OpenCoverage

ssh_api.c

Absolute File Name:

/home/opencoverage/opencoverage/guest-scripts/openssh/src/ssh_api.c

Source code

Switch to Preprocessed file

Line Source Count

1 /* $OpenBSD: ssh_api.c,v 1.8 2017/04/30 23:13:25 djm Exp $ */ -

2 /* -

4 * -

5 * Permission to use, copy, modify, and distribute this software for any -

6 * purpose with or without fee is hereby granted, provided that the above -

7 * copyright notice and this permission notice appear in all copies. -

8 * -

9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -

10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -

11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -

12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -

13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -

14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -

15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -

16 */ -

17 -

18 #include "includes.h" -

19 -

20 #include "ssh_api.h" -

21 #include "compat.h" -

22 #include "log.h" -

23 #include "authfile.h" -

24 #include "sshkey.h" -

25 #include "misc.h" -

26 #include "ssh2.h" -

27 #include "version.h" -

28 #include "myproposal.h" -

29 #include "ssherr.h" -

30 #include "sshbuf.h" -

31 -

32 #include <string.h> -

33 -

34 int _ssh_exchange_banner(struct ssh *); -

35 int _ssh_send_banner(struct ssh *, char **); -

36 int _ssh_read_banner(struct ssh *, char **); -

37 int _ssh_order_hostkeyalgs(struct ssh *); -

38 int _ssh_verify_host_key(struct sshkey *, struct ssh *); -

39 struct sshkey *_ssh_host_public_key(int, int, struct ssh *); -

40 struct sshkey *_ssh_host_private_key(int, int, struct ssh *); -

41 int _ssh_host_key_sign(struct sshkey *, struct sshkey *, -

42 u_char **, size_t *, const u_char *, size_t, const char *, u_int); -

43 -

44 /* -

45 * stubs for the server side implementation of kex. -

46 * disable privsep so our stubs will never be called. -

47 */ -

48 int use_privsep = 0; -

49 int mm_sshkey_sign(struct sshkey *, u_char **, u_int *, -

50 u_char *, u_int, char *, u_int); -

51 DH *mm_choose_dh(int, int, int); -

52 -

53 /* Define these two variables here so that they are part of the library */ -

54 u_char *session_id2 = NULL; -

55 u_int session_id2_len = 0; -

56 -

57 int -

58 mm_sshkey_sign(struct sshkey *key, u_char **sigp, u_int *lenp, -

59 u_char *data, u_int datalen, char *alg, u_int compat) -

60 { -

return (-1);

never executed: return (-1);

62 } -

63 -

64 DH * -

65 mm_choose_dh(int min, int nbits, int max) -

66 { -

return (NULL);

never executed: return ( ((void *)0) );

68 } -

69 -

70 /* API */ -

71 -

72 int -

73 ssh_init(struct ssh **sshp, int is_server, struct kex_params *kex_params) -

74 { -

75 char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT }; -

76 struct ssh *ssh; -

77 char **proposal; -

78 static int called; -

79 int r; -

80 -

if (!called) {

!called	Description
TRUE	evaluated 1 time by 1 test Evaluated by: test_kex
FALSE	evaluated 95 times by 1 test Evaluated by: test_kex

1-95

82 #ifdef WITH_OPENSSL -

83 OpenSSL_add_all_algorithms(); -

84 #endif /* WITH_OPENSSL */ -

85 called = 1; -

}

executed 1 time by 1 test: end of block

Executed by:

test_kex

87 -

if ((ssh = ssh_packet_set_connection(NULL, -1, -1)) == NULL)

(ssh = ssh_pac...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 96 times by 1 test Evaluated by: test_kex

0-96

return SSH_ERR_ALLOC_FAIL;

never executed: return -2;

if (is_server)

is_server	Description
TRUE	evaluated 64 times by 1 test Evaluated by: test_kex
FALSE	evaluated 32 times by 1 test Evaluated by: test_kex

32-64

ssh_packet_set_server(ssh);

executed 64 times by 1 test: ssh_packet_set_server(ssh);

Executed by:

test_kex

92 -

93 /* Initialize key exchange */ -

proposal = kex_params ? kex_params->proposal : myproposal;

kex_params	Description
TRUE	evaluated 64 times by 1 test Evaluated by: test_kex
FALSE	evaluated 32 times by 1 test Evaluated by: test_kex

32-64

if ((r = kex_new(ssh, proposal, &ssh->kex)) != 0) {

(r = kex_new(s...sh->kex)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 96 times by 1 test Evaluated by: test_kex

0-96

96 ssh_free(ssh); -

return r;

never executed: return r;

98 } -

99 ssh->kex->server = is_server; -

100

if (is_server) {

is_server	Description
TRUE	evaluated 64 times by 1 test Evaluated by: test_kex
FALSE	evaluated 32 times by 1 test Evaluated by: test_kex

