OpenCoverage

kexdhc.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/openssh/src/kexdhc.c
Switch to Source codePreprocessed file
LineSourceCount
1-
2-
3-
4-
5-
6-
7-
8-
9-
10-
11-
12-
13-
14static int input_kex_dh(int, u_int32_t, struct ssh *);-
15-
16int-
17kexdh_client(struct ssh *ssh)-
18{-
19 struct kex *kex = ssh->kex;-
20 int r;-
21 const BIGNUM *pub_key;-
22-
23-
24 switch (kex->kex_type) {-
25 case
executed 20 times by 1 test: case KEX_DH_GRP1_SHA1:
Executed by:
  • test_kex
KEX_DH_GRP1_SHA1:
executed 20 times by 1 test: case KEX_DH_GRP1_SHA1:
Executed by:
  • test_kex
20
26 kex->dh = dh_new_group1();-
27 break;
executed 20 times by 1 test: break;
Executed by:
  • test_kex
20
28 case
executed 20 times by 1 test: case KEX_DH_GRP14_SHA1:
Executed by:
  • test_kex
KEX_DH_GRP14_SHA1:
executed 20 times by 1 test: case KEX_DH_GRP14_SHA1:
Executed by:
  • test_kex
20
29 case
never executed: case KEX_DH_GRP14_SHA256:
KEX_DH_GRP14_SHA256:
never executed: case KEX_DH_GRP14_SHA256:
0
30 kex->dh = dh_new_group14();-
31 break;
executed 20 times by 1 test: break;
Executed by:
  • test_kex
20
32 case
never executed: case KEX_DH_GRP16_SHA512:
KEX_DH_GRP16_SHA512:
never executed: case KEX_DH_GRP16_SHA512:
0
33 kex->dh = dh_new_group16();-
34 break;
never executed: break;
0
35 case
never executed: case KEX_DH_GRP18_SHA512:
KEX_DH_GRP18_SHA512:
never executed: case KEX_DH_GRP18_SHA512:
0
36 kex->dh = dh_new_group18();-
37 break;
never executed: break;
0
38 default
never executed: default:
:
never executed: default:
0
39 r = -10;-
40 goto
never executed: goto out;
out;
never executed: goto out;
0
41 }-
42 if (kex->dh ==
kex->dh == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
43 ((void *)0)
kex->dh == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
44 ) {-
45 r = -2;-
46 goto
never executed: goto out;
out;
never executed: goto out;
0
47 }-
48 debug("sending SSH2_MSG_KEXDH_INIT");-
49 if ((
(r = dh_gen_ke...eed * 8)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0
(r = dh_gen_ke...eed * 8)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
)
0-40
50 goto
never executed: goto out;
out;
never executed: goto out;
0
51 DH_get0_key(kex->dh, &pub_key, -
52 ((void *)0)-
53 );-
54 if ((
(r = sshpkt_st...ssh, 30)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
r = sshpkt_start(ssh, 30)) != 0
(r = sshpkt_st...ssh, 30)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
||
0-40
55 (
(r = sshpkt_pu...pub_key)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
r = sshpkt_put_bignum2(ssh, pub_key)) != 0
(r = sshpkt_pu...pub_key)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
||
0-40
56 (
(r = sshpkt_send(ssh)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
r = sshpkt_send(ssh)) != 0
(r = sshpkt_send(ssh)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
)
0-40
57 goto
never executed: goto out;
out;
never executed: goto out;
0
58-
59-
60-
61-
62-
63-
64 debug("expecting SSH2_MSG_KEXDH_REPLY");-
65 ssh_dispatch_set(ssh, 31, &input_kex_dh);-
66 r = 0;-
67 out:
code before this statement executed 40 times by 1 test: out:
Executed by:
  • test_kex
40
68 return
executed 40 times by 1 test: return r;
Executed by:
  • test_kex
r;
executed 40 times by 1 test: return r;
Executed by:
  • test_kex
40
69}-
70-
71static int-
72input_kex_dh(int type, u_int32_t seq, struct ssh *ssh)-
73{-
74 struct kex *kex = ssh->kex;-
75 BIGNUM *dh_server_pub = -
76 ((void *)0)-
77 , *shared_secret = -
78 ((void *)0)-
79 ;-
80 const BIGNUM *pub_key;-
81 struct sshkey *server_host_key = -
82 ((void *)0)-
83 ;-
84 u_char *kbuf = -
85 ((void *)0)-
86 , *server_host_key_blob = -
87 ((void *)0)-
88 , *signature = -
89 ((void *)0)-
90 ;-
91 u_char hash[64];-
92 size_t klen = 0, slen, sbloblen, hashlen;-
93 int kout, r;-
94-
95 if (kex->verify_host_key ==
kex->verify_ho...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
96 ((void *)0)
kex->verify_ho...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
97 ) {-
98 r = -10;-
99 goto
never executed: goto out;
out;
never executed: goto out;
0
100 }-
101-
102 if ((
(r = sshpkt_ge...bloblen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
