_libssh2_channel_locate: 93| 115|{ 94| 115| LIBSSH2_CHANNEL *channel; 95| 115| LIBSSH2_LISTENER *l; 96| | 97| 115| for(channel = _libssh2_list_first(&session->channels); 98| 115| channel; ------------------ | Branch (98:9): [True: 0, False: 115] ------------------ 99| 115| channel = _libssh2_list_next(&channel->node)) { 100| 0| if(channel->local.id == channel_id) ------------------ | Branch (100:12): [True: 0, False: 0] ------------------ 101| 0| return channel; 102| 0| } 103| | 104| | /* We didn't find the channel in the session, let's then check its 105| | listeners since each listener may have its own set of pending channels 106| | */ 107| 115| for(l = _libssh2_list_first(&session->listeners); l; ------------------ | Branch (107:55): [True: 0, False: 115] ------------------ 108| 115| l = _libssh2_list_next(&l->node)) { 109| 0| for(channel = _libssh2_list_first(&l->queue); 110| 0| channel; ------------------ | Branch (110:13): [True: 0, False: 0] ------------------ 111| 0| channel = _libssh2_list_next(&channel->node)) { 112| 0| if(channel->local.id == channel_id) ------------------ | Branch (112:16): [True: 0, False: 0] ------------------ 113| 0| return channel; 114| 0| } 115| 0| } 116| | 117| 115| return NULL; 118| 115|} _libssh2_comp_methods: 371| 980|{ 372| 980| if(session->flag.compress) ------------------ | Branch (372:8): [True: 0, False: 980] ------------------ 373| 0| return comp_methods; 374| 980| else 375| 980| return no_comp_methods; 376| 980|} libssh2_crypt_methods: 533| 1.00k|{ 534| 1.00k| return crypt_methods; 535| 1.00k|} libssh2_init: 48| 152|{ 49| 152| if(s_initialized == 0 && !(flags & LIBSSH2_INIT_NO_CRYPTO)) { ------------------ | | 544| 152|#define LIBSSH2_INIT_NO_CRYPTO 0x0001 ------------------ | Branch (49:8): [True: 152, False: 0] | Branch (49:30): [True: 152, False: 0] ------------------ 50| 152| libssh2_crypto_init(); ------------------ | | 336| 152|#define libssh2_crypto_init() _libssh2_openssl_crypto_init() ------------------ 51| 152| } 52| | 53| 152| s_initialized++; 54| 152| s_init_flags |= flags; 55| | 56| 152| return 0; 57| 152|} libssh2_exit: 61| 152|{ 62| 152| if(s_initialized == 0) ------------------ | Branch (62:8): [True: 0, False: 152] ------------------ 63| 0| return; 64| | 65| 152| s_initialized--; 66| | 67| 152| if(s_initialized == 0 && ------------------ | Branch (67:8): [True: 152, False: 0] ------------------ 68| 152| !(s_init_flags & LIBSSH2_INIT_NO_CRYPTO)) { ------------------ | | 544| 152|#define LIBSSH2_INIT_NO_CRYPTO 0x0001 ------------------ | Branch (68:8): [True: 152, False: 0] ------------------ 69| 152| libssh2_crypto_exit(); ------------------ | | 337| 152|#define libssh2_crypto_exit() _libssh2_openssl_crypto_exit() ------------------ 70| 152| } 71| 152|} _libssh2_init_if_needed: 74| 141|{ 75| 141| if(s_initialized == 0) ------------------ | Branch (75:8): [True: 0, False: 141] ------------------ 76| 0| (void)libssh2_init(0); 77| 141|} libssh2_hostkey_methods: 1307| 501|{ 1308| 501| return hostkey_methods; 1309| 501|} hostkey.c:hostkey_method_ssh_rsa_dtor: 400| 34|{ 401| 34| libssh2_rsa_ctx *rsactx = (libssh2_rsa_ctx *)(*abstract); ------------------ | | 345| 34|#define libssh2_rsa_ctx RSA ------------------ 402| 34| (void)session; 403| | 404| 34| _libssh2_rsa_free(rsactx); ------------------ | | 346| 34|#define _libssh2_rsa_free(rsactx) RSA_free(rsactx) ------------------ 405| | 406| 34| *abstract = NULL; 407| | 408| 34| return 0; 409| 34|} hostkey.c:hostkey_method_ssh_ecdsa_init: 739| 1|{ 740| 1| libssh2_ecdsa_ctx *ec_ctx = NULL; ------------------ | | 370| 1|#define libssh2_ecdsa_ctx EC_KEY ------------------ 741| 1| unsigned char *type_str, *domain, *public_key; 742| 1| size_t key_len, len; 743| 1| libssh2_curve_type type; 744| 1| struct string_buf buf; 745| | 746| 1| if(abstract && *abstract) { ------------------ | Branch (746:8): [True: 1, False: 0] | Branch (746:20): [True: 0, False: 1] ------------------ 747| 0| hostkey_method_ssh_ecdsa_dtor(session, abstract); 748| 0| *abstract = NULL; 749| 0| } 750| | 751| 1| if(hostkey_data_len < 39) { ------------------ | Branch (751:8): [True: 0, False: 1] ------------------ 752| 0| _libssh2_debug((session, LIBSSH2_TRACE_ERROR, ------------------ | | 1090| 0|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 753| 0| "host key length too short")); 754| 0| return -1; 755| 0| } 756| | 757| 1| buf.data = (unsigned char *)LIBSSH2_UNCONST(hostkey_data); ------------------ | | 131| 1|#define LIBSSH2_UNCONST(p) ((void *)(uintptr_t)(const void *)(p)) ------------------ 758| 1| buf.dataptr = buf.data; 759| 1| buf.len = hostkey_data_len; 760| | 761| 1| if(_libssh2_get_string(&buf, &type_str, &len) || len != 19) ------------------ | Branch (761:8): [True: 0, False: 1] | Branch (761:54): [True: 0, False: 1] ------------------ 762| 0| return -1; 763| | 764| 1| if(strncmp((char *)type_str, "ecdsa-sha2-nistp256", 19) == 0) { ------------------ | Branch (764:8): [True: 0, False: 1] ------------------ 765| 0| type = LIBSSH2_EC_CURVE_NISTP256; 766| 0| } 767| 1| else if(strncmp((char *)type_str, "ecdsa-sha2-nistp384", 19) == 0) { ------------------ | Branch (767:13): [True: 1, False: 0] ------------------ 768| 1| type = LIBSSH2_EC_CURVE_NISTP384; 769| 1| } 770| 0| else if(strncmp((char *)type_str, "ecdsa-sha2-nistp521", 19) == 0) { ------------------ | Branch (770:13): [True: 0, False: 0] ------------------ 771| 0| type = LIBSSH2_EC_CURVE_NISTP521; 772| 0| } 773| 0| else { 774| 0| return -1; 775| 0| } 776| | 777| 1| if(_libssh2_get_string(&buf, &domain, &len) || len != 8) ------------------ | Branch (777:8): [True: 0, False: 1] | Branch (777:52): [True: 0, False: 1] ------------------ 778| 0| return -1; 779| | 780| 1| if(type == LIBSSH2_EC_CURVE_NISTP256 && ------------------ | Branch (780:8): [True: 0, False: 1] ------------------ 781| 0| strncmp((char *)domain, "nistp256", 8) != 0) { ------------------ | Branch (781:8): [True: 0, False: 0] ------------------ 782| 0| return -1; 783| 0| } 784| 1| else if(type == LIBSSH2_EC_CURVE_NISTP384 && ------------------ | Branch (784:13): [True: 1, False: 0] ------------------ 785| 1| strncmp((char *)domain, "nistp384", 8) != 0) { ------------------ | Branch (785:13): [True: 1, False: 0] ------------------ 786| 1| return -1; 787| 1| } 788| 0| else if(type == LIBSSH2_EC_CURVE_NISTP521 && ------------------ | Branch (788:13): [True: 0, False: 0] ------------------ 789| 0| strncmp((char *)domain, "nistp521", 8) != 0) { ------------------ | Branch (789:13): [True: 0, False: 0] ------------------ 790| 0| return -1; 791| 0| } 792| | 793| | /* public key */ 794| 0| if(_libssh2_get_string(&buf, &public_key, &key_len)) ------------------ | Branch (794:8): [True: 0, False: 0] ------------------ 795| 0| return -1; 796| | 797| 0| if(!_libssh2_eob(&buf)) ------------------ | Branch (797:8): [True: 0, False: 0] ------------------ 798| 0| return -1; 799| | 800| 0| if(_libssh2_ecdsa_curve_name_with_octal_new(&ec_ctx, public_key, ------------------ | Branch (800:8): [True: 0, False: 0] ------------------ 801| 0| key_len, type)) 802| 0| return -1; 803| | 804| 0| if(abstract) ------------------ | Branch (804:8): [True: 0, False: 0] ------------------ 805| 0| *abstract = ec_ctx; 806| | 807| 0| return 0; 808| 0|} libssh2_keepalive_send: 59| 1|{ 60| 1| time_t now; 61| | 62| 1| if(!session->keepalive_interval) { ------------------ | Branch (62:8): [True: 1, False: 0] ------------------ 63| 1| if(seconds_to_next) ------------------ | Branch (63:12): [True: 1, False: 0] ------------------ 64| 1| *seconds_to_next = 0; 65| 1| return 0; 66| 1| } 67| | 68| 0| now = time(NULL); 69| | 70| 0| if(session->keepalive_last_sent + session->keepalive_interval <= now) { ------------------ | Branch (70:8): [True: 0, False: 0] ------------------ 71| | /* Format is 72| | "SSH_MSG_GLOBAL_REQUEST || 4-byte len || str || want-reply". */ 73| 0| unsigned char keepalive_data[] = 74| 0| "\x50\x00\x00\x00\x15keepalive@libssh2.orgW"; 75| 0| size_t len = sizeof(keepalive_data) - 1; 76| 0| int rc; 77| | 78| 0| keepalive_data[len - 1] = (unsigned char)session->keepalive_want_reply; 79| | 80| 0| rc = _libssh2_transport_send(session, keepalive_data, len, NULL, 0); 81| | /* Silently ignore PACKET_EAGAIN here: if the write buffer is 82| | already full, sending another keepalive is not useful. */ 83| 0| if(rc && rc != LIBSSH2_ERROR_EAGAIN) { ------------------ | | 520| 0|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (83:12): [True: 0, False: 0] | Branch (83:18): [True: 0, False: 0] ------------------ 84| 0| _libssh2_error(session, LIBSSH2_ERROR_SOCKET_SEND, ------------------ | | 488| 0|#define LIBSSH2_ERROR_SOCKET_SEND (-7) ------------------ 85| 0| "Unable to send keepalive message"); 86| 0| return rc; 87| 0| } 88| | 89| 0| session->keepalive_last_sent = now; 90| 0| if(seconds_to_next) ------------------ | Branch (90:12): [True: 0, False: 0] ------------------ 91| 0| *seconds_to_next = session->keepalive_interval; 92| 0| } 93| 0| else if(seconds_to_next) { ------------------ | Branch (93:13): [True: 0, False: 0] ------------------ 94| 0| *seconds_to_next = (int)(session->keepalive_last_sent - now) + 95| 0| session->keepalive_interval; 96| 0| } 97| | 98| 0| return 0; 99| 0|} _libssh2_kex_agree_instr: 3711| 7.21k|{ 3712| 7.21k| unsigned char *s; 3713| 7.21k| unsigned char *end_haystack; 3714| 7.21k| size_t left; 3715| | 3716| 7.21k| if(!haystack || !needle) { ------------------ | Branch (3716:8): [True: 0, False: 7.21k] | Branch (3716:21): [True: 0, False: 7.21k] ------------------ 3717| 0| return NULL; 3718| 0| } 3719| | 3720| | /* Haystack too short to bother trying */ 3721| 7.21k| if(haystack_len < needle_len || needle_len == 0) { ------------------ | Branch (3721:8): [True: 1.06k, False: 6.14k] | Branch (3721:37): [True: 0, False: 6.14k] ------------------ 3722| 1.06k| return NULL; 3723| 1.06k| } 3724| | 3725| 6.14k| s = haystack; 3726| 6.14k| end_haystack = &haystack[haystack_len]; 3727| 6.14k| left = end_haystack - s; 3728| | 3729| | /* Needle at start of haystack */ 3730| 6.14k| if((strncmp((char *)haystack, (const char *)needle, needle_len) == 0) && ------------------ | Branch (3730:8): [True: 443, False: 5.70k] ------------------ 3731| 443| (needle_len == haystack_len || haystack[needle_len] == ',')) { ------------------ | Branch (3731:9): [True: 135, False: 308] | Branch (3731:39): [True: 301, False: 7] ------------------ 3732| 436| return haystack; 3733| 436| } 3734| | 3735| | /* Search until we run out of comas or we run out of haystack, 3736| | whichever comes first */ 3737| | /* !checksrc! disable EQUALSNULL 1 */ 3738| 51.5k| while((s = (unsigned char *)memchr((char *)s, ',', left)) != NULL) { ------------------ | Branch (3738:11): [True: 49.0k, False: 2.43k] ------------------ 3739| | /* Advance buffer past coma if we can */ 3740| 49.0k| left = end_haystack - s; 3741| 49.0k| if((left >= 1) && (left <= haystack_len) && (left > needle_len)) { ------------------ | Branch (3741:12): [True: 49.0k, False: 0] | Branch (3741:27): [True: 49.0k, False: 