32-64

101 #ifdef WITH_OPENSSL -

102 ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; -

103 ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; -

104 ssh->kex->kex[KEX_DH_GRP14_SHA256] = kexdh_server; -

105 ssh->kex->kex[KEX_DH_GRP16_SHA512] = kexdh_server; -

106 ssh->kex->kex[KEX_DH_GRP18_SHA512] = kexdh_server; -

107 ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; -

108 ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; -

109 # ifdef OPENSSL_HAS_ECC -

110 ssh->kex->kex[KEX_ECDH_SHA2] = kexecdh_server; -

111 # endif -

112 #endif /* WITH_OPENSSL */ -

113 ssh->kex->kex[KEX_C25519_SHA256] = kexc25519_server; -

114 ssh->kex->load_host_public_key=&_ssh_host_public_key; -

115 ssh->kex->load_host_private_key=&_ssh_host_private_key; -

116 ssh->kex->sign=&_ssh_host_key_sign; -

117

} else {

executed 64 times by 1 test: end of block

Executed by:

test_kex

118 #ifdef WITH_OPENSSL -

119 ssh->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; -

120 ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client; -

121 ssh->kex->kex[KEX_DH_GRP14_SHA256] = kexdh_client; -

122 ssh->kex->kex[KEX_DH_GRP16_SHA512] = kexdh_client; -

123 ssh->kex->kex[KEX_DH_GRP18_SHA512] = kexdh_client; -

124 ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; -

125 ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; -

126 # ifdef OPENSSL_HAS_ECC -

127 ssh->kex->kex[KEX_ECDH_SHA2] = kexecdh_client; -

128 # endif -

129 #endif /* WITH_OPENSSL */ -

130 ssh->kex->kex[KEX_C25519_SHA256] = kexc25519_client; -

131 ssh->kex->verify_host_key =&_ssh_verify_host_key; -

132

}

executed 32 times by 1 test: end of block

Executed by:

test_kex

133 *sshp = ssh; -

134

return 0;

executed 96 times by 1 test: return 0;

Executed by:

test_kex

135 } -

136 -

137 void -

138 ssh_free(struct ssh *ssh) -

139 { -

140 struct key_entry *k; -

141 -

142 ssh_packet_close(ssh); -

143 /* -

144 * we've only created the public keys variants in case we -

145 * are a acting as a server. -

146 */ -

147

while ((k = TAILQ_FIRST(&ssh->public_keys)) != NULL) {

(k = ((&ssh->p...!= ((void *)0)	Description
TRUE	evaluated 96 times by 1 test Evaluated by: test_kex
FALSE	evaluated 96 times by 1 test Evaluated by: test_kex

148

TAILQ_REMOVE(&ssh->public_keys, k, next);

never executed: (k)->next.tqe_next->next.tqe_prev = (k)->next.tqe_prev;

executed 96 times by 1 test: (&ssh->public_keys)->tqh_last = (k)->next.tqe_prev;

Executed by:

test_kex

((k)->next.tqe...!= ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 96 times by 1 test Evaluated by: test_kex

0-96

149

if (ssh->kex && ssh->kex->server)

ssh->kex	Description
TRUE	evaluated 96 times by 1 test Evaluated by: test_kex
FALSE	never evaluated

ssh->kex->server	Description
TRUE	evaluated 64 times by 1 test Evaluated by: test_kex
FALSE	evaluated 32 times by 1 test Evaluated by: test_kex

0-96

150

sshkey_free(k->key);

executed 64 times by 1 test: sshkey_free(k->key);

Executed by:

test_kex

151 free(k); -

152

}

executed 96 times by 1 test: end of block

Executed by:

test_kex

153

while ((k = TAILQ_FIRST(&ssh->private_keys)) != NULL) {

(k = ((&ssh->p...!= ((void *)0)	Description
TRUE	evaluated 64 times by 1 test Evaluated by: test_kex
FALSE	evaluated 96 times by 1 test Evaluated by: test_kex

64-96

154

TAILQ_REMOVE(&ssh->private_keys, k, next);

never executed: (k)->next.tqe_next->next.tqe_prev = (k)->next.tqe_prev;

executed 64 times by 1 test: (&ssh->private_keys)->tqh_last = (k)->next.tqe_prev;

Executed by:

test_kex

((k)->next.tqe...!= ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 64 times by 1 test Evaluated by: test_kex

0-64

155 free(k); -

156

}

executed 64 times by 1 test: end of block

Executed by:

test_kex

157

if (ssh->kex)

ssh->kex	Description
TRUE	evaluated 96 times by 1 test Evaluated by: test_kex
FALSE	never evaluated

0-96

158

kex_free(ssh->kex);

executed 96 times by 1 test: kex_free(ssh->kex);

Executed by:

test_kex

159 free(ssh); -

160

}

executed 96 times by 1 test: end of block

Executed by:

test_kex

161 -

162 void -

163 ssh_set_app_data(struct ssh *ssh, void *app_data) -

164 { -

165 ssh->app_data = app_data; -

166

}

never executed: end of block

167 -

168 void * -

169 ssh_get_app_data(struct ssh *ssh) -

170 { -

171

return ssh->app_data;

never executed: return ssh->app_data;

