tyler.durden/Win32-OpenSSH
1
0
Fork 0
mirror of https://github.com/PowerShell/Win32-OpenSSH.git synced 2025-07-26 15:34:37 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add CNG KEX hooks

Browse Source 
Add conditional hooks to use CNG for KEX.  Switches based upon USE_MSCNG
define
This commit is contained in:
dkulwin 2016-01-08 13:42:08 -06:00
parent 02e784565a
commit 5bc1a58689
2 changed files with 26 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
sshconnect2.c
View File

@ -76,6 +76,12 @@
#include "ssh-gss.h" #include "ssh-gss.h"
#endif #endif
#ifdef USE_MSCNG
/* CNG KEX imports */
int cng_kexgex_client(struct ssh *ssh);
int cng_kexdh_client(struct ssh *ssh);
#endif
/* import */ /* import */
extern char *client_version_string; extern char *client_version_string;
extern char *server_version_string; extern char *server_version_string;
@ -212,10 +218,17 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
fatal("kex_setup: %s", ssh_err(r)); fatal("kex_setup: %s", ssh_err(r));
kex = active_state->kex; kex = active_state->kex;
#ifdef WITH_OPENSSL #ifdef WITH_OPENSSL
#ifdef USE_MSCNG
kex->kex[KEX_DH_GRP1_SHA1] = cng_kexdh_client;
kex->kex[KEX_DH_GRP14_SHA1] = cng_kexdh_client;
kex->kex[KEX_DH_GEX_SHA1] = cng_kexgex_client;
kex->kex[KEX_DH_GEX_SHA256] = cng_kexgex_client;
#else
kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client;
kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;
kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;
#endif
# ifdef OPENSSL_HAS_ECC # ifdef OPENSSL_HAS_ECC
kex->kex[KEX_ECDH_SHA2] = kexecdh_client; kex->kex[KEX_ECDH_SHA2] = kexecdh_client;
# endif # endif

13
sshd.c
View File

@ -145,6 +145,12 @@
#define O_NOCTTY 0 #define O_NOCTTY 0
#endif #endif
#ifdef USE_MSCNG
/* CNG KEX imports */
int cng_kexgex_server(struct ssh *ssh);
int cng_kexdh_server(struct ssh *ssh);
#endif
/* Re-exec fds */ /* Re-exec fds */
#define REEXEC_DEVCRYPTO_RESERVED_FD (STDERR_FILENO + 1) #define REEXEC_DEVCRYPTO_RESERVED_FD (STDERR_FILENO + 1)
#define REEXEC_STARTUP_PIPE_FD (STDERR_FILENO + 2) #define REEXEC_STARTUP_PIPE_FD (STDERR_FILENO + 2)
@ -3379,10 +3385,17 @@ do_ssh2_kex(void)
fatal("kex_setup: %s", ssh_err(r)); fatal("kex_setup: %s", ssh_err(r));
kex = active_state->kex; kex = active_state->kex;
#ifdef WITH_OPENSSL #ifdef WITH_OPENSSL
#ifdef USE_MSCNG
kex->kex[KEX_DH_GRP1_SHA1] = cng_kexdh_server;
kex->kex[KEX_DH_GRP14_SHA1] = cng_kexdh_server;
kex->kex[KEX_DH_GEX_SHA1] = cng_kexgex_server;
kex->kex[KEX_DH_GEX_SHA256] = cng_kexgex_server;
#else
kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
#endif
# ifdef OPENSSL_HAS_ECC # ifdef OPENSSL_HAS_ECC
kex->kex[KEX_ECDH_SHA2] = kexecdh_server; kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
# endif # endif