r = sshpkt_get_string(ssh, &server_host_key_blob,
(r = sshpkt_ge...bloblen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
103 &sbloblen)) != 0
(r = sshpkt_ge...bloblen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
||
0-40
104 (
(r = sshkey_fr...ost_key)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
r = sshkey_from_blob(server_host_key_blob, sbloblen,
(r = sshkey_fr...ost_key)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
105 &server_host_key)) != 0
(r = sshkey_fr...ost_key)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
)
0-40
106 goto
never executed: goto out;
out;
never executed: goto out;
0
107 if (server_host_key->type != kex->hostkey_type
server_host_ke...->hostkey_typeDescription
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
||
0-40
108 (kex->hostkey_type == KEY_ECDSA
kex->hostkey_type == KEY_ECDSADescription
TRUEevaluated 10 times by 1 test
Evaluated by:
  • test_kex
FALSEevaluated 30 times by 1 test
Evaluated by:
  • test_kex
&&
10-30
109 server_host_key->ecdsa_nid != kex->hostkey_nid
server_host_ke...x->hostkey_nidDescription
TRUEnever evaluated
FALSEevaluated 10 times by 1 test
Evaluated by:
  • test_kex
)) {
0-10
110 r = -13;-
111 goto
never executed: goto out;
out;
never executed: goto out;
0
112 }-
113 if (kex->verify_host_key(server_host_key, ssh) == -1
kex->verify_ho...ey, ssh) == -1Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
) {
0-40
114 r = -21;-
115 goto
never executed: goto out;
out;
never executed: goto out;
0
116 }-
117-
118 if ((
(dh_server_pub...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
dh_server_pub = BN_new()) ==
(dh_server_pub...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
119 ((void *)0)
(dh_server_pub...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
120 ) {-
121 r = -2;-
122 goto
never executed: goto out;
out;
never executed: goto out;
0
123 }-
124-
125 if ((
(r = sshpkt_ge...ver_pub)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
r = sshpkt_get_bignum2(ssh, dh_server_pub)) != 0
(r = sshpkt_ge...ver_pub)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
||
0-40
126 (
(r = sshpkt_ge..., &slen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
r = sshpkt_get_string(ssh, &signature, &slen)) != 0
(r = sshpkt_ge..., &slen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
||
0-40
127 (
(r = sshpkt_get_end(ssh)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
r = sshpkt_get_end(ssh)) != 0
(r = sshpkt_get_end(ssh)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
)
0-40
128 goto
never executed: goto out;
out;
never executed: goto out;
0
129-
130-
131-
132-
133-
134-
135 if (!dh_pub_is_valid(kex->dh, dh_server_pub)
!dh_pub_is_val...dh_server_pub)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
) {
0-40
136 sshpkt_disconnect(ssh, "bad server public DH value");-
137 r = -3;-
138 goto
never executed: goto out;
out;
never executed: goto out;
0
139 }-
140-
141 klen = DH_size(kex->dh);-
142 if ((
(kbuf = malloc...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
kbuf = malloc(klen)) ==
(kbuf = malloc...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
143 ((void *)0)
(kbuf = malloc...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
144 ||-
145 (
(shared_secret...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
shared_secret = BN_new()) ==
(shared_secret...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
146 ((void *)0)
(shared_secret...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
147 ) {-
148 r = -2;-
149 goto
never executed: goto out;
out;
never executed: goto out;
0
150 }-
151 if ((
(kout = DH_com... kex->dh)) < 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
kout = DH_compute_key(kbuf, dh_server_pub, kex->dh)) < 0
(kout = DH_com... kex->dh)) < 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
||
0-40
152 BN_bin2bn(kbuf, kout, shared_secret) ==
BN_bin2bn(kbuf...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
153 ((void *)0)
BN_bin2bn(kbuf...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
154 ) {-
155 r = -22;-
156 goto
never executed: goto out;
out;
never executed: goto out;
0
157 }-
158-
159-
160-
161-
162-