172 } -

173 -

174 /* Returns < 0 on error, 0 otherwise */ -

175 int -

176 ssh_add_hostkey(struct ssh *ssh, struct sshkey *key) -

177 { -

178 struct sshkey *pubkey = NULL; -

179 struct key_entry *k = NULL, *k_prv = NULL; -

180 int r; -

181 -

182

if (ssh->kex->server) {

ssh->kex->server	Description
TRUE	evaluated 64 times by 1 test Evaluated by: test_kex
FALSE	evaluated 32 times by 1 test Evaluated by: test_kex

32-64

183

if ((r = sshkey_from_private(key, &pubkey)) != 0)

(r = sshkey_fr...&pubkey)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 64 times by 1 test Evaluated by: test_kex

0-64

184

return r;

never executed: return r;

185

if ((k = malloc(sizeof(*k))) == NULL ||

(k = malloc(si...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 64 times by 1 test Evaluated by: test_kex

0-64

186

(k_prv = malloc(sizeof(*k_prv))) == NULL) {

(k_prv = mallo...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 64 times by 1 test Evaluated by: test_kex

0-64

187 free(k); -

188 sshkey_free(pubkey); -

189

return SSH_ERR_ALLOC_FAIL;

never executed: return -2;

190 } -

191 k_prv->key = key; -

192 TAILQ_INSERT_TAIL(&ssh->private_keys, k_prv, next); -

193 -

194 /* add the public key, too */ -

195 k->key = pubkey; -

196 TAILQ_INSERT_TAIL(&ssh->public_keys, k, next); -

197 r = 0; -

198

} else {

executed 64 times by 1 test: end of block

Executed by:

test_kex

199

if ((k = malloc(sizeof(*k))) == NULL)

(k = malloc(si...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 32 times by 1 test Evaluated by: test_kex

0-32

200

return SSH_ERR_ALLOC_FAIL;

never executed: return -2;

201 k->key = key; -

202 TAILQ_INSERT_TAIL(&ssh->public_keys, k, next); -

203 r = 0; -

204

}

executed 32 times by 1 test: end of block

Executed by:

test_kex

205 -

206

return r;

executed 96 times by 1 test: return r;

Executed by:

test_kex

207 } -

208 -

209 int -

210 ssh_set_verify_host_key_callback(struct ssh *ssh, -

211 int (*cb)(struct sshkey *, struct ssh *)) -

212 { -

213

if (cb == NULL || ssh->kex == NULL)

cb == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

ssh->kex == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

214

return SSH_ERR_INVALID_ARGUMENT;

never executed: return -10;

215 -

216 ssh->kex->verify_host_key = cb; -

217 -

218

return 0;

never executed: return 0;

219 } -

220 -

221 int -

222 ssh_input_append(struct ssh *ssh, const u_char *data, size_t len) -

223 { -

224

return sshbuf_put(ssh_packet_get_input(ssh), data, len);

executed 848 times by 1 test: return sshbuf_put(ssh_packet_get_input(ssh), data, len);

Executed by:

test_kex

848

225 } -

226 -

227 int -

228 ssh_packet_next(struct ssh *ssh, u_char *typep) -

229 { -

230 int r; -

231 u_int32_t seqnr; -

232 u_char type; -

233 -

234 /* -

235 * Try to read a packet. Return SSH_MSG_NONE if no packet or not -

236 * enough data. -

237 */ -

238 *typep = SSH_MSG_NONE; -

239

if (ssh->kex->client_version_string == NULL ||

ssh->kex->clie...== ((void *)0)	Description
TRUE	evaluated 128 times by 1 test Evaluated by: test_kex
FALSE	evaluated 1952 times by 1 test Evaluated by: test_kex

128-1952

240

ssh->kex->server_version_string == NULL)

ssh->kex->serv...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 1952 times by 1 test Evaluated by: test_kex

0-1952

241

return _ssh_exchange_banner(ssh);

executed 128 times by 1 test: return _ssh_exchange_banner(ssh);

Executed by:

test_kex

128

242 /* -

243 * If we enough data and a dispatch function then -

244 * call the function and get the next packet. -

245 * Otherwise return the packet type to the caller so it -

246 * can decide how to go on. -

247 * -

248 * We will only call the dispatch function for: -

249 * 20-29 Algorithm negotiation -

250 * 30-49 Key exchange method specific (numbers can be reused for -

251 * different authentication methods) -

252 */ -

253 for (;;) { -

254

if ((r = ssh_packet_read_poll2(ssh, &type, &seqnr)) != 0)

(r = ssh_packe... &seqnr)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 2992 times by 1 test Evaluated by: test_kex

0-2992

255

return r;

never executed: return r;

256

if (type > 0 && type < DISPATCH_MAX &&

type > 0	Description
TRUE	evaluated 1040 times by 1 test Evaluated by: test_kex
FALSE	evaluated 1952 times by 1 test Evaluated by: test_kex

type < 255	Description
TRUE	evaluated 1040 times by 1 test Evaluated by: test_kex
FALSE	never evaluated

