-/* $OpenBSD: kex.h,v 1.46 2007/06/07 19:37:34 pvalchev Exp $ */
+/* $OpenBSD: kex.h,v 1.47 2009/05/27 06:34:36 andreas Exp $ */
/*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
#include <openssl/evp.h>
#include <openssl/hmac.h>
+#define KEX_COOKIE_LEN 16
+
#define KEX_DH1 "diffie-hellman-group1-sha1"
#define KEX_DH14 "diffie-hellman-group14-sha1"
#define KEX_DHGEX_SHA1 "diffie-hellman-group-exchange-sha1"
KEX_DH_GRP14_SHA1,
KEX_DH_GEX_SHA1,
KEX_DH_GEX_SHA256,
+ KEX_GSS_GRP1_SHA1,
+ KEX_GSS_GRP14_SHA1,
+ KEX_GSS_GEX_SHA1,
KEX_MAX
};
Mac mac;
Comp comp;
};
+
struct Kex {
u_char *session_id;
u_int session_id_len;
sig_atomic_t done;
int flags;
const EVP_MD *evp_md;
+#ifdef GSSAPI
+ int gss_deleg_creds;
+ int gss_trust_dns;
+ char *gss_host;
+ char *gss_client;
+#endif
char *client_version_string;
char *server_version_string;
int (*verify_host_key)(Key *);
void (*kex[KEX_MAX])(Kex *);
};
+void kex_prop2buf(Buffer *, char *proposal[PROPOSAL_MAX]);
+
Kex *kex_setup(char *[PROPOSAL_MAX]);
void kex_finish(Kex *);
void kexgex_client(Kex *);
void kexgex_server(Kex *);
+#ifdef GSSAPI
+void kexgss_client(Kex *);
+void kexgss_server(Kex *);
+#endif
+
void
kex_dh_hash(char *, char *, char *, int, char *, int, u_char *, int,
BIGNUM *, BIGNUM *, BIGNUM *, u_char **, u_int *);