0] | Branch (3741:53): [True: 46.8k, False: 2.27k] ------------------ 3742| 46.8k| s++; 3743| 46.8k| left--; 3744| 46.8k| } 3745| 2.27k| else { 3746| 2.27k| return NULL; 3747| 2.27k| } 3748| | 3749| | /* Needle at X position */ 3750| 46.8k| if((strncmp((char *)s, (const char *)needle, needle_len) == 0) && ------------------ | Branch (3750:12): [True: 1.09k, False: 45.7k] ------------------ 3751| 1.09k| (((s - haystack) + needle_len) == haystack_len || ------------------ | Branch (3751:13): [True: 241, False: 858] ------------------ 3752| 1.00k| s[needle_len] == ',')) { ------------------ | Branch (3752:13): [True: 760, False: 98] ------------------ 3753| 1.00k| return s; 3754| 1.00k| } 3755| 46.8k| } 3756| | 3757| 2.43k| return NULL; 3758| 5.71k|} _libssh2_kex_exchange: 4218| 174|{ 4219| 174| int rc = 0; 4220| 174| int retcode; 4221| | 4222| 174| session->state |= LIBSSH2_STATE_KEX_ACTIVE; ------------------ | | 950| 174|#define LIBSSH2_STATE_KEX_ACTIVE 0x00000010 ------------------ 4223| | 4224| 174| if(key_state->state == libssh2_NB_state_idle) { ------------------ | Branch (4224:8): [True: 173, False: 1] ------------------ 4225| | /* Prevent loop in packet_add() */ 4226| 173| session->state |= LIBSSH2_STATE_EXCHANGING_KEYS; ------------------ | | 947| 173|#define LIBSSH2_STATE_EXCHANGING_KEYS 0x00000002 ------------------ 4227| | 4228| 173| if(reexchange) { ------------------ | Branch (4228:12): [True: 34, False: 139] ------------------ 4229| 34| if(session->kex && session->kex->cleanup) { ------------------ | Branch (4229:16): [True: 34, False: 0] | Branch (4229:32): [True: 34, False: 0] ------------------ 4230| 34| session->kex->cleanup(session, &key_state->key_state_low); 4231| 34| } 4232| | 4233| 34| session->kex = NULL; 4234| | 4235| 34| if(session->hostkey && session->hostkey->dtor) { ------------------ | Branch (4235:16): [True: 34, False: 0] | Branch (4235:36): [True: 34, False: 0] ------------------ 4236| 34| session->hostkey->dtor(session, 4237| 34| &session->server_hostkey_abstract); 4238| 34| } 4239| 34| session->hostkey = NULL; 4240| 34| } 4241| | 4242| 173| key_state->state = libssh2_NB_state_created; 4243| 173| } 4244| | 4245| 174| if(!session->kex || !session->hostkey) { ------------------ | Branch (4245:8): [True: 174, False: 0] | Branch (4245:25): [True: 0, False: 0] ------------------ 4246| 174| if(key_state->state == libssh2_NB_state_created) { ------------------ | Branch (4246:12): [True: 173, False: 1] ------------------ 4247| | /* Preserve in case of failure */ 4248| 173| key_state->oldlocal = session->local.kexinit; 4249| 173| key_state->oldlocal_len = session->local.kexinit_len; 4250| | 4251| 173| session->local.kexinit = NULL; 4252| | 4253| 173| key_state->state = libssh2_NB_state_sent; 4254| 173| } 4255| | 4256| 174| if(key_state->state == libssh2_NB_state_sent) { ------------------ | Branch (4256:12): [True: 173, False: 1] ------------------ 4257| 173| retcode = kexinit(session); 4258| 173| if(retcode == LIBSSH2_ERROR_EAGAIN) { ------------------ | | 520| 173|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (4258:16): [True: 0, False: 173] ------------------ 4259| 0| session->state &= ~LIBSSH2_STATE_KEX_ACTIVE; ------------------ | | 950| 0|#define LIBSSH2_STATE_KEX_ACTIVE 0x00000010 ------------------ 4260| 0| return retcode; 4261| 0| } 4262| 173| else if(retcode) { ------------------ | Branch (4262:21): [True: 0, False: 173] ------------------ 4263| 0| session->local.kexinit = key_state->oldlocal; 4264| 0| session->local.kexinit_len = key_state->oldlocal_len; 4265| 0| key_state->state = libssh2_NB_state_idle; 4266| 0| session->state &= ~LIBSSH2_STATE_INITIAL_KEX; ------------------ | | 946| 0|#define LIBSSH2_STATE_INITIAL_KEX 0x00000001 ------------------ 4267| 0| session->state &= ~LIBSSH2_STATE_KEX_ACTIVE; ------------------ | | 950| 0|#define LIBSSH2_STATE_KEX_ACTIVE 0x00000010 ------------------ 4268| 0| session->state &= ~LIBSSH2_STATE_EXCHANGING_KEYS; ------------------ | | 947| 0|#define LIBSSH2_STATE_EXCHANGING_KEYS 0x00000002 ------------------ 4269| 0| return -1; 4270| 0| } 4271| | 4272| 173| key_state->state = libssh2_NB_state_sent1; 4273| 173| } 4274| | 4275| 174| if(key_state->state == libssh2_NB_state_sent1) { ------------------ | Branch (4275:12): [True: 174, False: 0] ------------------ 4276| 174| retcode = 4277| 174| _libssh2_packet_require(session, SSH_MSG_KEXINIT, ------------------ | | 1121| 174|#define SSH_MSG_KEXINIT 20 ------------------ 4278| 174| &key_state->data, 4279| 174| &key_state->data_len, 0, NULL, 0, 4280| 174| &key_state->req_state); 4281| 174| if(retcode == LIBSSH2_ERROR_EAGAIN) { ------------------ | | 520| 174|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (4281:16): [True: 1, False: 173] ------------------ 4282| 1| session->state &= ~LIBSSH2_STATE_KEX_ACTIVE; ------------------ | | 950| 1|#define LIBSSH2_STATE_KEX_ACTIVE 0x00000010 ------------------ 4283| 1| return retcode; 4284| 1| } 4285| 173| else if(retcode) { ------------------ | Branch (4285:21): [True: 17, False: 156] ------------------ 4286| 17| if(session->local.kexinit) { ------------------ | Branch (4286:20): [True: 17, False: 0] ------------------ 4287| 17| LIBSSH2_FREE(session, session->local.kexinit); ------------------ | | 238| 17| session->free(ptr, &(session)->abstract) ------------------ 4288| 17| } 4289| 17| session->local.kexinit = key_state->oldlocal; 4290| 17| session->local.kexinit_len = key_state->oldlocal_len; 4291| 17| key_state->state = libssh2_NB_state_idle; 4292| 17| session->state &= ~LIBSSH2_STATE_INITIAL_KEX; ------------------ | | 946| 17|#define LIBSSH2_STATE_INITIAL_KEX 0x00000001 ------------------ 4293| 17| session->state &= ~LIBSSH2_STATE_KEX_ACTIVE; ------------------ | | 950| 17|#define LIBSSH2_STATE_KEX_ACTIVE 0x00000010 ------------------ 4294| 17| session->state &= ~LIBSSH2_STATE_EXCHANGING_KEYS; ------------------ | | 947| 17|#define LIBSSH2_STATE_EXCHANGING_KEYS 0x00000002 ------------------ 4295| 17| return -1; 4296| 17| } 4297| | 4298| 156| if(session->remote.kexinit) { ------------------ | Branch (4298:16): [True: 2, False: 154] ------------------ 4299| 2| LIBSSH2_FREE(session, session->remote.kexinit); ------------------ | | 238| 2| session->free(ptr, &(session)->abstract) ------------------ 4300| 2| } 4301| 156| session->remote.kexinit = key_state->data; 4302| 156| session->remote.kexinit_len = key_state->data_len; 4303| 156| key_state->data = NULL; 4304| | 4305| 156| if(kex_agree_methods(session, session->remote.kexinit, ------------------ | Branch (4305:16): [True: 20, False: 136] ------------------ 4306| 156| session->remote.kexinit_len)) 4307| 20| rc = LIBSSH2_ERROR_KEX_FAILURE; ------------------ | | 486| 20|#define LIBSSH2_ERROR_KEX_FAILURE (-5) ------------------ 4308| | 4309| 156| key_state->state = libssh2_NB_state_sent2; 4310| 156| } 4311| 174| } 4312| 0| else { 4313| 0| key_state->state = libssh2_NB_state_sent2; 4314| 0| } 4315| | 4316| 156| if(rc == 0 && session->kex && session->kex->exchange_keys) { ------------------ | Branch (4316:8): [True: 136, False: 20] | Branch (4316:19): [True: 136, False: 0] | Branch (4316:35): [True: 136, False: 0] ------------------ 4317| 136| if(key_state->state == libssh2_NB_state_sent2) { ------------------ | Branch (4317:12): [True: 136, False: 0] ------------------ 4318| 136| retcode = session->kex->exchange_keys(session, 4319| 136| &key_state->key_state_low); 4320| 136| if(retcode == LIBSSH2_ERROR_EAGAIN) { ------------------ | | 520| 136|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (4320:16): [True: 0, False: 136] ------------------ 4321| 0| session->state &= ~LIBSSH2_STATE_KEX_ACTIVE; ------------------ | | 950| 0|#define LIBSSH2_STATE_KEX_ACTIVE 0x00000010 ------------------ 4322| 0| return retcode; 4323| 0| } 4324| 136| else if(retcode) { ------------------ | Branch (4324:21): [True: 136, False: 0] ------------------ 4325| 136| rc = _libssh2_error(session, 4326| 136| LIBSSH2_ERROR_KEY_EXCHANGE_FAILURE, ------------------ | | 489| 136|#define LIBSSH2_ERROR_KEY_EXCHANGE_FAILURE (-8) ------------------ 4327| 136| "Unrecoverable error exchanging keys"); 4328| 136| } 4329| 136| } 4330| 136| } 4331| | 4332| | /* Done with kexinit buffers */ 4333| 156| if(session->local.kexinit) { ------------------ | Branch (4333:8): [True: 154, False: 2] ------------------ 4334| 154| LIBSSH2_FREE(session, session->local.kexinit); ------------------ | | 238| 154| session->free(ptr, &(session)->abstract) ------------------ 4335| 154| session->local.kexinit = NULL; 4336| 154| } 4337| 156| if(session->remote.kexinit) { ------------------ | Branch (4337:8): [True: 154, False: 2] ------------------ 4338| 154| LIBSSH2_FREE(session, session->remote.kexinit); ------------------ | | 238| 154| session->free(ptr, &(session)->abstract) ------------------ 4339| 154| session->remote.kexinit = NULL; 4340| 154| } 4341| | 4342| 156| session->state &= ~LIBSSH2_STATE_INITIAL_KEX; ------------------ | | 946| 156|#define LIBSSH2_STATE_INITIAL_KEX 0x00000001 ------------------ 4343| 156| session->state &= ~LIBSSH2_STATE_KEX_ACTIVE; ------------------ | | 950| 156|#define LIBSSH2_STATE_KEX_ACTIVE 0x00000010 ------------------ 4344| 156| session->state &= ~LIBSSH2_STATE_EXCHANGING_KEYS; ------------------ | | 947| 156|#define LIBSSH2_STATE_EXCHANGING_KEYS 0x00000002 ------------------ 4345| | 4346| 156| key_state->state = libssh2_NB_state_idle; 4347| | 4348| 156| return rc; 4349| 156|} kex.c:kexinit: 3542| 173|{ 3543| | /* 62 = packet_type(1) + cookie(16) + first_packet_follows(1) + 3544| | reserved(4) + length longs(40) */ 3545| 173| size_t data_len = 62; 3546| 173| unsigned char *data, *s; 3547| 173| int rc; 3548| | 3549| 173| if(session->kexinit_state == libssh2_NB_state_idle) { ------------------ | Branch (3549:8): [True: 173, False: 0] ------------------ 3550| 173| uint32_t kex_len, hostkey_len; 3551| 173| uint32_t crypt_cs_len, crypt_sc_len; 3552| 173| uint32_t comp_cs_len, comp_sc_len; 3553| 173| uint32_t mac_cs_len, mac_sc_len; 3554| 173| uint32_t lang_cs_len, lang_sc_len; 3555| | 3556| 173| kex_len = LIBSSH2_METHOD_PREFS_LEN(session->kex_prefs, kex_methods); ------------------ | | 3521| 173| (uint32_t)((prefvar) ? strlen(prefvar) : \ | | ------------------ | | | Branch (3521:16): [True: 0, False: 173] | | ------------------ | | 3522| 173| kex_method_strlen((const struct common_method **)(defaultvar))) ------------------ 3557| 173| hostkey_len = LIBSSH2_METHOD_PREFS_LEN(session->hostkey_prefs, ------------------ | | 3521| 173| (uint32_t)((prefvar) ? strlen(prefvar) : \ | | ------------------ | | | Branch (3521:16): [True: 0, False: 173] | | ------------------ | | 3522| 173| kex_method_strlen((const struct common_method **)(defaultvar))) ------------------ 3558| 173| libssh2_hostkey_methods()); 3559| 173| crypt_cs_len = LIBSSH2_METHOD_PREFS_LEN(session->local.crypt_prefs, ------------------ | | 3521| 173| (uint32_t)((prefvar) ? strlen(prefvar) : \ | | ------------------ | | | Branch (3521:16): [True: 0, False: 173] | | ------------------ | | 3522| 173| kex_method_strlen((const struct common_method **)(defaultvar))) ------------------ 3560| 173| libssh2_crypt_methods()); 3561| 173| crypt_sc_len = LIBSSH2_METHOD_PREFS_LEN(session->remote.crypt_prefs, ------------------ | | 3521| 173| (uint32_t)((prefvar) ? strlen(prefvar) : \ | | ------------------ | | | Branch (3521:16): [True: 0, False: 173] | | ------------------ | | 3522| 173| kex_method_strlen((const struct common_method **)(defaultvar))) ------------------ 3562| 173| libssh2_crypt_methods()); 3563| 173| mac_cs_len = LIBSSH2_METHOD_PREFS_LEN(session->local.mac_prefs, ------------------ | | 3521| 173| (uint32_t)((prefvar) ? strlen(prefvar) : \ | | ------------------ | | | Branch (3521:16): [True: 0, False: 173] | | ------------------ | | 3522| 173| kex_method_strlen((const struct common_method **)(defaultvar))) ------------------ 3564| 173| _libssh2_mac_methods()); 3565| 173| mac_sc_len = LIBSSH2_METHOD_PREFS_LEN(session->remote.mac_prefs, ------------------ | | 3521| 173| (uint32_t)((prefvar) ? strlen(prefvar) : \ | | ------------------ | | | Branch (3521:16): [True: 0, False: 173] | | ------------------ | | 3522| 173| kex_method_strlen((const struct common_method **)(defaultvar))) ------------------ 3566| 173| _libssh2_mac_methods()); 3567| 173| comp_cs_len = LIBSSH2_METHOD_PREFS_LEN(session->local.comp_prefs, ------------------ | | 3521| 173| (uint32_t)((prefvar) ? strlen(prefvar) : \ | | ------------------ | | | Branch (3521:16): [True: 0, False: 173] | | ------------------ | | 3522| 173| kex_method_strlen((const struct common_method **)(defaultvar))) ------------------ 3568| 173| _libssh2_comp_methods(session)); 3569| 173| comp_sc_len = LIBSSH2_METHOD_PREFS_LEN(session->remote.comp_prefs, ------------------ | | 3521| 173| (uint32_t)((prefvar) ? strlen(prefvar) : \ | | ------------------ | | | Branch (3521:16): [True: 0, False: 173] | | ------------------ | | 3522| 173| kex_method_strlen((const struct common_method **)(defaultvar))) ------------------ 3570| 173| _libssh2_comp_methods(session)); 3571| 173| lang_cs_len = 3572| 173| LIBSSH2_METHOD_PREFS_LEN(session->local.lang_prefs, NULL); ------------------ | | 3521| 173| (uint32_t)((prefvar) ? strlen(prefvar) : \ | | ------------------ | | | Branch (3521:16): [True: 0, False: 173] | | ------------------ | | 3522| 173| kex_method_strlen((const struct common_method **)(defaultvar))) ------------------ 3573| 173| lang_sc_len = 3574| 173| LIBSSH2_METHOD_PREFS_LEN(session->remote.lang_prefs, NULL); ------------------ | | 3521| 173| (uint32_t)((prefvar) ? strlen(prefvar) : \ | | ------------------ | | | Branch (3521:16): [True: 0, False: 173] | | ------------------ | | 3522| 173| kex_method_strlen((const struct common_method **)(defaultvar))) ------------------ 3575| | 3576| 173| data_len += kex_len + hostkey_len + crypt_cs_len + crypt_sc_len + 3577| 173| comp_cs_len + comp_sc_len + mac_cs_len + mac_sc_len + 3578| 173| lang_cs_len + lang_sc_len; 3579| | 3580| 173| s = data = LIBSSH2_ALLOC(session, data_len); ------------------ | | 232| 173| session->alloc(count, &(session)->abstract) ------------------ 3581| 173| if(!data) { ------------------ | Branch (3581:12): [True: 0, False: 173] ------------------ 3582| 0| return _libssh2_error(session, LIBSSH2_ERROR_ALLOC, ------------------ | | 487| 0|#define LIBSSH2_ERROR_ALLOC (-6) ------------------ 3583| 0| "Unable to allocate memory"); 3584| 0| } 3585| | 3586| 173| *(s++) = SSH_MSG_KEXINIT; ------------------ | | 1121| 173|#define SSH_MSG_KEXINIT 20 ------------------ 3587| | 3588| 173| if(_libssh2_random(s, 16)) { ------------------ | | 228| 173|#define _libssh2_random(buf, len) _libssh2_openssl_random(buf, len) | | ------------------ | | | Branch (228:36): [True: 0, False: 173] | | ------------------ ------------------ 3589| 0| LIBSSH2_FREE(session, data); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 3590| 0| return _libssh2_error(session, LIBSSH2_ERROR_RANDGEN, ------------------ | | 532| 0|#define LIBSSH2_ERROR_RANDGEN (-49) ------------------ 3591| 0| "Unable to get random bytes " 3592| 0| "for KEXINIT cookie"); 3593| 0| } 3594| 173| s += 16; 3595| | 3596| | /* Ennumerating through these lists twice is probably (certainly?) 3597| | inefficient from a CPU standpoint, but it saves multiple 3598| | malloc/realloc calls */ 3599| 173| LIBSSH2_METHOD_PREFS_STR(s, kex_len, session->kex_prefs, kex_methods); ------------------ | | 3525| 173| do { \ | | 3526| 173| if(prefvar) { \ | | ------------------ | | | Branch (3526:12): [True: 0, False: 173] | | ------------------ | | 3527| 0| _libssh2_htonu32(buf, prefvarlen); \ | | 3528| 0| (buf) += 4; \ | | 3529| 0| memcpy(buf, prefvar, prefvarlen); \ | | 3530| 0| (buf) += (prefvarlen); \ | | 3531| 0| } \ | | 3532| 173| else { \ | | 3533| 173| (buf) += kex_method_list(buf, prefvarlen, \ | | 3534| 173| (const struct common_method **)(defaultvar)); \ | | 3535| 173| } \ | | 3536| 173| } while(0) | | ------------------ | | | Branch (3536:13): [Folded, False: 173] | | ------------------ ------------------ 3600| 173| LIBSSH2_METHOD_PREFS_STR(s, hostkey_len, session->hostkey_prefs, ------------------ | | 3525| 173| do { \ | | 3526| 173| if(prefvar) { \ | | ------------------ | | | Branch (3526:12): [True: 0, False: 173] | | ------------------ | | 3527| 0| _libssh2_htonu32(buf, prefvarlen); \ | | 3528| 0| (buf) += 4; \ | | 3529| 0| memcpy(buf, prefvar, prefvarlen); \ | | 3530| 0| (buf) += (prefvarlen); \ | | 3531| 0| } \ | | 3532| 173| else { \ | | 3533| 173| (buf) += kex_method_list(buf, prefvarlen, \ | | 3534| 173| (const struct common_method **)(defaultvar)); \ | | 3535| 173| } \ | | 3536| 173| } while(0) | | ------------------ | | | Branch (3536:13): [Folded, False: 173] | | ------------------ ------------------ 3601| 173| libssh2_hostkey_methods()); 3602| 173| LIBSSH2_METHOD_PREFS_STR(s, crypt_cs_len, session->local.crypt_prefs, ------------------ | | 3525| 173| do { \ | | 3526| 173| if(prefvar) { \ | | ------------------ | | | Branch (3526:12): [True: 0, False: 173] | | ------------------ | | 3527| 0| _libssh2_htonu32(buf, prefvarlen); \ | | 3528| 0| (buf) += 4; \ | | 3529| 0| memcpy(buf, prefvar, prefvarlen); \ | | 3530| 0| (buf) += (prefvarlen); \ | | 3531| 0| } \ | | 3532| 173| else { \ | | 3533| 173| (buf) += kex_method_list(buf, prefvarlen, \ | | 3534| 173| (const struct common_method **)(defaultvar)); \ | | 3535| 173| } \ | | 3536| 173| } while(0) | | ------------------ | | | Branch (3536:13): [Folded, False: 173] | | ------------------ ------------------ 3603| 173| libssh2_crypt_methods()); 3604| 173| LIBSSH2_METHOD_PREFS_STR(s, crypt_sc_len, session->remote.crypt_prefs, ------------------ | | 3525| 173| do { \ | | 3526| 173| if(prefvar) { \ | | ------------------ | | | Branch (3526:12): [True: 0, False: 173] | | ------------------ | | 3527| 0| _libssh2_htonu32(buf, prefvarlen); \ | | 3528| 0| (buf) += 4; \ | | 3529| 0| memcpy(buf, prefvar, prefvarlen); \ | | 3530| 0| (buf) += (prefvarlen); \ | | 3531| 0| } \ | | 3532| 173| else { \ | | 3533| 173| (buf) += kex_method_list(buf, prefvarlen, \ | | 3534| 173| (const struct common_method **)(defaultvar)); \ | | 3535| 173| } \ | | 3536| 173| } while(0) | | ------------------ | | | Branch (3536:13): [Folded, False: 173] | | ------------------ ------------------ 3605| 173| libssh2_crypt_methods()); 3606| 173| LIBSSH2_METHOD_PREFS_STR(s, mac_cs_len, session->local.mac_prefs, ------------------ | | 3525| 173| do { \ | | 3526| 173| if(prefvar) { \ | | ------------------ | | | Branch (3526:12): [True: 0, False: 173] | | ------------------ | | 3527| 0| _libssh2_htonu32(buf, prefvarlen); \ | | 3528| 0| (buf) += 4; \ | | 3529| 0| memcpy(buf, prefvar, prefvarlen); \ | | 3530| 0| (buf) += (prefvarlen); \ | | 3531| 0| } \ | | 3532| 173| else { \ | | 3533| 173| (buf) += kex_method_list(buf, prefvarlen, \ | | 3534| 173| (const struct common_method **)(defaultvar)); \ | | 3535| 173| } \ | | 3536| 173| } while(0) | | ------------------ | | | Branch (3536:13): [Folded, False: 173] | | ------------------ ------------------ 3607| 173| _libssh2_mac_methods()); 3608| 173| LIBSSH2_METHOD_PREFS_STR(s, mac_sc_len, session->remote.mac_prefs, ------------------ | | 3525| 173| do { \ | | 3526| 173| if(prefvar) { \ | | ------------------ | | | Branch (3526:12): [True: 0, False: 173] | | ------------------ | | 3527| 0| _libssh2_htonu32(buf, prefvarlen); \ | | 3528| 0| (buf) += 4; \ | | 3529| 0| memcpy(buf, prefvar, prefvarlen); \ | | 3530| 0| (buf) += (prefvarlen); \ | | 3531| 0| } \ | | 3532| 173| else { \ | | 3533| 173| (buf) += kex_method_list(buf, prefvarlen, \ | | 3534| 173| (const struct common_method **)(defaultvar)); \ | | 3535| 173| } \ | | 3536| 173| } while(0) | | ------------------ | | | Branch (3536:13): [Folded, False: 173] | | ------------------ ------------------ 3609| 173| _libssh2_mac_methods()); 3610| 173| LIBSSH2_METHOD_PREFS_STR(s, comp_cs_len, session->local.comp_prefs, ------------------ | | 3525| 173| do { \ | | 3526| 173| if(prefvar) { \ | | ------------------ | | | Branch (3526:12): [True: 0, False: 173] | | ------------------ | | 3527| 0| _libssh2_htonu32(buf, prefvarlen); \ | | 3528| 0| (buf) += 4; \ | | 3529| 0| memcpy(buf, prefvar, prefvarlen); \ | | 3530| 0| (buf) += (prefvarlen); \ | | 3531| 0| } \ | | 3532| 173| else { \ | | 3533| 173| (buf) += kex_method_list(buf, prefvarlen, \ | | 3534| 173| (const struct common_method **)(defaultvar)); \ | | 3535| 173| } \ | | 3536| 173| } while(0) | | ------------------ | | | Branch (3536:13): [Folded, False: 173] | | ------------------ ------------------ 3611| 173| _libssh2_comp_methods(session)); 3612| 173| LIBSSH2_METHOD_PREFS_STR(s, comp_sc_len, session->remote.comp_prefs, ------------------ | | 3525| 173| do { \ | | 3526| 173| if(prefvar) { \ | | ------------------ | | | Branch (3526:12): [True: 0, False: 173] | | ------------------ | | 3527| 0| _libssh2_htonu32(buf, prefvarlen); \ | | 3528| 0| (buf) += 4; \ | | 3529| 0| memcpy(buf, prefvar, prefvarlen); \ | | 3530| 0| (buf) += (prefvarlen); \ | | 3531| 0| } \ | | 3532| 173| else { \ | | 3533| 173| (buf) += kex_method_list(buf, prefvarlen, \ | | 3534| 173| (const struct common_method **)(defaultvar)); \ | | 3535| 173| } \ | | 3536| 173| } while(0) | | ------------------ | | | Branch (3536:13): [Folded, False: 173] | | ------------------ ------------------ 3613| 173| _libssh2_comp_methods(session)); 3614| 173| LIBSSH2_METHOD_PREFS_STR(s, lang_cs_len, session->local.lang_prefs, ------------------ | | 3525| 173| do { \ | | 3526| 173| if(prefvar) { \ | | ------------------ | | | Branch (3526:12): [True: 0, False: 173] | | ------------------ | | 3527| 0| _libssh2_htonu32(buf, prefvarlen); \ | | 3528| 0| (buf) += 4; \ | | 3529| 0| memcpy(buf, prefvar, prefvarlen); \ | | 3530| 0| (buf) += (prefvarlen); \ | | 3531| 0| } \ | | 3532| 173| else { \ | | 3533| 173| (buf) += kex_method_list(buf, prefvarlen, \ | | 3534| 173| (const struct common_method **)(defaultvar)); \ | | 3535| 173| } \ | | 3536| 173| } while(0) | | ------------------ | | | Branch (3536:13): [Folded, False: 173] | | ------------------ ------------------ 3615| 173| NULL); 3616| 173| LIBSSH2_METHOD_PREFS_STR(s, lang_sc_len, session->remote.lang_prefs, ------------------ | | 3525| 173| do { \ | | 3526| 173| if(prefvar) { \ | | ------------------ | | | Branch (3526:12): [True: 0, False: 173] | | ------------------ | | 3527| 0| _libssh2_htonu32(buf, prefvarlen); \ | | 3528| 0| (buf) += 4; \ | | 3529| 0| memcpy(buf, prefvar, prefvarlen); \ | | 3530| 0| (buf) += (prefvarlen); \ | | 3531| 0| } \ | | 3532| 173| else { \ | | 3533| 173| (buf) += kex_method_list(buf, prefvarlen, \ | | 3534| 173| (const struct common_method **)(defaultvar)); \ | | 3535| 173| } \ | | 3536| 173| } while(0) | | ------------------ | | | Branch (3536:13): [Folded, False: 173] | | ------------------ ------------------ 3617| 173| NULL); 3618| | 3619| | /* No optimistic KEX packet follows */ 3620| | /* Deal with optimistic packets 3621| | * session->flags |= KEXINIT_OPTIMISTIC 3622| | * session->flags |= KEXINIT_METHODSMATCH 3623| | */ 3624| 173| *(s++) = 0; 3625| | 3626| | /* Reserved == 0 */ 3627| 173| _libssh2_htonu32(s, 0); 3628| | 3629| 173|#ifdef LIBSSH2DEBUG 3630| 173| { 3631| 173| unsigned char *p = data + 21; /* type(1) + cookie(16) + len(4) */ 3632| | 3633| 173| _libssh2_debug((session, LIBSSH2_TRACE_KEX, ------------------ | | 1090| 173|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 3634| 173| "Sent KEX: %.