0-1952

257

type >= SSH2_MSG_KEXINIT && type <= SSH2_MSG_TRANSPORT_MAX &&

type >= 20	Description
TRUE	evaluated 1040 times by 1 test Evaluated by: test_kex
FALSE	never evaluated

type <= 49	Description
TRUE	evaluated 1040 times by 1 test Evaluated by: test_kex
FALSE	never evaluated

0-1040

258

ssh->dispatch[type] != NULL) {

ssh->dispatch[...!= ((void *)0)	Description
TRUE	evaluated 1040 times by 1 test Evaluated by: test_kex
FALSE	never evaluated

0-1040

259

if ((r = (*ssh->dispatch[type])(type, seqnr, ssh)) != 0)

(r = (*ssh->di...nr, ssh)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 1040 times by 1 test Evaluated by: test_kex

0-1040

260

return r;

never executed: return r;

261

} else {

executed 1040 times by 1 test: end of block

Executed by:

test_kex

1040

262 *typep = type; -

263

return 0;

executed 1952 times by 1 test: return 0;

Executed by:

test_kex

1952

264 } -

265 } -

266

}

never executed: end of block

267 -

268 const u_char * -

269 ssh_packet_payload(struct ssh *ssh, size_t *lenp) -

270 { -

271

return sshpkt_ptr(ssh, lenp);

never executed: return sshpkt_ptr(ssh, lenp);

272 } -

273 -

274 int -

275 ssh_packet_put(struct ssh *ssh, int type, const u_char *data, size_t len) -

276 { -

277 int r; -

278 -

279

if ((r = sshpkt_start(ssh, type)) != 0 ||

(r = sshpkt_st...h, type)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

280

(r = sshpkt_put(ssh, data, len)) != 0 ||

(r = sshpkt_pu...ta, len)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

281

(r = sshpkt_send(ssh)) != 0)

(r = sshpkt_send(ssh)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

282

return r;

never executed: return r;

283

return 0;

never executed: return 0;

284 } -

285 -

286 const u_char * -

287 ssh_output_ptr(struct ssh *ssh, size_t *len) -

288 { -

289 struct sshbuf *output = ssh_packet_get_output(ssh); -

290 -

291 *len = sshbuf_len(output); -

292

return sshbuf_ptr(output);

executed 2080 times by 1 test: return sshbuf_ptr(output);

Executed by:

test_kex

2080

293 } -

294 -

295 int -

296 ssh_output_consume(struct ssh *ssh, size_t len) -

297 { -

298

return sshbuf_consume(ssh_packet_get_output(ssh), len);

executed 848 times by 1 test: return sshbuf_consume(ssh_packet_get_output(ssh), len);

Executed by:

test_kex

848

299 } -

300 -

301 int -

302 ssh_output_space(struct ssh *ssh, size_t len) -

303 { -

304

return (0 == sshbuf_check_reserve(ssh_packet_get_output(ssh), len));

never executed: return (0 == sshbuf_check_reserve(ssh_packet_get_output(ssh), len));

305 } -

306 -

307 int -

308 ssh_input_space(struct ssh *ssh, size_t len) -

309 { -

310

return (0 == sshbuf_check_reserve(ssh_packet_get_input(ssh), len));

never executed: return (0 == sshbuf_check_reserve(ssh_packet_get_input(ssh), len));

311 } -

312 -

313 /* Read other side's version identification. */ -

314 int -

315 _ssh_read_banner(struct ssh *ssh, char **bannerp) -

316 { -

317 struct sshbuf *input; -

318 const char *s; -

319 char buf[256], remote_version[256]; /* must be same size! */ -

320 const char *mismatch = "Protocol mismatch.\r\n"; -

321 int r, remote_major, remote_minor; -

322 size_t i, n, j, len; -

323 -

324 *bannerp = NULL; -

325 input = ssh_packet_get_input(ssh); -

326 len = sshbuf_len(input); -

327 s = (const char *)sshbuf_ptr(input); -

328 for (j = n = 0;;) { -

329

for (i = 0; i < sizeof(buf) - 1; i++) {

i < sizeof(buf) - 1	Description
TRUE	evaluated 1408 times by 1 test Evaluated by: test_kex
FALSE	never evaluated

0-1408

330

if (j >= len)

j >= len	Description
TRUE	evaluated 64 times by 1 test Evaluated by: test_kex
FALSE	evaluated 1344 times by 1 test Evaluated by: test_kex

64-1344

331

return (0);

executed 64 times by 1 test: return (0);

Executed by:

test_kex

332 buf[i] = s[j++]; -

333

if (buf[i] == '\r') {

buf[i] == '\r'	Description
TRUE	evaluated 64 times by 1 test Evaluated by: test_kex
FALSE	evaluated 1280 times by 1 test Evaluated by: test_kex

64-1280

334 buf[i] = '\n'; -

335 buf[i + 1] = 0; -

336

continue; /**XXX wait for \n */

executed 64 times by 1 test: continue;

Executed by:

test_kex

337 } -

338

if (buf[i] == '\n') {

buf[i] == '\n'	Description
TRUE	evaluated 64 times by 1 test Evaluated by: test_kex
FALSE	evaluated 1216 times by 1 test Evaluated by: test_kex