163 DH_get0_key(kex->dh, &pub_key, -
164 ((void *)0)-
165 );-
166 hashlen = sizeof(hash);-
167 if ((
(r = kex_dh_ha...hashlen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
r = kex_dh_hash(
(r = kex_dh_ha...hashlen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
168 kex->hash_alg,
(r = kex_dh_ha...hashlen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
169 kex->client_version_string,
(r = kex_dh_ha...hashlen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
170 kex->server_version_string,
(r = kex_dh_ha...hashlen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
171 sshbuf_ptr(kex->my), sshbuf_len(kex->my),
(r = kex_dh_ha...hashlen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
172 sshbuf_ptr(kex->peer), sshbuf_len(kex->peer),
(r = kex_dh_ha...hashlen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
173 server_host_key_blob, sbloblen,
(r = kex_dh_ha...hashlen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
174 pub_key,
(r = kex_dh_ha...hashlen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
175 dh_server_pub,
(r = kex_dh_ha...hashlen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
176 shared_secret,
(r = kex_dh_ha...hashlen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
177 hash, &hashlen)) != 0
(r = kex_dh_ha...hashlen)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
)
0-40
178 goto
never executed: goto out;
out;
never executed: goto out;
0
179-
180 if ((
(r = sshkey_ve...>compat)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
r = sshkey_verify(server_host_key, signature, slen, hash, hashlen,
(r = sshkey_ve...>compat)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
0-40
181 kex->hostkey_alg, ssh->compat)) != 0
(r = sshkey_ve...>compat)) != 0Description
TRUEnever evaluated
FALSEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
)
0-40
182 goto
never executed: goto out;
out;
never executed: goto out;
0
183-
184-
185 if (kex->session_id ==
kex->session_id == ((void *)0)Description
TRUEevaluated 8 times by 1 test
Evaluated by:
  • test_kex
FALSEevaluated 32 times by 1 test
Evaluated by:
  • test_kex
8-32
186 ((void *)0)
kex->session_id == ((void *)0)Description
TRUEevaluated 8 times by 1 test
Evaluated by:
  • test_kex
FALSEevaluated 32 times by 1 test
Evaluated by:
  • test_kex
8-32
187 ) {-
188 kex->session_id_len = hashlen;-
189 kex->session_id = malloc(kex->session_id_len);-
190 if (kex->session_id ==
kex->session_id == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 8 times by 1 test
Evaluated by:
  • test_kex
0-8
191 ((void *)0)
kex->session_id == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 8 times by 1 test
Evaluated by:
  • test_kex
0-8
192 ) {-
193 r = -2;-
194 goto
never executed: goto out;
out;
never executed: goto out;
0
195 }-
196 memcpy(kex->session_id, hash, kex->session_id_len);-
197 }
executed 8 times by 1 test: end of block
Executed by:
  • test_kex
8
198-
199 if ((
(r = kex_deriv..._secret)) == 0Description
TRUEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
FALSEnever evaluated
r = kex_derive_keys_bn(ssh, hash, hashlen, shared_secret)) == 0
(r = kex_deriv..._secret)) == 0Description
TRUEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
FALSEnever evaluated
)
0-40
200 r = kex_send_newkeys(ssh);
executed 40 times by 1 test: r = kex_send_newkeys(ssh);
Executed by:
  • test_kex
40
201 out:
code before this statement executed 40 times by 1 test: out:
Executed by:
  • test_kex
40
202 explicit_bzero(hash, sizeof(hash));-
203 DH_free(kex->dh);-
204 kex->dh = -
205 ((void *)0)-
206 ;-
207 BN_clear_free(dh_server_pub);-
208 if (kbuf
kbufDescription
TRUEevaluated 40 times by 1 test
Evaluated by:
  • test_kex
FALSEnever evaluated
) {
0-40
209 explicit_bzero(kbuf, klen);-
210 free(kbuf);-
211 }
executed 40 times by 1 test: end of block
Executed by:
  • test_kex
40
212 BN_clear_free(shared_secret);-
213 sshkey_free(server_host_key);-
214 free(server_host_key_blob);-
215 free(signature);-
216 return
executed 40 times by 1 test: return r;
Executed by:
  • test_kex
r;
executed 40 times by 1 test: return r;
Executed by:
  • test_kex
40
217}-
Switch to Source codePreprocessed file

Generated by Squish Coco 4.2.2