("kex_setup: %s", ssh_err(r));
|
||||
kex = active_state->kex;
|
||||
#ifdef WITH_OPENSSL
|
||||
#ifdef USE_MSCNG
|
||||
kex->kex[KEX_DH_GRP1_SHA1] = cng_kexdh_client;
|
||||
kex->kex[KEX_DH_GRP14_SHA1] = cng_kexdh_client;
|
||||
kex->kex[KEX_DH_GEX_SHA1] = cng_kexgex_client;
|
||||
kex->kex[KEX_DH_GEX_SHA256] = cng_kexgex_client;
|
||||
#else
|
||||
kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client;
|
||||
kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;
|
||||
kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
|
||||
kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;
|
||||
#endif
|
||||
# ifdef OPENSSL_HAS_ECC
|
||||
kex->kex[KEX_ECDH_SHA2] = kexecdh_client;
|
||||
# endif
|
||||
|
13
sshd.c
13
sshd.c
@ -145,6 +145,12 @@
|
||||
#define O_NOCTTY 0
|
||||
#endif
|
||||
|
||||
#ifdef USE_MSCNG
|
||||
/* CNG KEX imports */
|
||||
int cng_kexgex_server(struct ssh *ssh);
|
||||
int cng_kexdh_server(struct ssh *ssh);
|
||||
#endif
|
||||
|
||||
/* Re-exec fds */
|
||||
#define REEXEC_DEVCRYPTO_RESERVED_FD (STDERR_FILENO + 1)
|
||||
#define REEXEC_STARTUP_PIPE_FD (STDERR_FILENO + 2)
|
||||
@ -3379,10 +3385,17 @@ do_ssh2_kex(void)
|
||||
fatal("kex_setup: %s", ssh_err(r));
|
||||
kex = active_state->kex;
|
||||
#ifdef WITH_OPENSSL
|
||||
#ifdef USE_MSCNG
|
||||
kex->kex[KEX_DH_GRP1_SHA1] = cng_kexdh_server;
|
||||
kex->kex[KEX_DH_GRP14_SHA1] = cng_kexdh_server;
|
||||
kex->kex[KEX_DH_GEX_SHA1] = cng_kexgex_server;
|
||||
kex->kex[KEX_DH_GEX_SHA256] = cng_kexgex_server;
|
||||
#else
|
||||
kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
|
||||
kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
|
||||
kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
|
||||
kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
|
||||
#endif
|
||||
# ifdef OPENSSL_HAS_ECC
|
||||
kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
|
||||
# endif
|
||||
|
Loading…
x
Reference in New Issue
Block a user