64-1216

339 buf[i + 1] = 0; -

340

break;

executed 64 times by 1 test: break;

Executed by:

test_kex

341 } -

342

}

executed 1216 times by 1 test: end of block

Executed by:

test_kex

1216

343 buf[sizeof(buf) - 1] = 0; -

344

if (strncmp(buf, "SSH-", 4) == 0)

never executed: __result = (((const unsigned char *) (const char *) ( buf ))[3] - __s2[3]);

never executed: end of block

never executed: __result = (((const unsigned char *) (const char *) ( "SSH-" ))[3] - __s2[3]);

never executed: end of block

(__extension__..." , 4 ))) == 0	Description
TRUE	evaluated 64 times by 1 test Evaluated by: test_kex
FALSE	never evaluated

__builtin_constant_p ( 4 )	Description
TRUE	evaluated 64 times by 1 test Evaluated by: test_kex
FALSE	never evaluated

__builtin_constant_p ( buf )	Description
TRUE	never evaluated
FALSE	evaluated 64 times by 1 test Evaluated by: test_kex

strlen ( buf )...size_t) ( 4 ))	Description
TRUE	never evaluated
FALSE	never evaluated

__builtin_cons...t_p ( "SSH-" )	Description
TRUE	evaluated 64 times by 1 test Evaluated by: test_kex
FALSE	never evaluated

strlen ( "SSH-...size_t) ( 4 ))	Description
TRUE	never evaluated
FALSE	evaluated 64 times by 1 test Evaluated by: test_kex

__s1_len > 0	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s1_len > 1	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s1_len > 2	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s2_len > 0	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s2_len > 1	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s2_len > 2	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

0-64

345

break;

executed 64 times by 1 test: break;

Executed by:

test_kex

346 debug("ssh_exchange_identification: %s", buf); -

347

if (ssh->kex->server || ++n > 65536) {

ssh->kex->server	Description
TRUE	never evaluated
FALSE	never evaluated

++n > 65536	Description
TRUE	never evaluated
FALSE	never evaluated

348

if ((r = sshbuf_put(ssh_packet_get_output(ssh),

(r = sshbuf_pu...smatch))) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

349

mismatch, strlen(mismatch))) != 0)

(r = sshbuf_pu...smatch))) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

350

return r;

never executed: return r;

351

return SSH_ERR_NO_PROTOCOL_VERSION;

never executed: return -38;

352 } -

353

}

never executed: end of block

354

if ((r = sshbuf_consume(input, j)) != 0)

(r = sshbuf_co...nput, j)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 64 times by 1 test Evaluated by: test_kex

0-64

355

return r;

never executed: return r;

356 -

357 /* -

358 * Check that the versions match. In future this might accept -

359 * several versions and set appropriate flags to handle them. -

360 */ -

361

if (sscanf(buf, "SSH-%d.%d-%[^\n]\n",

sscanf(buf, "S..._version) != 3	Description
TRUE	never evaluated
FALSE	evaluated 64 times by 1 test Evaluated by: test_kex

0-64

362

&remote_major, &remote_minor, remote_version) != 3)

sscanf(buf, "S..._version) != 3	Description
TRUE	never evaluated
FALSE	evaluated 64 times by 1 test Evaluated by: test_kex

0-64

363

return SSH_ERR_INVALID_FORMAT;

never executed: return -4;

364 debug("Remote protocol version %d.%d, remote software version %.100s", -

365 remote_major, remote_minor, remote_version); -

366 -

367 ssh->compat = compat_datafellows(remote_version); -

368

if (remote_major == 1 && remote_minor == 99) {

remote_major == 1	Description
TRUE	never evaluated
FALSE	evaluated 64 times by 1 test Evaluated by: test_kex

remote_minor == 99	Description
TRUE	never evaluated
FALSE	never evaluated

0-64

369 remote_major = 2; -

370 remote_minor = 0; -

371

}

never executed: end of block

372

if (remote_major != 2)

remote_major != 2	Description
TRUE	never evaluated
FALSE	evaluated 64 times by 1 test Evaluated by: test_kex

0-64

373

return SSH_ERR_PROTOCOL_MISMATCH;

never executed: return -37;

374 chop(buf); -

375 debug("Remote version string %.100s", buf); -

376

if ((*bannerp = strdup(buf)) == NULL)

never executed: __retval = (char *) memcpy (__retval, buf , __len);

(bannerp = (_...== ((void )0)	Description
TRUE	never evaluated
FALSE	evaluated 64 times by 1 test Evaluated by: test_kex

__retval != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

((const char *... ))[0] == '\0'	Description
TRUE	never evaluated
FALSE	never evaluated

__builtin_constant_p ( buf )	Description
TRUE	never evaluated
FALSE	evaluated 64 times by 1 test Evaluated by: test_kex

((size_t)(cons...)( buf ) == 1)	Description
TRUE	never evaluated
FALSE	never evaluated

0-64

377

return SSH_ERR_ALLOC_FAIL;

never executed: return -2;

