OpenCoverage

kexdhs.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/openssh/src/kexdhs.c
Switch to Source codePreprocessed file
LineSourceCount
1-
2-
3-
4-
5-
6-
7-
8-
9-
10-
11-
12-
13static int input_kex_dh_init(int, u_int32_t, struct ssh *);-
14-
15int-
16kexdh_server(struct ssh *ssh)-
17{-
18 struct kex *kex = ssh->kex;-
19 int r;-
20-
21-
22 switch (kex->kex_type) {-
23 case
executed 20 times by 1 test: case KEX_DH_GRP1_SHA1:
Executed by:
  • test_kex
 KEX_DH_GRP1_SHA1:
executed 20 times by 1 test: case KEX_DH_GRP1_SHA1:
Executed by:
  • test_kex
20
24 kex->dh = dh_new_group1();-
25 break;
executed 20 times by 1 test: break;
Executed by:
  • test_kex
20
26 case
executed 20 times by 1 test: case KEX_DH_GRP14_SHA1:
Executed by:
  • test_kex
 KEX_DH_GRP14_SHA1:
executed 20 times by 1 test: case KEX_DH_GRP14_SHA1:
Executed by:
  • test_kex
20
27 case
never executed: case KEX_DH_GRP14_SHA256:
 KEX_DH_GRP14_SHA256:
never executed: case KEX_DH_GRP14_SHA256:
0
28 kex->dh = dh_new_group14();-
29 break;
executed 20 times by 1 test: break;
Executed by:
  • test_kex
20
30 case
never executed: case KEX_DH_GRP16_SHA512:
 KEX_DH_GRP16_SHA512:
never executed: case KEX_DH_GRP16_SHA512:
0
31 kex->dh = dh_new_group16();-
32 break;
never executed: break;
0
33 case
never executed: case KEX_DH_GRP18_SHA512:
 KEX_DH_GRP18_SHA512:
never executed: case KEX_DH_GRP18_SHA512:
0
34 kex->dh = dh_new_group18();-
35 break;
never executed: break;
0
36 default
never executed: default:
:
never executed: default:
0
37 r = -10;-
38 goto
never executed: goto out;
 out;
never executed: goto out;
0
39 }-
40 if (kex->dh ==
kex->dh == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
41 ((void *)0)
kex->dh == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
42 ) {-
43 r = -2;-
44 goto
never executed: goto out;
 out;
never executed: goto out;
0
45 }-
46 if ((
(r = dh_gen_ke...eed * 8)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0
(r = dh_gen_ke...eed * 8)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
)		0-40
47 goto
never executed: goto out;
 out;
never executed: goto out;
0
48-
49 debug("expecting SSH2_MSG_KEXDH_INIT");-
50 ssh_dispatch_set(ssh, 30, &input_kex_dh_init);-
51 r = 0;-
52 out:
code before this statement executed 40 times by 1 test: out:
Executed by:
  • test_kex
40
53 return
executed 40 times by 1 test: return r;
Executed by:
  • test_kex
 r;
executed 40 times by 1 test: return r;
Executed by:
  • test_kex
40
54}-
55-
56int-
57input_kex_dh_init(int type, u_int32_t seq, struct ssh *ssh)-
58{-
59 struct kex *kex = ssh->kex;-
60 BIGNUM *shared_secret = -
61 ((void *)0)-
62 , *dh_client_pub = -
63 ((void *)0)-
64 ;-
65 const BIGNUM *pub_key;-
66 struct sshkey *server_host_public, *server_host_private;-
67 u_char *kbuf = -
68 ((void *)0)-
69 , *signature = -
70 ((void *)0)-
71 , *server_host_key_blob = -
72 ((void *)0)-
73 ;-
74 u_char hash[64];-
75 size_t sbloblen, slen;-
76 size_t klen = 0, hashlen;-
77 int kout, r;-
78-
79 if (kex->load_host_public_key ==
kex->load_host...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
80 ((void *)0)
kex->load_host...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
 		0-40
81 ||-
82 kex->load_host_private_key ==
kex->load_host...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
83 ((void *)0)
kex->load_host...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
84 ) {-
85 r = -10;-
86 goto
never executed: goto out;
 out;
never executed: goto out;
0
87 }-
88 server_host_public = kex->load_host_public_key(kex->hostkey_type,-
89 kex->hostkey_nid, ssh);-
90 server_host_private = kex->load_host_private_key(kex->hostkey_type,-
91 kex->hostkey_nid, ssh);-
92 if (server_host_public ==
server_host_pu...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
93 ((void *)0)
server_host_pu...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
94 ) {-
95 r = -36;-
96 goto
never executed: goto out;
 out;
never executed: goto out;
0
97 }-
98-
99-
100 if ((
(dh_client_pub...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