*s", (int)kex_len, p)); 3635| 173| p += kex_len + 4; 3636| 173| _libssh2_debug((session, LIBSSH2_TRACE_KEX, ------------------ | | 1090| 173|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 3637| 173| "Sent HOSTKEY: %.*s", (int)hostkey_len, p)); 3638| 173| p += hostkey_len + 4; 3639| 173| _libssh2_debug((session, LIBSSH2_TRACE_KEX, ------------------ | | 1090| 173|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 3640| 173| "Sent CRYPT_CS: %.*s", (int)crypt_cs_len, p)); 3641| 173| p += crypt_cs_len + 4; 3642| 173| _libssh2_debug((session, LIBSSH2_TRACE_KEX, ------------------ | | 1090| 173|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 3643| 173| "Sent CRYPT_SC: %.*s", (int)crypt_sc_len, p)); 3644| 173| p += crypt_sc_len + 4; 3645| 173| _libssh2_debug((session, LIBSSH2_TRACE_KEX, ------------------ | | 1090| 173|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 3646| 173| "Sent MAC_CS: %.*s", (int)mac_cs_len, p)); 3647| 173| p += mac_cs_len + 4; 3648| 173| _libssh2_debug((session, LIBSSH2_TRACE_KEX, ------------------ | | 1090| 173|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 3649| 173| "Sent MAC_SC: %.*s", (int)mac_sc_len, p)); 3650| 173| p += mac_sc_len + 4; 3651| 173| _libssh2_debug((session, LIBSSH2_TRACE_KEX, ------------------ | | 1090| 173|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 3652| 173| "Sent COMP_CS: %.*s", (int)comp_cs_len, p)); 3653| 173| p += comp_cs_len + 4; 3654| 173| _libssh2_debug((session, LIBSSH2_TRACE_KEX, ------------------ | | 1090| 173|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 3655| 173| "Sent COMP_SC: %.*s", (int)comp_sc_len, p)); 3656| 173| p += comp_sc_len + 4; 3657| 173| _libssh2_debug((session, LIBSSH2_TRACE_KEX, ------------------ | | 1090| 173|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 3658| 173| "Sent LANG_CS: %.*s", (int)lang_cs_len, p)); 3659| 173| p += lang_cs_len + 4; 3660| 173| _libssh2_debug((session, LIBSSH2_TRACE_KEX, ------------------ | | 1090| 173|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 3661| 173| "Sent LANG_SC: %.*s", (int)lang_sc_len, p)); 3662| 173| p += lang_sc_len; 3663| 173| _libssh2_debug((session, LIBSSH2_TRACE_KEX, ------------------ | | 1090| 173|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 3664| 173| "Sent first_kex_packet_follows: %02x", p[0])); 3665| 173| } 3666| 173|#endif /* LIBSSH2DEBUG */ 3667| | 3668| 173| session->kexinit_state = libssh2_NB_state_created; 3669| 173| } 3670| 0| else { 3671| 0| data = session->kexinit_data; 3672| 0| data_len = session->kexinit_data_len; 3673| | /* zap the variables to ensure there is NOT a double free later */ 3674| 0| session->kexinit_data = NULL; 3675| 0| session->kexinit_data_len = 0; 3676| 0| } 3677| | 3678| 173| rc = _libssh2_transport_send(session, data, data_len, NULL, 0); 3679| 173| if(rc == LIBSSH2_ERROR_EAGAIN) { ------------------ | | 520| 173|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (3679:8): [True: 0, False: 173] ------------------ 3680| 0| session->kexinit_data = data; 3681| 0| session->kexinit_data_len = data_len; 3682| 0| return rc; 3683| 0| } 3684| 173| else if(rc) { ------------------ | Branch (3684:13): [True: 0, False: 173] ------------------ 3685| 0| LIBSSH2_FREE(session, data); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 3686| 0| session->kexinit_state = libssh2_NB_state_idle; 3687| 0| return _libssh2_error(session, rc, 3688| 0| "Unable to send KEXINIT packet to remote host"); 3689| 0| } 3690| | 3691| 173| if(session->local.kexinit) { ------------------ | Branch (3691:8): [True: 0, False: 173] ------------------ 3692| 0| LIBSSH2_FREE(session, session->local.kexinit); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 3693| 0| } 3694| | 3695| 173| session->local.kexinit = data; 3696| 173| session->local.kexinit_len = data_len; 3697| | 3698| 173| session->kexinit_state = libssh2_NB_state_idle; 3699| | 3700| 173| return 0; 3701| 173|} kex.c:kex_method_strlen: 3481| 1.73k|{ 3482| 1.73k| size_t len = 0; 3483| | 3484| 1.73k| if(!method || !*method) { ------------------ | Branch (3484:8): [True: 346, False: 1.38k] | Branch (3484:19): [True: 0, False: 1.38k] ------------------ 3485| 346| return 0; 3486| 346| } 3487| | 3488| 12.4k| while(*method && (*method)->name) { ------------------ | Branch (3488:11): [True: 11.0k, False: 1.38k] | Branch (3488:22): [True: 11.0k, False: 0] ------------------ 3489| 11.0k| len += strlen((*method)->name) + 1; 3490| 11.0k| method++; 3491| 11.0k| } 3492| | 3493| 1.38k| return len - 1; 3494| 1.73k|} kex.c:kex_method_list: 3501| 1.73k|{ 3502| 1.73k| _libssh2_htonu32(buf, list_strlen); 3503| 1.73k| buf += 4; 3504| | 3505| 1.73k| if(!method || !*method) { ------------------ | Branch (3505:8): [True: 346, False: 1.38k] | Branch (3505:19): [True: 0, False: 1.38k] ------------------ 3506| 346| return 4; 3507| 346| } 3508| | 3509| 12.4k| while(*method && (*method)->name) { ------------------ | Branch (3509:11): [True: 11.0k, False: 1.38k] | Branch (3509:22): [True: 11.0k, False: 0] ------------------ 3510| 11.0k| uint32_t mlen = (uint32_t)strlen((*method)->name); 3511| 11.0k| memcpy(buf, (*method)->name, mlen); 3512| 11.0k| buf += mlen; 3513| 11.0k| *(buf++) = ','; 3514| 11.0k| method++; 3515| 11.0k| } 3516| | 3517| 1.38k| return list_strlen + 4; 3518| 1.73k|} kex.c:kex_agree_methods: 4104| 156|{ 4105| 156| unsigned char *kex, *hostkey, *crypt_cs, *crypt_sc, *comp_cs, *comp_sc, 4106| 156| *mac_cs, *mac_sc; 4107| 156| size_t kex_len, hostkey_len, crypt_cs_len, crypt_sc_len, comp_cs_len; 4108| 156| size_t comp_sc_len, mac_cs_len, mac_sc_len; 4109| 156| struct string_buf buf; 4110| | 4111| 156| if(data_len < 17) ------------------ | Branch (4111:8): [True: 0, False: 156] ------------------ 4112| 0| return -1; 4113| | 4114| 156| buf.data = (unsigned char *)data; 4115| 156| buf.len = data_len; 4116| 156| buf.dataptr = buf.data; 4117| 156| buf.dataptr++; /* advance past packet type */ 4118| | 4119| | /* Skip cookie, don't worry, it's preserved in the kexinit field */ 4120| 156| buf.dataptr += 16; 4121| | 4122| | /* Locate each string */ 4123| 156| if(_libssh2_get_string(&buf, &kex, &kex_len)) ------------------ | Branch (4123:8): [True: 0, False: 156] ------------------ 4124| 0| return -1; 4125| 156| if(_libssh2_get_string(&buf, &hostkey, &hostkey_len)) ------------------ | Branch (4125:8): [True: 0, False: 156] ------------------ 4126| 0| return -1; 4127| 156| if(_libssh2_get_string(&buf, &crypt_cs, &crypt_cs_len)) ------------------ | Branch (4127:8): [True: 0, False: 156] ------------------ 4128| 0| return -1; 4129| 156| if(_libssh2_get_string(&buf, &crypt_sc, &crypt_sc_len)) ------------------ | Branch (4129:8): [True: 0, False: 156] ------------------ 4130| 0| return -1; 4131| 156| if(_libssh2_get_string(&buf, &mac_cs, &mac_cs_len)) ------------------ | Branch (4131:8): [True: 1, False: 155] ------------------ 4132| 1| return -1; 4133| 155| if(_libssh2_get_string(&buf, &mac_sc, &mac_sc_len)) ------------------ | Branch (4133:8): [True: 0, False: 155] ------------------ 4134| 0| return -1; 4135| 155| if(_libssh2_get_string(&buf, &comp_cs, &comp_cs_len)) ------------------ | Branch (4135:8): [True: 0, False: 155] ------------------ 4136| 0| return -1; 4137| 155| if(_libssh2_get_string(&buf, &comp_sc, &comp_sc_len)) ------------------ | Branch (4137:8): [True: 0, False: 155] ------------------ 4138| 0| return -1; 4139| | 4140| | /* If the server sent an optimistic packet, assume that it guessed wrong. 4141| | * If the guess is determined to be right (by kex_agree_kex_hostkey) 4142| | * This flag will be reset to zero so that it's not ignored */ 4143| 155| if(_libssh2_check_length(&buf, 1)) { ------------------ | Branch (4143:8): [True: 155, False: 0] ------------------ 4144| 155| session->burn_optimistic_kexinit = *(buf.dataptr++); 4145| 155| } 4146| 0| else { 4147| 0| return -1; 4148| 0| } 4149| | 4150| | /* Next uint32 in packet is all zeros (reserved) */ 4151| | 4152| 155| if(kex_agree_kex_hostkey(session, kex, kex_len, hostkey, hostkey_len)) { ------------------ | Branch (4152:8): [True: 0, False: 155] ------------------ 4153| 0| return -1; 4154| 0| } 4155| | 4156| 155| if(kex_agree_crypt(session, &session->local, crypt_cs, crypt_cs_len) || ------------------ | Branch (4156:8): [True: 1, False: 154] ------------------ 4157| 154| kex_agree_crypt(session, &session->remote, crypt_sc, crypt_sc_len)) { ------------------ | Branch (4157:8): [True: 2, False: 152] ------------------ 4158| 3| return -1; 4159| 3| } 4160| | 4161| | /* This must happen after kex_agree_crypt since some MACs depend on the 4162| | negotiated crypto method */ 4163| 152| if(kex_agree_mac(session, &session->local, mac_cs, mac_cs_len) || ------------------ | Branch (4163:8): [True: 0, False: 152] ------------------ 4164| 152| kex_agree_mac(session, &session->remote, mac_sc, mac_sc_len)) { ------------------ | Branch (4164:8): [True: 0, False: 152] ------------------ 4165| 0| return -1; 4166| 0| } 4167| | 4168| 152| if(kex_agree_comp(session, &session->local, comp_cs, comp_cs_len) || ------------------ | Branch (4168:8): [True: 16, False: 136] ------------------ 4169| 136| kex_agree_comp(session, &session->remote, comp_sc, comp_sc_len)) { ------------------ | Branch (4169:8): [True: 0, False: 136] ------------------ 4170| 16| return -1; 4171| 16| } 4172| | 4173| |#if 0 4174| | if(libssh2_kex_agree_lang(session, &session->local, lang_cs, 4175| | lang_cs_len) || 4176| | libssh2_kex_agree_lang(session, &session->remote, lang_sc, 4177| | lang_sc_len)) { 4178| | return -1; 4179| | } 4180| |#endif 4181| | 4182| 