378

return 0;

executed 64 times by 1 test: return 0;

Executed by:

test_kex

379 } -

380 -

381 /* Send our own protocol version identification. */ -

382 int -

383 _ssh_send_banner(struct ssh *ssh, char **bannerp) -

384 { -

385 char buf[256]; -

386 int r; -

387 -

388 snprintf(buf, sizeof buf, "SSH-2.0-%.100s\r\n", SSH_VERSION); -

389

if ((r = sshbuf_put(ssh_packet_get_output(ssh), buf, strlen(buf))) != 0)

(r = sshbuf_pu...en(buf))) != 0	Description
TRUE	never evaluated
FALSE	evaluated 64 times by 1 test Evaluated by: test_kex

0-64

390

return r;

never executed: return r;

391 chop(buf); -

392 debug("Local version string %.100s", buf); -

393

if ((*bannerp = strdup(buf)) == NULL)

never executed: __retval = (char *) memcpy (__retval, buf , __len);

(bannerp = (_...== ((void )0)	Description
TRUE	never evaluated
FALSE	evaluated 64 times by 1 test Evaluated by: test_kex

__retval != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

((const char *... ))[0] == '\0'	Description
TRUE	never evaluated
FALSE	never evaluated

__builtin_constant_p ( buf )	Description
TRUE	never evaluated
FALSE	evaluated 64 times by 1 test Evaluated by: test_kex

((size_t)(cons...)( buf ) == 1)	Description
TRUE	never evaluated
FALSE	never evaluated

0-64

394

return SSH_ERR_ALLOC_FAIL;

never executed: return -2;

395

return 0;

executed 64 times by 1 test: return 0;

Executed by:

test_kex

396 } -

397 -

398 int -

399 _ssh_exchange_banner(struct ssh *ssh) -

400 { -

401 struct kex *kex = ssh->kex; -

402 int r; -

403 -

404 /* -

405 * if _ssh_read_banner() cannot parse a full version string -

406 * it will return NULL and we end up calling it again. -

407 */ -

408 -

409 r = 0; -

410

if (kex->server) {

kex->server	Description
TRUE	evaluated 96 times by 1 test Evaluated by: test_kex
FALSE	evaluated 32 times by 1 test Evaluated by: test_kex

32-96

411

if (kex->server_version_string == NULL)

kex->server_ve...== ((void *)0)	Description
TRUE	evaluated 32 times by 1 test Evaluated by: test_kex
FALSE	evaluated 64 times by 1 test Evaluated by: test_kex

32-64

412

r = _ssh_send_banner(ssh, &kex->server_version_string);

executed 32 times by 1 test: r = _ssh_send_banner(ssh, &kex->server_version_string);

Executed by:

test_kex

413

if (r == 0 &&

r == 0	Description
TRUE	evaluated 96 times by 1 test Evaluated by: test_kex
FALSE	never evaluated

0-96

414

kex->server_version_string != NULL &&

kex->server_ve...!= ((void *)0)	Description
TRUE	evaluated 96 times by 1 test Evaluated by: test_kex
FALSE	never evaluated

0-96

415

kex->client_version_string == NULL)

kex->client_ve...== ((void *)0)	Description
TRUE	evaluated 96 times by 1 test Evaluated by: test_kex
FALSE	never evaluated

0-96

416

r = _ssh_read_banner(ssh, &kex->client_version_string);

executed 96 times by 1 test: r = _ssh_read_banner(ssh, &kex->client_version_string);

Executed by:

test_kex

417

} else {

executed 96 times by 1 test: end of block

Executed by:

test_kex

418

if (kex->server_version_string == NULL)

kex->server_ve...== ((void *)0)	Description
TRUE	evaluated 32 times by 1 test Evaluated by: test_kex
FALSE	never evaluated

0-32

419

r = _ssh_read_banner(ssh, &kex->server_version_string);

executed 32 times by 1 test: r = _ssh_read_banner(ssh, &kex->server_version_string);

Executed by:

test_kex

420

if (r == 0 &&

r == 0	Description
TRUE	evaluated 32 times by 1 test Evaluated by: test_kex
FALSE	never evaluated

0-32

421

kex->server_version_string != NULL &&

kex->server_ve...!= ((void *)0)	Description
TRUE	evaluated 32 times by 1 test Evaluated by: test_kex
FALSE	never evaluated

0-32

422

kex->client_version_string == NULL)

kex->client_ve...== ((void *)0)	Description
TRUE	evaluated 32 times by 1 test Evaluated by: test_kex
FALSE	never evaluated

0-32

423

r = _ssh_send_banner(ssh, &kex->client_version_string);

executed 32 times by 1 test: r = _ssh_send_banner(ssh, &kex->client_version_string);

Executed by:

test_kex

424

}

executed 32 times by 1 test: end of block

Executed by:

test_kex

425

if (r != 0)

r != 0	Description
TRUE	never evaluated
FALSE	evaluated 128 times by 1 test Evaluated by: test_kex

0-128

426

return r;

never executed: return r;

