static void keygrab_ssh2(con *c) { const char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT }; int r; switch (c->c_keytype) { case KT_DSA: myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = get_cert ? "*****@*****.**" : "ssh-dss"; break; case KT_RSA: myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = get_cert ? "*****@*****.**" : "ssh-rsa"; break; case KT_ED25519: myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = get_cert ? "*****@*****.**" : "ssh-ed25519"; break; case KT_XMSS: myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = get_cert ? "*****@*****.**" : "*****@*****.**"; break; case KT_ECDSA: myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = get_cert ? "[email protected]," "[email protected]," "*****@*****.**" : "ecdsa-sha2-nistp256," "ecdsa-sha2-nistp384," "ecdsa-sha2-nistp521"; break; default: fatal("unknown key type %d", c->c_keytype); break; } if ((r = kex_setup(c->c_ssh, myproposal)) != 0) { free(c->c_ssh); fprintf(stderr, "kex_setup: %s\n", ssh_err(r)); exit(1); } #ifdef WITH_OPENSSL c->c_ssh->kex->kex[KEX_DH_GRP1_SHA1] = kex_gen_client; c->c_ssh->kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_client; c->c_ssh->kex->kex[KEX_DH_GRP14_SHA256] = kex_gen_client; c->c_ssh->kex->kex[KEX_DH_GRP16_SHA512] = kex_gen_client; c->c_ssh->kex->kex[KEX_DH_GRP18_SHA512] = kex_gen_client; c->c_ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; c->c_ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; c->c_ssh->kex->kex[KEX_ECDH_SHA2] = kex_gen_client; #endif c->c_ssh->kex->kex[KEX_C25519_SHA256] = kex_gen_client; c->c_ssh->kex->kex[KEX_KEM_SNTRUP4591761X25519_SHA512] = kex_gen_client; ssh_set_verify_host_key_callback(c->c_ssh, key_print_wrapper); /* * do the key-exchange until an error occurs or until * the key_print_wrapper() callback sets c_done. */ ssh_dispatch_run(c->c_ssh, DISPATCH_BLOCK, &c->c_done); }
static void keygrab_ssh2(con *c) { const char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT }; int r; enable_compat20(); myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = c->c_keytype == KT_DSA ? "ssh-dss" : (c->c_keytype == KT_RSA ? "ssh-rsa" : (c->c_keytype == KT_ED25519 ? "ssh-ed25519" : "ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521")); if ((r = kex_setup(c->c_ssh, myproposal)) != 0) { free(c->c_ssh); fprintf(stderr, "kex_setup: %s\n", ssh_err(r)); exit(1); } #ifdef WITH_OPENSSL c->c_ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; c->c_ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; c->c_ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; c->c_ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; c->c_ssh->kex->kex[KEX_ECDH_SHA2] = kexecdh_client; #endif c->c_ssh->kex->kex[KEX_C25519_SHA256] = kexc25519_client; ssh_set_verify_host_key_callback(c->c_ssh, key_print_wrapper); /* * do the key-exchange until an error occurs or until * the key_print_wrapper() callback sets c_done. */ ssh_dispatch_run(c->c_ssh, DISPATCH_BLOCK, &c->c_done, c->c_ssh); }
static void process_buffered_input_packets(struct ssh *ssh) { int r; if ((r = ssh_dispatch_run(ssh, DISPATCH_NONBLOCK, NULL)) != 0) fatal("%s: %s", __func__, ssh_err(r)); }
void ssh_dispatch_run_fatal(struct ssh *ssh, int mode, volatile sig_atomic_t *done) { int r; if ((r = ssh_dispatch_run(ssh, mode, done)) != 0) sshpkt_fatal(ssh, r, "%s", __func__); }
/* * loop until authctxt->success == TRUE */ void do_authentication2(struct ssh *ssh) { struct authctxt *authctxt = ssh->authctxt; int r; ssh_dispatch_init(ssh, &dispatch_protocol_error); ssh_dispatch_set(ssh, SSH2_MSG_SERVICE_REQUEST, &input_service_request); if ((r = ssh_dispatch_run(ssh, DISPATCH_BLOCK, &authctxt->success)) != 0) fatal("%s: ssh_dispatch_run failed: %s", __func__, ssh_err(r)); }