136| _libssh2_debug((session, LIBSSH2_TRACE_KEX, ------------------ | | 1090| 136|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 4183| 136| "Agreed on KEX method: %s", 4184| 136| session->kex->name)); 4185| 136| _libssh2_debug((session, LIBSSH2_TRACE_KEX, ------------------ | | 1090| 136|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 4186| 136| "Agreed on HOSTKEY method: %s", 4187| 136| session->hostkey->name)); 4188| 136| _libssh2_debug((session, LIBSSH2_TRACE_KEX, ------------------ | | 1090| 136|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 4189| 136| "Agreed on CRYPT_CS method: %s", 4190| 136| session->local.crypt->name)); 4191| 136| _libssh2_debug((session, LIBSSH2_TRACE_KEX, ------------------ | | 1090| 136|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 4192| 136| "Agreed on CRYPT_SC method: %s", 4193| 136| session->remote.crypt->name)); 4194| 136| _libssh2_debug((session, LIBSSH2_TRACE_KEX, ------------------ | | 1090| 136|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 4195| 136| "Agreed on MAC_CS method: %s", 4196| 136| session->local.mac->name)); 4197| 136| _libssh2_debug((session, LIBSSH2_TRACE_KEX, ------------------ | | 1090| 136|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 4198| 136| "Agreed on MAC_SC method: %s", 4199| 136| session->remote.mac->name)); 4200| 136| _libssh2_debug((session, LIBSSH2_TRACE_KEX, ------------------ | | 1090| 136|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 4201| 136| "Agreed on COMP_CS method: %s", 4202| 136| session->local.comp->name)); 4203| 136| _libssh2_debug((session, LIBSSH2_TRACE_KEX, ------------------ | | 1090| 136|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 4204| 136| "Agreed on COMP_SC method: %s", 4205| 136| session->remote.comp->name)); 4206| | 4207| 136| return 0; 4208| 152|} kex.c:kex_agree_kex_hostkey: 3854| 155|{ 3855| 155| const struct kex_method **kexp = kex_methods; 3856| 155| unsigned char *s; 3857| 155| const unsigned char *strict = 3858| 155| (const unsigned char *)"kex-strict-s-v00@openssh.com"; 3859| | 3860| 155| if(_libssh2_kex_agree_instr(kex, kex_len, strict, 28)) { ------------------ | Branch (3860:8): [True: 134, False: 21] ------------------ 3861| 134| session->kex_strict = 1; 3862| 134| } 3863| | 3864| 155| if(session->kex_prefs) { ------------------ | Branch (3864:8): [True: 0, False: 155] ------------------ 3865| 0| s = (unsigned char *)session->kex_prefs; 3866| | 3867| 0| while(s && *s) { ------------------ | Branch (3867:15): [True: 0, False: 0] | Branch (3867:20): [True: 0, False: 0] ------------------ 3868| 0| unsigned char *q, *p = (unsigned char *)strchr((char *)s, ','); 3869| 0| size_t method_len = (p ? (size_t)(p - s) : strlen((char *)s)); ------------------ | Branch (3869:34): [True: 0, False: 0] ------------------ 3870| 0| q = _libssh2_kex_agree_instr(kex, kex_len, s, method_len); 3871| 0| if(q) { ------------------ | Branch (3871:16): [True: 0, False: 0] ------------------ 3872| 0| const struct kex_method *method = 3873| 0| (const struct kex_method *)kex_get_method_by_name( 3874| 0| (char *)s, method_len, 3875| 0| (const struct common_method **)kexp); 3876| | 3877| 0| if(!method) { ------------------ | Branch (3877:20): [True: 0, False: 0] ------------------ 3878| | /* Invalid method -- Should never be reached */ 3879| 0| return -1; 3880| 0| } 3881| | 3882| | /* We've agreed on a key exchange method, 3883| | * Can we agree on a hostkey that works with this kex? 3884| | */ 3885| 0| if(kex_agree_hostkey(session, method->flags, hostkey, ------------------ | Branch (3885:20): [True: 0, False: 0] ------------------ 3886| 0| hostkey_len) == 0) { 3887| 0| session->kex = method; 3888| 0| if(session->burn_optimistic_kexinit && (kex == q)) { ------------------ | Branch (3888:24): [True: 0, False: 0] | Branch (3888:60): [True: 0, False: 0] ------------------ 3889| | /* Server sent an optimistic packet, and client agrees 3890| | * with preference cancel burning the first KEX_INIT 3891| | * packet that comes in */ 3892| 0| session->burn_optimistic_kexinit = 0; 3893| 0| } 3894| 0| return 0; 3895| 0| } 3896| 0| } 3897| | 3898| 0| s = p ? p + 1 : NULL; ------------------ | Branch (3898:17): [True: 0, False: 0] ------------------ 3899| 0| } 3900| 0| return -1; 3901| 0| } 3902| | 3903| 964| while(*kexp && (*kexp)->name) { ------------------ | Branch (3903:11): [True: 964, False: 0] | Branch (3903:20): [True: 964, False: 0] ------------------ 3904| 964| s = _libssh2_kex_agree_instr(kex, kex_len, 3905| 964| (const unsigned char *)(*kexp)->name, 3906| 964| strlen((*kexp)->name)); 3907| 964| if(s) { ------------------ | Branch (3907:12): [True: 155, False: 809] ------------------ 3908| | /* We've agreed on a key exchange method, 3909| | * Can we agree on a hostkey that works with this kex? 3910| | */ 3911| 155| if(kex_agree_hostkey(session, (*kexp)->flags, hostkey, ------------------ | Branch (3911:16): [True: 155, False: 0] ------------------ 3912| 155| hostkey_len) == 0) { 3913| 155| session->kex = *kexp; 3914| 155| if(session->burn_optimistic_kexinit && (kex == s)) { ------------------ | Branch (3914:20): [True: 136, False: 19] | Branch (3914:56): [True: 3, False: 133] ------------------ 3915| | /* Server sent an optimistic packet, and client agrees 3916| | * with preference cancel burning the first KEX_INIT 3917| | * packet that comes in */ 3918| 3| session->burn_optimistic_kexinit = 0; 3919| 3| } 3920| 155| return 0; 3921| 155| } 3922| 155| } 3923| 809| kexp++; 3924| 809| } 3925| 0| return -1; 3926| 155|} kex.c:kex_agree_hostkey: 3780| 155|{ 3781| 155| const struct hostkey_method **hostkeyp = libssh2_hostkey_methods(); 3782| 155| unsigned char *s; 3783| | 3784| 155| if(session->hostkey_prefs) { ------------------ | Branch (3784:8): [True: 0, False: 155] ------------------ 3785| 0| s = (unsigned char *)session->hostkey_prefs; 3786| | 3787| 0| while(s && *s) { ------------------ | Branch (3787:15): [True: 0, False: 0] | Branch (3787:20): [True: 0, False: 0] ------------------ 3788| 0| unsigned char *p = (unsigned char *)strchr((char *)s, ','); 3789| 0| size_t method_len = (p ? (size_t)(p - s) : strlen((char *)s)); ------------------ | Branch (3789:34): [True: 0, False: 0] ------------------ 3790| 0| if(_libssh2_kex_agree_instr(hostkey, hostkey_len, s, method_len)) { ------------------ | Branch (3790:16): [True: 0, False: 0] ------------------ 3791| 0| const struct hostkey_method *method = 3792| 0| (const struct hostkey_method *)kex_get_method_by_name( 3793| 0| (char *)s, method_len, 3794| 0| (const struct common_method **)hostkeyp); 3795| | 3796| 0| if(!method) { ------------------ | Branch (3796:20): [True: 0, False: 0] ------------------ 3797| | /* Invalid method -- Should never be reached */ 3798| 0| return -1; 3799| 0| } 3800| | 3801| | /* So far so good, but does it suit our purposes? (Encrypting 3802| | vs Signing) */ 3803| 0| if(((kex_flags & LIBSSH2_KEX_METHOD_FLAG_REQ_ENC_HOSTKEY) == ------------------ | | 3307| 0|#define LIBSSH2_KEX_METHOD_FLAG_REQ_ENC_HOSTKEY 0x0001 ------------------ | Branch (3803:20): [True: 0, False: 0] ------------------ 3804| 0| 0) || (method->encrypt)) { ------------------ | Branch (3804:28): [True: 0, False: 0] ------------------ 3805| | /* Either this hostkey can do encryption or this kex just 3806| | doesn't require it */ 3807| 0| if(((kex_flags & LIBSSH2_KEX_METHOD_FLAG_REQ_SIGN_HOSTKEY) ------------------ | | 3308| 0|#define LIBSSH2_KEX_METHOD_FLAG_REQ_SIGN_HOSTKEY 0x0002 ------------------ | Branch (3807:24): [True: 0, False: 0] ------------------ 3808| 0| == 0) || (method->sig_verify)) { ------------------ | Branch (3808:35): [True: 0, False: 0] ------------------ 3809| | /* Either this hostkey can do signing or this kex just 3810| | doesn't require it */ 3811| 0| session->hostkey = method; 3812| 0| return 0; 3813| 0| } 3814| 0| } 3815| 0| } 3816| | 3817| 0| s = p ? p + 1 : NULL; ------------------ | Branch (3817:17): [True: 0, False: 0] ------------------ 3818| 0| } 3819| 0| return -1; 3820| 0| } 3821| | 3822| 1.44k| while(hostkeyp && (*hostkeyp) && (*hostkeyp)->name) { ------------------ | Branch (3822:11): [True: 1.44k, False: 0] | Branch (3822:23): [True: 1.44k, False: 0] | Branch (3822:38): [True: 1.44k, False: 0] ------------------ 3823| 1.44k| s = _libssh2_kex_agree_instr(hostkey, hostkey_len, 3824| 1.44k| (const unsigned char *)(*hostkeyp)->name, 3825| 1.44k| strlen((*hostkeyp)->name)); 3826| 1.44k| if(s) { ------------------ | Branch (3826:12): [True: 155, False: 1.28k] ------------------ 3827| | /* So far so good, but does it suit our purposes? (Encrypting vs 3828| | Signing) */ 3829| 155| if(((kex_flags & LIBSSH2_KEX_METHOD_FLAG_REQ_ENC_HOSTKEY) == 0) || ------------------ | | 3307| 155|#define LIBSSH2_KEX_METHOD_FLAG_REQ_ENC_HOSTKEY 0x0001 ------------------ | Branch (3829:16): [True: 155, False: 0] ------------------ 3830| 155| ((*hostkeyp)->encrypt)) { ------------------ | Branch (3830:16): [True: 0, False: 0] ------------------ 3831| | /* Either this hostkey can do encryption or this kex just 3832| | doesn't require it */ 3833| 155| if(((kex_flags & LIBSSH2_KEX_METHOD_FLAG_REQ_SIGN_HOSTKEY) == ------------------ | | 3308| 155|#define LIBSSH2_KEX_METHOD_FLAG_REQ_SIGN_HOSTKEY 0x0002 ------------------ | Branch (3833:20): [True: 0, False: 155] ------------------ 3834| 155| 0) || ((*hostkeyp)->sig_verify)) { ------------------ | Branch (3834:28): [True: 155, False: 0] ------------------ 3835| | /* Either this hostkey can do signing or this kex just 3836| | doesn't require it */ 3837| 155| session->hostkey = *hostkeyp; 3838| 155| return 0; 3839| 155| } 3840| 155| } 3841| 155| } 3842| 1.28k| hostkeyp++; 3843| 1.28k| } 3844| | 3845| 0| return -1; 3846| 155|} kex.c:kex_agree_crypt: 3935| 309|{ 3936| 309| const struct crypt_method **cryptp = libssh2_crypt_methods(); 3937| 309| unsigned char *s; 3938| | 3939| 309| (void)session; 3940| | 3941| 309| if(endpoint->crypt_prefs) { ------------------ | Branch (3941:8): [True: 0, False: 309] ------------------ 3942| 0| s = (unsigned char *)endpoint->crypt_prefs; 3943| | 3944| 0| while(s && *s) { ------------------ | Branch (3944:15): [True: 0, False: 0] | Branch (3944:20): [True: 0, False: 0] ------------------ 3945| 0| unsigned char *p = (unsigned char *)strchr((char *)s, ','); 3946| 0| size_t method_len = (p ? (size_t)(p - s) : strlen((char *)s)); ------------------ | Branch (3946:34): [True: 0, False: 0] ------------------ 3947| | 3948| 0| if(_libssh2_kex_agree_instr(crypt, crypt_len, s, method_len)) { ------------------ | Branch (3948:16): [True: 0, False: 0] ------------------ 3949| 0| const struct crypt_method *method = 3950| 0| (const struct crypt_method *)kex_get_method_by_name( 3951| 0| (char *)s, method_len, 3952| 0| (const struct common_method **)cryptp); 3953| | 3954| 0| if(!method) { ------------------ | Branch (3954:20): [True: 0, False: 0] ------------------ 3955| | /* Invalid method -- Should never be reached */ 3956| 0| return -1; 3957| 0| } 3958| | 3959| 0| endpoint->crypt = method; 3960| 0| return 0; 