427 /* start initial kex as soon as we have exchanged the banners */ -

428

if (kex->server_version_string != NULL &&

kex->server_ve...!= ((void *)0)	Description
TRUE	evaluated 128 times by 1 test Evaluated by: test_kex
FALSE	never evaluated

0-128

429

kex->client_version_string != NULL) {

kex->client_ve...!= ((void *)0)	Description
TRUE	evaluated 64 times by 1 test Evaluated by: test_kex
FALSE	evaluated 64 times by 1 test Evaluated by: test_kex

430

if ((r = _ssh_order_hostkeyalgs(ssh)) != 0 ||

(r = _ssh_orde...lgs(ssh)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 64 times by 1 test Evaluated by: test_kex

0-64

431

(r = kex_send_kexinit(ssh)) != 0)

(r = kex_send_...nit(ssh)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 64 times by 1 test Evaluated by: test_kex

0-64

432

return r;

never executed: return r;

433

}

executed 64 times by 1 test: end of block

Executed by:

test_kex

434

return 0;

executed 128 times by 1 test: return 0;

Executed by:

test_kex

128

435 } -

436 -

437 struct sshkey * -

438 _ssh_host_public_key(int type, int nid, struct ssh *ssh) -

439 { -

440 struct key_entry *k; -

441 -

442 debug3("%s: need %d", __func__, type); -

443

TAILQ_FOREACH(k, &ssh->public_keys, next) {

(k) != ((void *)0)	Description
TRUE	evaluated 160 times by 1 test Evaluated by: test_kex
FALSE	never evaluated

0-160

444 debug3("%s: check %s", __func__, sshkey_type(k->key)); -

445

if (k->key->type == type &&

k->key->type == type	Description
TRUE	evaluated 160 times by 1 test Evaluated by: test_kex
FALSE	never evaluated

0-160

446

(type != KEY_ECDSA || k->key->ecdsa_nid == nid))

type != KEY_ECDSA	Description
TRUE	evaluated 120 times by 1 test Evaluated by: test_kex
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

k->key->ecdsa_nid == nid	Description
TRUE	evaluated 40 times by 1 test Evaluated by: test_kex
FALSE	never evaluated

0-120

447

return (k->key);

executed 160 times by 1 test: return (k->key);

Executed by:

test_kex

160

448

}

never executed: end of block

449

return (NULL);

never executed: return ( ((void *)0) );

450 } -

451 -

452 struct sshkey * -

453 _ssh_host_private_key(int type, int nid, struct ssh *ssh) -

454 { -

455 struct key_entry *k; -

456 -

457 debug3("%s: need %d", __func__, type); -

458

TAILQ_FOREACH(k, &ssh->private_keys, next) {

(k) != ((void *)0)	Description
TRUE	evaluated 160 times by 1 test Evaluated by: test_kex
FALSE	never evaluated

0-160

459 debug3("%s: check %s", __func__, sshkey_type(k->key)); -

460

if (k->key->type == type &&

k->key->type == type	Description
TRUE	evaluated 160 times by 1 test Evaluated by: test_kex
FALSE	never evaluated

0-160

461

(type != KEY_ECDSA || k->key->ecdsa_nid == nid))

type != KEY_ECDSA	Description
TRUE	evaluated 120 times by 1 test Evaluated by: test_kex
FALSE	evaluated 40 times by 1 test Evaluated by: test_kex

k->key->ecdsa_nid == nid	Description
TRUE	evaluated 40 times by 1 test Evaluated by: test_kex
FALSE	never evaluated

0-120

462

return (k->key);

executed 160 times by 1 test: return (k->key);

Executed by:

test_kex

160

463

}

never executed: end of block

464

return (NULL);

never executed: return ( ((void *)0) );

465 } -

466 -

467 int -

468 _ssh_verify_host_key(struct sshkey *hostkey, struct ssh *ssh) -

469 { -

470 struct key_entry *k; -

471 -

472 debug3("%s: need %s", __func__, sshkey_type(hostkey)); -

473

TAILQ_FOREACH(k, &ssh->public_keys, next) {

(k) != ((void *)0)	Description
TRUE	evaluated 160 times by 1 test Evaluated by: test_kex
FALSE	never evaluated

0-160

474 debug3("%s: check %s", __func__, sshkey_type(k->key)); -

475

if (sshkey_equal_public(hostkey, k->key))

sshkey_equal_p...stkey, k->key)	Description
TRUE	evaluated 160 times by 1 test Evaluated by: test_kex
FALSE	never evaluated

0-160

476

return (0); /* ok */

executed 160 times by 1 test: return (0);

Executed by:

test_kex

160

477

}

never executed: end of block

478

return (-1); /* failed */

never executed: return (-1);

479 } -

480 -

481 /* offer hostkey algorithms in kexinit depending on registered keys */ -

482 int -

483 _ssh_order_hostkeyalgs(struct ssh *ssh) -

484 { -

485 struct key_entry *k; -

486 char *orig, *avail, *oavail = NULL, *alg, *replace = NULL; -

487 char **proposal; -

488 size_t maxlen; -

489 int ktype, r; -

490 -

491 /* XXX we de-serialize ssh->kex->my, modify it, and change it */ -

492

if ((r = kex_buf2prop(ssh->kex->my, NULL, &proposal)) != 0)