dh_client_pub = BN_new()) ==
(dh_client_pub...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
101 ((void *)0)
(dh_client_pub...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
102 ) {-
103 r = -2;-
104 goto
never executed: goto out;
 out;
never executed: goto out;
0
105 }-
106 DH_get0_key(kex->dh, &pub_key, -
107 ((void *)0)-
108 );-
109 if ((
(r = sshpkt_ge...ent_pub)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
r = sshpkt_get_bignum2(ssh, dh_client_pub)) != 0
(r = sshpkt_ge...ent_pub)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
 ||		0-40
110 (
(r = sshpkt_get_end(ssh)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
r = sshpkt_get_end(ssh)) != 0
(r = sshpkt_get_end(ssh)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
)		0-40
111 goto
never executed: goto out;
 out;
never executed: goto out;
0
112 if (!dh_pub_is_valid(kex->dh, dh_client_pub)
!dh_pub_is_val...dh_client_pub)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
) {		0-40
113 sshpkt_disconnect(ssh, "bad client public DH value");-
114 r = -3;-
115 goto
never executed: goto out;
 out;
never executed: goto out;
0
116 }-
117-
118 klen = DH_size(kex->dh);-
119 if ((
(kbuf = malloc...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
kbuf = malloc(klen)) ==
(kbuf = malloc...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
120 ((void *)0)
(kbuf = malloc...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
 		0-40
121 ||-
122 (
(shared_secret...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
shared_secret = BN_new()) ==
(shared_secret...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
123 ((void *)0)
(shared_secret...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
124 ) {-
125 r = -2;-
126 goto
never executed: goto out;
 out;
never executed: goto out;
0
127 }-
128 if ((
(kout = DH_com... kex->dh)) < 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
kout = DH_compute_key(kbuf, dh_client_pub, kex->dh)) < 0
(kout = DH_com... kex->dh)) < 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
 ||		0-40
129 BN_bin2bn(kbuf, kout, shared_secret) ==
BN_bin2bn(kbuf...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
130 ((void *)0)
BN_bin2bn(kbuf...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
131 ) {-
132 r = -22;-
133 goto
never executed: goto out;
 out;
never executed: goto out;
0
134 }-
135-
136-
137-
138 if ((
(r = sshkey_to...bloblen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
r = sshkey_to_blob(server_host_public, &server_host_key_blob,
(r = sshkey_to...bloblen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
139 &sbloblen)) != 0
(r = sshkey_to...bloblen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
)		0-40
140 goto
never executed: goto out;
 out;
never executed: goto out;
0
141-
142 hashlen = sizeof(hash);-
143 if ((
(r = kex_dh_ha...hashlen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
r = kex_dh_hash(
(r = kex_dh_ha...hashlen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
144 kex->hash_alg,
(r = kex_dh_ha...hashlen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
145 kex->client_version_string,
(r = kex_dh_ha...hashlen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
146 kex->server_version_string,
(r = kex_dh_ha...hashlen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
147 sshbuf_ptr(kex->peer), sshbuf_len(kex->peer),
(r = kex_dh_ha...hashlen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
148 sshbuf_ptr(kex->my), sshbuf_len(kex->my),
(r = kex_dh_ha...hashlen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
149 server_host_key_blob, sbloblen,
(r = kex_dh_ha...hashlen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
150 dh_client_pub,
(r = kex_dh_ha...hashlen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
151 pub_key,
(r = kex_dh_ha...hashlen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
152 shared_secret,
(r = kex_dh_ha...hashlen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
153 hash, &hashlen)) != 0