3961| 0| } 3962| | 3963| 0| s = p ? p + 1 : NULL; ------------------ | Branch (3963:17): [True: 0, False: 0] ------------------ 3964| 0| } 3965| 0| return -1; 3966| 0| } 3967| | 3968| 2.41k| while(*cryptp && (*cryptp)->name) { ------------------ | Branch (3968:11): [True: 2.41k, False: 3] | Branch (3968:22): [True: 2.41k, False: 0] ------------------ 3969| 2.41k| s = _libssh2_kex_agree_instr(crypt, crypt_len, 3970| 2.41k| (const unsigned char *)(*cryptp)->name, 3971| 2.41k| strlen((*cryptp)->name)); 3972| 2.41k| if(s) { ------------------ | Branch (3972:12): [True: 306, False: 2.10k] ------------------ 3973| 306| endpoint->crypt = *cryptp; 3974| 306| return 0; 3975| 306| } 3976| 2.10k| cryptp++; 3977| 2.10k| } 3978| | 3979| 3| return -1; 3980| 309|} kex.c:kex_agree_mac: 3988| 304|{ 3989| 304| const struct mac_method **macp = _libssh2_mac_methods(); 3990| 304| const struct mac_method *override; 3991| 304| unsigned char *s; 3992| 304| (void)session; 3993| | 3994| 304| override = _libssh2_mac_override(endpoint->crypt); 3995| 304| if(override) { ------------------ | Branch (3995:8): [True: 6, False: 298] ------------------ 3996| | /* This crypto method has its own hmac method built-in, so a separate 3997| | * negotiation (and use) of a separate hmac method is unnecessary */ 3998| 6| endpoint->mac = override; 3999| 6| return 0; 4000| 6| } 4001| | 4002| 298| if(endpoint->mac_prefs) { ------------------ | Branch (4002:8): [True: 0, False: 298] ------------------ 4003| 0| s = (unsigned char *)endpoint->mac_prefs; 4004| | 4005| 0| while(s && *s) { ------------------ | Branch (4005:15): [True: 0, False: 0] | Branch (4005:20): [True: 0, False: 0] ------------------ 4006| 0| unsigned char *p = (unsigned char *)strchr((char *)s, ','); 4007| 0| size_t method_len = (p ? (size_t)(p - s) : strlen((char *)s)); ------------------ | Branch (4007:34): [True: 0, False: 0] ------------------ 4008| | 4009| 0| if(_libssh2_kex_agree_instr(mac, mac_len, s, method_len)) { ------------------ | Branch (4009:16): [True: 0, False: 0] ------------------ 4010| 0| const struct mac_method *method = 4011| 0| (const struct mac_method *)kex_get_method_by_name( 4012| 0| (char *)s, method_len, 4013| 0| (const struct common_method **)macp); 4014| | 4015| 0| if(!method) { ------------------ | Branch (4015:20): [True: 0, False: 0] ------------------ 4016| | /* Invalid method -- Should never be reached */ 4017| 0| return -1; 4018| 0| } 4019| | 4020| 0| endpoint->mac = method; 4021| 0| return 0; 4022| 0| } 4023| | 4024| 0| s = p ? p + 1 : NULL; ------------------ | Branch (4024:17): [True: 0, False: 0] ------------------ 4025| 0| } 4026| 0| return -1; 4027| 0| } 4028| | 4029| 1.45k| while(*macp && (*macp)->name) { ------------------ | Branch (4029:11): [True: 1.45k, False: 0] | Branch (4029:20): [True: 1.45k, False: 0] ------------------ 4030| 1.45k| s = _libssh2_kex_agree_instr(mac, mac_len, 4031| 1.45k| (const unsigned char *)(*macp)->name, 4032| 1.45k| strlen((*macp)->name)); 4033| 1.45k| if(s) { ------------------ | Branch (4033:12): [True: 298, False: 1.15k] ------------------ 4034| 298| endpoint->mac = *macp; 4035| 298| return 0; 4036| 298| } 4037| 1.15k| macp++; 4038| 1.15k| } 4039| | 4040| 0| return -1; 4041| 298|} kex.c:kex_agree_comp: 4049| 288|{ 4050| 288| const struct comp_method **compp = _libssh2_comp_methods(session); 4051| 288| unsigned char *s; 4052| 288| (void)session; 4053| | 4054| 288| if(endpoint->comp_prefs) { ------------------ | Branch (4054:8): [True: 0, False: 288] ------------------ 4055| 0| s = (unsigned char *)endpoint->comp_prefs; 4056| | 4057| 0| while(s && *s) { ------------------ | Branch (4057:15): [True: 0, False: 0] | Branch (4057:20): [True: 0, False: 0] ------------------ 4058| 0| unsigned char *p = (unsigned char *)strchr((char *)s, ','); 4059| 0| size_t method_len = (p ? (size_t)(p - s) : strlen((char *)s)); ------------------ | Branch (4059:34): [True: 0, False: 0] ------------------ 4060| | 4061| 0| if(_libssh2_kex_agree_instr(comp, comp_len, s, method_len)) { ------------------ | Branch (4061:16): [True: 0, False: 0] ------------------ 4062| 0| const struct comp_method *method = 4063| 0| (const struct comp_method *)kex_get_method_by_name( 4064| 0| (char *)s, method_len, 4065| 0| (const struct common_method **)compp); 4066| | 4067| 0| if(!method) { ------------------ | Branch (4067:20): [True: 0, False: 0] ------------------ 4068| | /* Invalid method -- Should never be reached */ 4069| 0| return -1; 4070| 0| } 4071| | 4072| 0| endpoint->comp = method; 4073| 0| return 0; 4074| 0| } 4075| | 4076| 0| s = p ? p + 1 : NULL; ------------------ | Branch (4076:17): [True: 0, False: 0] ------------------ 4077| 0| } 4078| 0| return -1; 4079| 0| } 4080| | 4081| 304| while(*compp && (*compp)->name) { ------------------ | Branch (4081:11): [True: 288, False: 16] | Branch (4081:21): [True: 288, False: 0] ------------------ 4082| 288| s = _libssh2_kex_agree_instr(comp, comp_len, 4083| 288| (const unsigned char *)(*compp)->name, 4084| 288| strlen((*compp)->name)); 4085| 288| if(s) { ------------------ | Branch (4085:12): [True: 272, False: 16] ------------------ 4086| 272| endpoint->comp = *compp; 4087| 272| return 0; 4088| 272| } 4089| 16| compp++; 4090| 16| } 4091| | 4092| 16| return -1; 4093| 288|} kex.c:kex_method_curve25519_key_exchange: 2888| 1|{ 2889| 1| int ret = 0; 2890| 1| int rc = 0; 2891| | 2892| 1| if(key_state->state == libssh2_NB_state_idle) { ------------------ | Branch (2892:8): [True: 1, False: 0] ------------------ 2893| | 2894| 1| key_state->public_key_oct = NULL; 2895| 1| key_state->state = libssh2_NB_state_created; 2896| 1| } 2897| | 2898| 1| if(key_state->state == libssh2_NB_state_created) { ------------------ | Branch (2898:8): [True: 1, False: 0] ------------------ 2899| 1| unsigned char *s = NULL; 2900| | 2901| 1| rc = strcmp(session->kex->name, "curve25519-sha256@libssh.org"); 2902| 1| if(rc) ------------------ | Branch (2902:12): [True: 0, False: 1] ------------------ 2903| 0| rc = strcmp(session->kex->name, "curve25519-sha256"); 2904| | 2905| 1| if(rc) { ------------------ | Branch (2905:12): [True: 0, False: 1] ------------------ 2906| 0| ret = _libssh2_error(session, -1, 2907| 0| "Unknown KEX curve25519 curve type"); 2908| 0| goto clean_exit; 2909| 0| } 2910| | 2911| 1| rc = _libssh2_curve25519_new(session, 2912| 1| &key_state->curve25519_public_key, 2913| 1| &key_state->curve25519_private_key); 2914| | 2915| 1| if(rc) { ------------------ | Branch (2915:12): [True: 0, False: 1] ------------------ 2916| 0| ret = _libssh2_error(session, rc, "Unable to create private key"); 2917| 0| goto clean_exit; 2918| 0| } 2919| | 2920| 1| key_state->request[0] = SSH2_MSG_KEX_ECDH_INIT; ------------------ | | 1137| 1|#define SSH2_MSG_KEX_ECDH_INIT 30 ------------------ 2921| 1| s = key_state->request + 1; 2922| 1| _libssh2_store_str(&s, (const char *)key_state->curve25519_public_key, 2923| 1| LIBSSH2_ED25519_KEY_LEN); ------------------ | | 79| 1|#define LIBSSH2_ED25519_KEY_LEN 32 ------------------ 2924| 1| key_state->request_len = LIBSSH2_ED25519_KEY_LEN + 5; ------------------ | | 79| 1|#define LIBSSH2_ED25519_KEY_LEN 32 ------------------ 2925| | 2926| 1| _libssh2_debug((session, LIBSSH2_TRACE_KEX, ------------------ | | 1090| 1|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 2927| 1| "Initiating curve25519 SHA2")); 2928| | 2929| 1| key_state->state = libssh2_NB_state_sent; 2930| 1| } 2931| | 2932| 1| if(key_state->state == libssh2_NB_state_sent) { ------------------ | Branch (2932:8): [True: 1, False: 0] ------------------ 2933| 1| rc = _libssh2_transport_send(session, key_state->request, 2934| 1| key_state->request_len, NULL, 0); 2935| 1| if(rc == LIBSSH2_ERROR_EAGAIN) { ------------------ | | 520| 1|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (2935:12): [True: 0, False: 1] ------------------ 2936| 0| return rc; 2937| 0| } 2938| 1| else if(rc) { ------------------ | Branch (2938:17): [True: 0, False: 1] ------------------ 2939| 0| ret = _libssh2_error(session, rc, "Unable to send ECDH_INIT"); 2940| 0| goto clean_exit; 2941| 0| } 2942| | 2943| 1| key_state->state = libssh2_NB_state_sent1; 2944| 1| } 2945| | 2946| 1| if(key_state->state == libssh2_NB_state_sent1) { ------------------ | Branch (2946:8): [True: 1, False: 0] ------------------ 2947| 1| rc = _libssh2_packet_require(session, SSH2_MSG_KEX_ECDH_REPLY, ------------------ | | 1138| 1|#define SSH2_MSG_KEX_ECDH_REPLY 31 ------------------ 2948| 1| &key_state->data, &key_state->data_len, 2949| 1| 0, NULL, 0, &key_state->req_state); 2950| 1| if(rc == LIBSSH2_ERROR_EAGAIN) { ------------------ | | 520| 1|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (2950:12): [True: 0, False: 1] ------------------ 2951| 0| return rc; 2952| 0| } 2953| 1| else if(rc) { ------------------ | Branch (2953:17): [True: 0, False: 1] ------------------ 2954| 0| ret = _libssh2_error(session, rc, 2955| 0| "Timeout waiting for ECDH_REPLY reply"); 2956| 0| goto clean_exit; 2957| 0| } 2958| | 2959| 1| key_state->state = libssh2_NB_state_sent2; 2960| 1| } 2961| | 2962| 1| if(key_state->state == libssh2_NB_state_sent2) { ------------------ | Branch (2962:8): [True: 1, False: 0] ------------------ 2963| | 2964| 1| ret = curve25519_sha256(session, key_state->data, key_state->data_len, 2965| 1| key_state->curve25519_public_key, 2966| 1| key_state->curve25519_private_key, 2967| 1| &key_state->exchange_state); 2968| | 2969| 1| if(ret == LIBSSH2_ERROR_EAGAIN) { ------------------ | | 520| 1|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (2969:12): [True: 0, False: 1] ------------------ 2970| 0| return ret; 2971| 0| } 2972| 1| } 2973| | 2974| 1|clean_exit: 2975| | 2976| 1| kex_method_curve25519_cleanup(session, key_state); 2977| | 2978| 1| return ret; 2979| 1|} kex.c:curve25519_sha256: 2748| 1|{ 2749| 1| int ret = 0; 2750| 1| int rc; 2751| 1| int public_key_len = LIBSSH2_ED25519_KEY_LEN; ------------------ | | 79| 1|#define LIBSSH2_ED25519_KEY_LEN 32 ------------------ 2752| | 2753| 1| if(exchange_state->state == libssh2_NB_state_idle) { ------------------ | Branch (2753:8): [True: 1, False: 0] ------------------ 2754| | 2755| | /* Setup initial values */ 2756| 1| exchange_state->k = _libssh2_bn_init(); ------------------ | | 421| 1|#define _libssh2_bn_init() BN_new() ------------------ 2757| | 2758| 1| exchange_state->state = libssh2_NB_state_created; 2759| 1| } 2760| | 2761| 1| if(exchange_state->state == libssh2_NB_state_created) { ------------------ | Branch (2761:8): [True: 1, False: 0] ------------------ 2762| | /* parse INIT reply data */ 2763| 1| unsigned char *server_public_key; 2764| 1| size_t server_public_key_len; 2765| 1| struct string_buf buf; 2766| | 2767| 1| if(!data) { ------------------ | Branch (2767:12): [True: 0, False: 1] ------------------ 2768| 0| ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO, ------------------ | | 495| 0|#define LIBSSH2_ERROR_PROTO (-14) ------------------ 2769| 0| "Missing host key data"); 2770| 0| goto clean_exit; 2771| 0| } 2772| | 2773| 