(r = kex_buf2p...roposal)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 64 times by 1 test Evaluated by: test_kex

0-64

493

return r;

never executed: return r;

494 orig = proposal[PROPOSAL_SERVER_HOST_KEY_ALGS]; -

495

if ((oavail = avail = strdup(orig)) == NULL) {

never executed: __retval = (char *) memcpy (__retval, orig , __len);

(oavail = avai...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 64 times by 1 test Evaluated by: test_kex

__retval != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

((const char *... ))[0] == '\0'	Description
TRUE	never evaluated
FALSE	never evaluated

__builtin_constant_p ( orig )	Description
TRUE	never evaluated
FALSE	evaluated 64 times by 1 test Evaluated by: test_kex

((size_t)(cons...( orig ) == 1)	Description
TRUE	never evaluated
FALSE	never evaluated

0-64

496 r = SSH_ERR_ALLOC_FAIL; -

497

goto out;

never executed: goto out;

498 } -

499 maxlen = strlen(avail) + 1; -

500

if ((replace = calloc(1, maxlen)) == NULL) {

(replace = cal...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 64 times by 1 test Evaluated by: test_kex

0-64

501 r = SSH_ERR_ALLOC_FAIL; -

502

goto out;

never executed: goto out;

503 } -

504 *replace = '\0'; -

505

while ((alg = strsep(&avail, ",")) && *alg != '\0') {

(alg = __exten..., "," )); }) )	Description
TRUE	evaluated 64 times by 1 test Evaluated by: test_kex
FALSE	evaluated 64 times by 1 test Evaluated by: test_kex

*alg != '\0'	Description
TRUE	evaluated 64 times by 1 test Evaluated by: test_kex
FALSE	never evaluated

0-64

506

if ((ktype = sshkey_type_from_name(alg)) == KEY_UNSPEC)

(ktype = sshke... == KEY_UNSPEC	Description
TRUE	never evaluated
FALSE	evaluated 64 times by 1 test Evaluated by: test_kex

0-64

507

continue;

never executed: continue;

508

TAILQ_FOREACH(k, &ssh->public_keys, next) {

(k) != ((void *)0)	Description
TRUE	evaluated 64 times by 1 test Evaluated by: test_kex
FALSE	never evaluated

0-64

509

if (k->key->type == ktype ||

k->key->type == ktype	Description
TRUE	evaluated 64 times by 1 test Evaluated by: test_kex
FALSE	never evaluated

0-64

510

(sshkey_is_cert(k->key) && k->key->type ==

sshkey_is_cert(k->key)	Description
TRUE	never evaluated
FALSE	never evaluated

k->key->type =...e_plain(ktype)	Description
TRUE	never evaluated
FALSE	never evaluated

511

sshkey_type_plain(ktype))) {

k->key->type =...e_plain(ktype)	Description
TRUE	never evaluated
FALSE	never evaluated

512

if (*replace != '\0')

*replace != '\0'	Description
TRUE	never evaluated
FALSE	evaluated 64 times by 1 test Evaluated by: test_kex

0-64

513

strlcat(replace, ",", maxlen);

never executed: strlcat(replace, ",", maxlen);

514 strlcat(replace, alg, maxlen); -

515

break;

executed 64 times by 1 test: break;

Executed by:

test_kex

516 } -

517

}

never executed: end of block

518

}

executed 64 times by 1 test: end of block

Executed by:

test_kex

519

if (*replace != '\0') {

*replace != '\0'	Description
TRUE	evaluated 64 times by 1 test Evaluated by: test_kex
FALSE	never evaluated

0-64

520 debug2("%s: orig/%d %s", __func__, ssh->kex->server, orig); -

521 debug2("%s: replace/%d %s", __func__, ssh->kex->server, replace); -

522 free(orig); -

523 proposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = replace; -

524 replace = NULL; /* owned by proposal */ -

525 r = kex_prop2buf(ssh->kex->my, proposal); -

526

}

executed 64 times by 1 test: end of block

Executed by:

test_kex

527

out:

code before this statement executed 64 times by 1 test: out:

Executed by:

test_kex

528 free(oavail); -

529 free(replace); -

530 kex_prop_free(proposal); -

531

return r;

executed 64 times by 1 test: return r;

Executed by:

test_kex

532 } -

533 -

534 int -

535 _ssh_host_key_sign(struct sshkey *privkey, struct sshkey *pubkey, -

536 u_char **signature, size_t *slen, const u_char *data, size_t dlen, -

537 const char *alg, u_int compat) -

538 { -

539

return sshkey_sign(privkey, signature, slen, data, dlen, alg, compat);

executed 160 times by 1 test: return sshkey_sign(privkey, signature, slen, data, dlen, alg, compat);

Executed by:

test_kex

160

540 } -

Source code

Switch to Preprocessed file

Generated by Squish Coco 4.2.2