(r = kex_dh_ha...hashlen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
)		0-40
154 goto
never executed: goto out;
 out;
never executed: goto out;
0
155-
156-
157 if (kex->session_id ==
kex->session_id == ((void *)0)Description
TRUEevaluated 8 times by 1 test
Evaluated by:
  • test_kex
FALSEevaluated 32 times by 1 test
Evaluated by:
  • test_kex
8-32
158 ((void *)0)
kex->session_id == ((void *)0)Description
TRUEevaluated 8 times by 1 test
Evaluated by:
  • test_kex
FALSEevaluated 32 times by 1 test
Evaluated by:
  • test_kex
8-32
159 ) {-
160 kex->session_id_len = hashlen;-
161 kex->session_id = malloc(kex->session_id_len);-
162 if (kex->session_id ==
kex->session_id == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 8 times by 1 test
Evaluated by:
  • test_kex
0-8
163 ((void *)0)
kex->session_id == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 8 times by 1 test
Evaluated by:
  • test_kex
0-8
164 ) {-
165 r = -2;-
166 goto
never executed: goto out;
 out;
never executed: goto out;
0
167 }-
168 memcpy(kex->session_id, hash, kex->session_id_len);-
169 }
executed 8 times by 1 test: end of block
Executed by:
  • test_kex
8
170-
171-
172 if ((
(r = kex->sign...->compat)) < 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
r = kex->sign(server_host_private, server_host_public, &signature,
(r = kex->sign...->compat)) < 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
173 &slen, hash, hashlen, kex->hostkey_alg, ssh->compat)) < 0
(r = kex->sign...->compat)) < 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
)		0-40
174 goto
never executed: goto out;
 out;
never executed: goto out;
0
175-
176-
177-
178-
179 if ((
(r = sshpkt_st...ssh, 31)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
r = sshpkt_start(ssh, 31)) != 0
(r = sshpkt_st...ssh, 31)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
 ||		0-40
180 (
(r = sshpkt_pu...bloblen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
r = sshpkt_put_string(ssh, server_host_key_blob, sbloblen)) != 0
(r = sshpkt_pu...bloblen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
 ||		0-40
181 (
(r = sshpkt_pu...pub_key)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
r = sshpkt_put_bignum2(ssh, pub_key)) != 0
(r = sshpkt_pu...pub_key)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
 ||		0-40
182 (
(r = sshpkt_pu...e, slen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
r = sshpkt_put_string(ssh, signature, slen)) != 0
(r = sshpkt_pu...e, slen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
 ||		0-40
183 (
(r = sshpkt_send(ssh)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
r = sshpkt_send(ssh)) != 0
(r = sshpkt_send(ssh)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
)		0-40
184 goto
never executed: goto out;
 out;
never executed: goto out;
0
185-
186 if ((
(r = kex_deriv..._secret)) == 0Description
TRUEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
FALSEnever evaluated
r = kex_derive_keys_bn(ssh, hash, hashlen, shared_secret)) == 0
(r = kex_deriv..._secret)) == 0Description
TRUEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
FALSEnever evaluated
)		0-40
187 r = kex_send_newkeys(ssh);
executed 40 times by 1 test: r = kex_send_newkeys(ssh);
Executed by:
  • test_kex
40
188 out:
code before this statement executed 40 times by 1 test: out:
Executed by:
  • test_kex
40
189 explicit_bzero(hash, sizeof(hash));-
190 DH_free(kex->dh);-
191 kex->dh = -
192 ((void *)0)-
193 ;-
194 BN_clear_free(dh_client_pub);-
195 if (kbuf
kbufDescription
TRUEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
FALSEnever evaluated
) {		0-40
196 explicit_bzero(kbuf, klen);-
197 free(kbuf);-
198 }
executed 40 times by 1 test: end of block
Executed by:
  • test_kex
40
199 BN_clear_free(shared_secret);-
200 free(server_host_key_blob);-
201 free(signature);-
202 return
executed 40 times by 1 test: return r;
Executed by:
  • test_kex
 r;
executed 40 times by 1 test: return r;
Executed by:
  • test_kex
40
203}-
Switch to Source codePreprocessed file
Generated by Squish Coco 4.2.2