1| ret = process_host_key(session, &buf, exchange_state, data, data_len); 2774| 1| if(ret) { ------------------ | Branch (2774:12): [True: 1, False: 0] ------------------ 2775| 1| goto clean_exit; 2776| 1| } 2777| | 2778| | /* server public key Q_S */ 2779| 0| if(_libssh2_get_string(&buf, &server_public_key, ------------------ | Branch (2779:12): [True: 0, False: 0] ------------------ 2780| 0| &server_public_key_len)) { 2781| 0| ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO, ------------------ | | 495| 0|#define LIBSSH2_ERROR_PROTO (-14) ------------------ 2782| 0| "Unexpected curve25519 key length"); 2783| 0| goto clean_exit; 2784| 0| } 2785| | 2786| 0| if(server_public_key_len != LIBSSH2_ED25519_KEY_LEN) { ------------------ | | 79| 0|#define LIBSSH2_ED25519_KEY_LEN 32 ------------------ | Branch (2786:12): [True: 0, False: 0] ------------------ 2787| 0| ret = _libssh2_error(session, LIBSSH2_ERROR_HOSTKEY_INIT, ------------------ | | 491| 0|#define LIBSSH2_ERROR_HOSTKEY_INIT (-10) ------------------ 2788| 0| "Unexpected curve25519 server " 2789| 0| "public key length"); 2790| 0| goto clean_exit; 2791| 0| } 2792| | 2793| | /* server signature */ 2794| 0| if(_libssh2_get_string(&buf, &exchange_state->h_sig, ------------------ | Branch (2794:12): [True: 0, False: 0] ------------------ 2795| 0| &(exchange_state->h_sig_len))) { 2796| 0| ret = _libssh2_error(session, LIBSSH2_ERROR_HOSTKEY_INIT, ------------------ | | 491| 0|#define LIBSSH2_ERROR_HOSTKEY_INIT (-10) ------------------ 2797| 0| "Unexpected curve25519 server sig length"); 2798| 0| goto clean_exit; 2799| 0| } 2800| | 2801| | /* Compute the shared secret K */ 2802| 0| rc = _libssh2_curve25519_gen_k(&exchange_state->k, private_key, 2803| 0| server_public_key); 2804| 0| if(rc) { ------------------ | Branch (2804:12): [True: 0, False: 0] ------------------ 2805| 0| ret = _libssh2_error(session, LIBSSH2_ERROR_KEX_FAILURE, ------------------ | | 486| 0|#define LIBSSH2_ERROR_KEX_FAILURE (-5) ------------------ 2806| 0| "Unable to create curve25519 shared secret"); 2807| 0| goto clean_exit; 2808| 0| } 2809| | 2810| 0| exchange_state->k_value_len = _libssh2_bn_bytes(exchange_state->k) + 5; ------------------ | | 427| 0|#define _libssh2_bn_bytes(bn) BN_num_bytes(bn) ------------------ 2811| 0| if(_libssh2_bn_bits(exchange_state->k) % 8) { ------------------ | | 428| 0|#define _libssh2_bn_bits(bn) BN_num_bits(bn) ------------------ | Branch (2811:12): [True: 0, False: 0] ------------------ 2812| | /* don't need leading 00 */ 2813| 0| exchange_state->k_value_len--; 2814| 0| } 2815| 0| exchange_state->k_value = 2816| 0| LIBSSH2_ALLOC(session, exchange_state->k_value_len); ------------------ | | 232| 0| session->alloc(count, &(session)->abstract) ------------------ 2817| 0| if(!exchange_state->k_value) { ------------------ | Branch (2817:12): [True: 0, False: 0] ------------------ 2818| 0| ret = _libssh2_error(session, LIBSSH2_ERROR_ALLOC, ------------------ | | 487| 0|#define LIBSSH2_ERROR_ALLOC (-6) ------------------ 2819| 0| "Unable to allocate buffer for K"); 2820| 0| goto clean_exit; 2821| 0| } 2822| 0| _libssh2_htonu32(exchange_state->k_value, 2823| 0| (uint32_t)(exchange_state->k_value_len - 4)); 2824| 0| if(_libssh2_bn_bits(exchange_state->k) % 8) { ------------------ | | 428| 0|#define _libssh2_bn_bits(bn) BN_num_bits(bn) ------------------ | Branch (2824:12): [True: 0, False: 0] ------------------ 2825| 0| if(_libssh2_bn_to_bin(exchange_state->k, ------------------ | | 426| 0|#define _libssh2_bn_to_bin(bn, val) (BN_bn2bin(bn, val) <= 0) | | ------------------ | | | Branch (426:37): [True: 0, False: 0] | | ------------------ ------------------ 2826| 0| exchange_state->k_value + 4)) { 2827| 0| ret = _libssh2_error(session, LIBSSH2_ERROR_OUT_OF_BOUNDARY, ------------------ | | 524| 0|#define LIBSSH2_ERROR_OUT_OF_BOUNDARY (-41) ------------------ 2828| 0| "Can't write exchange_state->k"); 2829| 0| goto clean_exit; 2830| 0| } 2831| 0| } 2832| 0| else { 2833| 0| exchange_state->k_value[4] = 0; 2834| 0| if(_libssh2_bn_to_bin(exchange_state->k, ------------------ | | 426| 0|#define _libssh2_bn_to_bin(bn, val) (BN_bn2bin(bn, val) <= 0) | | ------------------ | | | Branch (426:37): [True: 0, False: 0] | | ------------------ ------------------ 2835| 0| exchange_state->k_value + 5)) { 2836| 0| ret = _libssh2_error(session, LIBSSH2_ERROR_OUT_OF_BOUNDARY, ------------------ | | 524| 0|#define LIBSSH2_ERROR_OUT_OF_BOUNDARY (-41) ------------------ 2837| 0| "Can't write exchange_state->k"); 2838| 0| goto clean_exit; 2839| 0| } 2840| 0| } 2841| | 2842| | /*/ verify hash */ 2843| 0| LIBSSH2_KEX_METHOD_EC_SHA_HASH_CREATE_VERIFY(256); ------------------ | | 1722| 0| do { \ | | 1723| 0| libssh2_sha##digest_type##_ctx ctx; \ | | ------------------ | | | | 252| 0|#define libssh2_sha256_ctx EVP_MD_CTX * | | ------------------ | | 1724| 0| int hok; \ | | 1725| 0| if(!libssh2_sha##digest_type##_init(&ctx)) { \ | | ------------------ | | | | 264| 0|#define libssh2_sha256_init(x) _libssh2_sha256_init(x) | | ------------------ | | | Branch (1725:12): [True: 0, False: 0] | | ------------------ | | 1726| 0| rc = -1; \ | | 1727| 0| break; \ | | 1728| 0| } \ | | 1729| 0| hok = 1; \ | | 1730| 0| if(session->local.banner) { \ | | ------------------ | | | Branch (1730:12): [True: 0, False: 0] | | ------------------ | | 1731| 0| _libssh2_htonu32(exchange_state->h_sig_comp, \ | | 1732| 0| (uint32_t)(strlen((char *)session->local.banner) - 2)); \ | | 1733| 0| hok &= libssh2_sha##digest_type##_update(ctx, \ | | ------------------ | | | | 266| 0| _libssh2_sha256_update(&(ctx), data, len) | | ------------------ | | 1734| 0| exchange_state->h_sig_comp, 4); \ | | 1735| 0| hok &= libssh2_sha##digest_type##_update(ctx, \ | | ------------------ | | | | 266| 0| _libssh2_sha256_update(&(ctx), data, len) | | ------------------ | | 1736| 0| (char *)session->local.banner, \ | | 1737| 0| strlen((char *)session->local.banner) - 2); \ | | 1738| 0| } \ | | 1739| 0| else { \ | | 1740| 0| _libssh2_htonu32(exchange_state->h_sig_comp, \ | | 1741| 0| sizeof(LIBSSH2_SSH_DEFAULT_BANNER) - 1); \ | | ------------------ | | | | 192| 0|#define LIBSSH2_SSH_DEFAULT_BANNER LIBSSH2_SSH_BANNER | | | | ------------------ | | | | | | 190| 0|#define LIBSSH2_SSH_BANNER "SSH-2.0-libssh2_" LIBSSH2_VERSION | | | | | | ------------------ | | | | | | | | 53| 0|#define LIBSSH2_VERSION "1.11.2_DEV" | | | | | | ------------------ | | | | ------------------ | | ------------------ | | 1742| 0| hok &= libssh2_sha##digest_type##_update(ctx, \ | | ------------------ | | | | 266| 0| _libssh2_sha256_update(&(ctx), data, len) | | ------------------ | | 1743| 0| exchange_state->h_sig_comp, 4); \ | | 1744| 0| hok &= libssh2_sha##digest_type##_update(ctx, \ | | ------------------ | | | | 266| 0| _libssh2_sha256_update(&(ctx), data, len) | | ------------------ | | 1745| 0| LIBSSH2_SSH_DEFAULT_BANNER, \ | | 1746| 0| sizeof(LIBSSH2_SSH_DEFAULT_BANNER) - 1); \ | | 1747| 0| } \ | | 1748| 0| \ | | 1749| 0| _libssh2_htonu32(exchange_state->h_sig_comp, \ | | 1750| 0| (uint32_t)strlen((char *)session->remote.banner)); \ | | 1751| 0| hok &= libssh2_sha##digest_type##_update(ctx, \ | | ------------------ | | | | 266| 0| _libssh2_sha256_update(&(ctx), data, len) | | ------------------ | | 1752| 0| exchange_state->h_sig_comp, 4); \ | | 1753| 0| hok &= libssh2_sha##digest_type##_update(ctx, \ | | ------------------ | | | | 266| 0| _libssh2_sha256_update(&(ctx), data, len) | | ------------------ | | 1754| 0| session->remote.banner, \ | | 1755| 0| strlen((char *)session->remote.banner)); \ | | 1756| 0| \ | | 1757| 0| _libssh2_htonu32(exchange_state->h_sig_comp, \ | | 1758| 0| (uint32_t)session->local.kexinit_len); \ | | 1759| 0| hok &= libssh2_sha##digest_type##_update(ctx, \ | | ------------------ | | | | 266| 0| _libssh2_sha256_update(&(ctx), data, len) | | ------------------ | | 1760| 0| exchange_state->h_sig_comp, 4); \ | | 1761| 0| hok &= libssh2_sha##digest_type##_update(ctx, \ | | ------------------ | | | | 266| 0| _libssh2_sha256_update(&(ctx), data, len) | | ------------------ | | 1762| 0| session->local.kexinit, \ | | 1763| 0| session->local.kexinit_len); \ | | 1764| 0| \ | | 1765| 0| _libssh2_htonu32(exchange_state->h_sig_comp, \ | | 1766| 0| (uint32_t)session->remote.kexinit_len); \ | | 1767| 0| hok &= libssh2_sha##digest_type##_update(ctx, \ | | ------------------ | | | | 266| 0| _libssh2_sha256_update(&(ctx), data, len) | | ------------------ | | 1768| 0| exchange_state->h_sig_comp, 4); \ | | 1769| 0| hok &= libssh2_sha##digest_type##_update(ctx, \ | | ------------------ | | | | 266| 0| _libssh2_sha256_update(&(ctx), data, len) | | ------------------ | | 1770| 0| session->remote.kexinit, \ | | 1771| 0| session->remote.kexinit_len); \ | | 1772| 0| \ | | 1773| 0| _libssh2_htonu32(exchange_state->h_sig_comp, \ | | 1774| 0| session->server_hostkey_len); \ | | 1775| 0| hok &= libssh2_sha##digest_type##_update(ctx, \ | | ------------------ | | | | 266| 0| _libssh2_sha256_update(&(ctx), data, len) | | ------------------ | | 1776| 0| exchange_state->h_sig_comp, 4); \ | | 1777| 0| hok &= libssh2_sha##digest_type##_update(ctx, \ | | ------------------ | | | | 266| 0| _libssh2_sha256_update(&(ctx), data, len) | | ------------------ | | 1778| 0| session->server_hostkey, \ | | 1779| 0| session->server_hostkey_len); \ | | 1780| 0| \ | | 1781| 0| _libssh2_htonu32(exchange_state->h_sig_comp, \ | | 1782| 0| (uint32_t)public_key_len); \ | | 1783| 0| hok &= libssh2_sha##digest_type##_update(ctx, \ | | ------------------ | | | | 266| 0| _libssh2_sha256_update(&(ctx), data, len) | | ------------------ | | 1784| 0| exchange_state->h_sig_comp, 4); \ | | 1785| 0| hok &= libssh2_sha##digest_type##_update(ctx, \ | | ------------------ | | | | 266| 0| _libssh2_sha256_update(&(ctx), data, len) | | ------------------ | | 1786| 0| public_key, \ | | 1787| 0| public_key_len); \ | | 1788| 0| \ | | 1789| 0| _libssh2_htonu32(exchange_state->h_sig_comp, \ | | 1790| 0| (uint32_t)server_public_key_len); \ | | 1791| 0| hok &= libssh2_sha##digest_type##_update(ctx, \ | | ------------------ | | | | 266| 0| _libssh2_sha256_update(&(ctx), data, len) | | ------------------ | | 1792| 0| exchange_state->h_sig_comp, 4); \ | | 1793| 0| hok &= libssh2_sha##digest_type##_update(ctx, \ | | ------------------ | | | | 266| 0| _libssh2_sha256_update(&(ctx), data, len) | | ------------------ | | 1794| 0| server_public_key, \ | | 1795| 0| server_public_key_len); \ | | 1796| 0| \ | | 1797| 0| hok &= libssh2_sha##digest_type##_update(ctx, \ | | ------------------ | | | | 266| 0| _libssh2_sha256_update(&(ctx), data, len) | | ------------------ | | 1798| 0| exchange_state->k_value, \ | | 1799| 0| exchange_state->k_value_len); \ | | 1800| 0| \ | | 1801| 0| if(!hok || \ | | ------------------ | | | Branch (1801:12): [True: 0, False: 0] | | ------------------ | | 1802| 0| !libssh2_sha##digest_type##_final(ctx, \ | | ------------------ | | | | 267| 0|#define libssh2_sha256_final(ctx, out) _libssh2_sha256_final(&(ctx), out) | | ------------------ | | | Branch (1802:12): [True: 0, False: 0] | | ------------------ | | 1803| 0| exchange_state->h_sig_comp)) { \ | | 1804| 0| rc = -1; \ | | 1805| 0| break; \ | | 1806| 0| } \ | | 1807| 0| \ | | 1808| 0| if(session->hostkey->sig_verify(session, exchange_state->h_sig, \ | | ------------------ | | | Branch (1808:12): [True: 0, False: 0] | | ------------------ | | 1809| 0| exchange_state->h_sig_len, \ | | 1810| 0| exchange_state->h_sig_comp, \ | | 1811| 0| SHA##digest_type##_DIGEST_LENGTH, \ | | 1812| 0| &session->server_hostkey_abstract)) { \ | | 1813| 0| rc = -1; \ | | 1814| 0| } \ | | 1815| 0| } while(0) | | ------------------ | | | Branch (1815:13): [Folded, False: 0] | | ------------------ ------------------ 2844| | 2845| 0| if(rc) { ------------------ | Branch (2845:12): [True: 0, False: 0] ------------------ 2846| 0| ret = _libssh2_error(session, LIBSSH2_ERROR_HOSTKEY_SIGN, ------------------ | | 492| 0|#define LIBSSH2_ERROR_HOSTKEY_SIGN (-11) ------------------ 2847| 0| "Unable to verify hostkey signature " 2848| 0| "curve25519"); 2849| 0| goto clean_exit; 2850| 0| } 2851| | 2852| 0| exchange_state->c = SSH_MSG_NEWKEYS; ------------------ | | 1122| 0|#define SSH_MSG_NEWKEYS 21 ------------------ 2853| 0| exchange_state->state = libssh2_NB_state_sent; 2854| 0| } 2855| | 2856| 0| if(exchange_state->state == libssh2_NB_state_sent) { ------------------ | Branch (2856:8): [True: 0, False: 0] ------------------ 2857| 0| rc = _libssh2_transport_send(session, &exchange_state->c, 1, NULL, 0); 2858| 0| if(rc == LIBSSH2_ERROR_EAGAIN) { ------------------ | | 520| 0|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (2858:12): [True: 0, False: 0] ------------------ 2859| 0| return rc; 2860| 0| } 2861| 0| else if(rc) { ------------------ | Branch (2861:17): [True: 0, False: 0] ------------------ 2862| 0| ret = _libssh2_error(session, rc, 2863| 0| "Unable to send NEWKEYS message curve25519"); 2864| 0| goto clean_exit; 2865| 0| } 2866| | 2867| 0| exchange_state->state = libssh2_NB_state_sent2; 2868| 0| } 2869| | 2870| 0| if(exchange_state->state == libssh2_NB_state_sent2) { ------------------ | Branch (2870:8): [True: 0, False: 0] ------------------ 2871| 0| ret = finish_kex(session, exchange_state, SHA256_DIGEST_LENGTH, 256); 2872| 0| if(ret == LIBSSH2_ERROR_EAGAIN) { ------------------ | | 520| 0|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (2872:12): [True: 0, False: 0] ------------------ 2873| 0| return ret; 2874| 0| } 2875| 0| } 2876| | 2877| 1|clean_exit: 2878| 1| curve25519_exchange_state_cleanup(session, exchange_state); 2879| | 2880| 1| return ret; 2881| 0|} kex.c:process_host_key: 220| 1|{ 221| 1| size_t host_key_len; 222| | 223| | /* Parse reply */ 224| 1| if(data) { ------------------ | Branch (224:8): [True: 1, False: 0] ------------------ 225| 1| if(data_len < 5) { ------------------ | Branch (225:12): [True: 0, False: 1] ------------------ 226| 0| return _libssh2_error(session, LIBSSH2_ERROR_PROTO, ------------------ | | 495| 0|#define LIBSSH2_ERROR_PROTO (-14) ------------------ 227| 0| "Unexpected packet length"); 228| 0| } 229| 1| buf->data = data; 230| 1| buf->len = data_len; 231| 1| } 232| 0| else { 233| 0| if(exchange_state->s_packet_len < 5) { ------------------ | Branch (233:12): [True: 0, False: 0] ------------------ 234| 0| return _libssh2_error(session, LIBSSH2_ERROR_PROTO, ------------------ | | 495| 0|#define LIBSSH2_ERROR_PROTO (-14) ------------------ 235| 0| "Unexpected packet length"); 236| 0| } 237| 0| buf->data = exchange_state->s_packet; 238| 0| buf->len = exchange_state->s_packet_len; 239| 0| } 240| | 241| 1| buf->dataptr = buf->data; 242| 1| buf->dataptr++; /* advance past type */ 243| | 244| 1| if(session->server_hostkey) { ------------------ | Branch (244:8): [True: 0, False: 1] ------------------ 245| 0| LIBSSH2_FREE(session, session->server_hostkey); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 246| 0| session->server_hostkey = NULL; 247| 0| session->server_hostkey_len = 0; 248| 0| } 249| | 250| 1| if(_libssh2_copy_string(session, buf, &(session->server_hostkey), ------------------ | Branch (250:8): [True: 0, False: 1] ------------------ 251| 1| &host_key_len)) { 252| 0| return _libssh2_error(session, LIBSSH2_ERROR_ALLOC, ------------------ | | 487| 0|#define LIBSSH2_ERROR_ALLOC (-6) ------------------ 253| 0| "Could not copy host key"); 254| 0| } 255| | 256| 1| session->server_hostkey_len = (uint32_t)host_key_len; 257| | 258| |#if LIBSSH2_MD5 259| | { 260| | libssh2_md5_ctx fingerprint_ctx; 261| | 262| | if(libssh2_md5_init(&fingerprint_ctx) && 263| | libssh2_md5_update(fingerprint_ctx, session->server_hostkey, 264| | session->server_hostkey_len) && 265| | libssh2_md5_final(fingerprint_ctx, 266| | session->server_hostkey_md5)) { 267| | session->server_hostkey_md5_valid = TRUE; 268| | } 269| | else { 270| | session->server_hostkey_md5_valid = FALSE; 271| | } 272| | } 273| |#ifdef LIBSSH2DEBUG 274| | { 275| | char fingerprint[MD5_DIGEST_LENGTH * 3 + 1]; 276| | char *fprint = fingerprint; 277| | int i; 278| | for(i = 0; i < MD5_DIGEST_LENGTH; i++, fprint += 3) { 279| | snprintf(fprint, 4, "%02x:", session->server_hostkey_md5[i]); 280| | } 281| | *(--fprint) = '\0'; 282| | _libssh2_debug((session, LIBSSH2_TRACE_KEX, 283| | "Server's MD5 Fingerprint: %s", fingerprint)); 284| | } 285| |#endif /* LIBSSH2DEBUG */ 286| |#endif /* ! LIBSSH2_MD5 */ 287| | 288| 1| { 289| 1| libssh2_sha1_ctx fingerprint_ctx; ------------------ | | 233| 1|#define libssh2_sha1_ctx EVP_MD_CTX * ------------------ 290| | 291| 1| if(libssh2_sha1_init(&fingerprint_ctx) && ------------------ | | 245| 2|#define libssh2_sha1_init(x) _libssh2_sha1_init(x) | | ------------------ | | | Branch (245:30): [True: 1, False: 0] | | ------------------ ------------------ 292| 1| libssh2_sha1_update(fingerprint_ctx, session->server_hostkey, ------------------ | | 247| 2| _libssh2_sha1_update(&(ctx), data, len) | | ------------------ | | | Branch (247:5): [True: 1, False: 0] | | ------------------ ------------------ 293| 1| session->server_hostkey_len) && 294| 1| libssh2_sha1_final(fingerprint_ctx, session->server_hostkey_sha1)) { ------------------ | | 248| 1|#define libssh2_sha1_final(ctx, out) _libssh2_sha1_final(&(ctx), out) | | ------------------ | | | Branch (248:38): [True: 1, False: 0] | | ------------------ ------------------ 295| 1| session->server_hostkey_sha1_valid = TRUE; ------------------ | | 119| 1|#define TRUE 1 ------------------ 296| 1| } 297| 0| else { 298| 0| session->server_hostkey_sha1_valid = FALSE; ------------------ | | 116| 0|#define FALSE 0 ------------------ 299| 0| } 300| 1| } 301| 1|#ifdef LIBSSH2DEBUG 302| 1| { 303| 1| char fingerprint[SHA1_DIGEST_LENGTH * 3 + 1]; 304| 1| char *fprint = fingerprint; 305| 1| int i; 306| 21| for(i = 0; i < SHA1_DIGEST_LENGTH; i++, fprint += 3) { ------------------ | | 51| 21|#define SHA1_DIGEST_LENGTH SHA_DIGEST_LENGTH ------------------ | Branch (306:20): [True: 20, False: 1] ------------------ 307| 20| snprintf(fprint, 4, "%02x:", session->server_hostkey_sha1[i]); 308| 20| } 309| 1| *(--fprint) = '\0'; 310| 1| _libssh2_debug((session, LIBSSH2_TRACE_KEX, ------------------ | | 1090| 1|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 311| 1| "Server's SHA1 Fingerprint: %s", fingerprint)); 312| 1| } 313| 1|#endif /* LIBSSH2DEBUG */ 314| | 315| 1| { 316| 1| libssh2_sha256_ctx fingerprint_ctx; ------------------ | | 252| 1|#define libssh2_sha256_ctx EVP_MD_CTX * ------------------ 317| | 318| 1| if(libssh2_sha256_init(&fingerprint_ctx) && ------------------ | | 264| 2|#define libssh2_sha256_init(x) _libssh2_sha256_init(x) | | ------------------ | | | Branch (264:32): [True: 1, False: 0] | | ------------------ ------------------ 319| 1| libssh2_sha256_update(fingerprint_ctx, session->server_hostkey, ------------------ | | 266| 2| _libssh2_sha256_update(&(ctx), data, len) | | ------------------ | | | Branch (266:5): [True: 1, False: 0] | | ------------------ ------------------ 320| 1| session->server_hostkey_len) && 321| 1| libssh2_sha256_final(fingerprint_ctx, ------------------ | | 267| 1|#define libssh2_sha256_final(ctx, out) _libssh2_sha256_final(&(ctx), out) | | ------------------ | | | Branch (267:40): [True: 1, False: 0] | | ------------------ ------------------ 322| 1| session->server_hostkey_sha256)) { 323| 1| session->server_hostkey_sha256_valid = TRUE; ------------------ | | 119| 1|#define TRUE 1 ------------------ 324| 1| } 325| 0| else { 326| 0| session->server_hostkey_sha256_valid = FALSE; ------------------ | | 116| 0|#define FALSE 0 ------------------ 327| 0| } 328| 1| } 329| 1|#ifdef LIBSSH2DEBUG 330| 1| { 331| 1| char *base64Fingerprint = NULL; 332| 1| _libssh2_base64_encode(session, 333| 1| (const char *)session->server_hostkey_sha256, 334| 1| SHA256_DIGEST_LENGTH, &base64Fingerprint); 335| 1| if(base64Fingerprint) { ------------------ | Branch (335:12): [True: 1, False: 0] ------------------ 336| 1| _libssh2_debug((session, LIBSSH2_TRACE_KEX, ------------------ | | 1090| 1|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 337| 1| "Server's SHA256 Fingerprint: %s", 338| 1| base64Fingerprint)); 339| 1| LIBSSH2_FREE(session, base64Fingerprint); ------------------ | | 238| 1| session->free(ptr, &(session)->abstract) ------------------ 340| 1| } 341| 1| } 342| 1|#endif /* LIBSSH2DEBUG */ 343| | 344| 1| if(!session->hostkey) { ------------------ | Branch (344:8): [True: 0, False: 1] ------------------ 345| 0| return _libssh2_error(session, LIBSSH2_ERROR_PROTO, "hostkey is NULL"); ------------------ | | 495| 0|#define LIBSSH2_ERROR_PROTO (-14) ------------------ 346| 0| } 347| 1| if(session->hostkey->init(session, session->server_hostkey, ------------------ | Branch (347:8): [True: 1, False: 0] ------------------ 348| 1| session->server_hostkey_len, 349| 1| &session->server_hostkey_abstract)) { 350| 1| return _libssh2_error(session, LIBSSH2_ERROR_HOSTKEY_INIT, ------------------ | | 491| 1|#define LIBSSH2_ERROR_HOSTKEY_INIT (-10) ------------------ 351| 1| "Unable to initialize hostkey importer"); 352| 1| } 353| | 354| 0| return 0; 355| 1|} kex.c:curve25519_exchange_state_cleanup: 2698| 1|{ 2699| 1| _libssh2_bn_free(exchange_state->k); ------------------ | | 429| 1|#define _libssh2_bn_free(bn) BN_clear_free(bn) ------------------ 2700| 1| exchange_state->k = NULL; 2701| | 2702| 1| if(exchange_state->k_value) { ------------------ | Branch (2702:8): [True: 0, False: 1] ------------------ 2703| 0| LIBSSH2_FREE(session, exchange_state->k_value); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 2704| 0| exchange_state->k_value = NULL; 2705| 0| } 2706| | 2707| 1| exchange_state->state = libssh2_NB_state_idle; 2708| 1|} kex.c:kex_method_curve25519_cleanup: 2712| 2|{ 2713| 2| if(key_state->curve25519_public_key) { ------------------ | Branch (2713:8): [True: 1, False: 1] ------------------ 2714| 1| _libssh2_explicit_zero(key_state->curve25519_public_key, ------------------ | | 51| 1|#define _libssh2_explicit_zero(buf, size) explicit_bzero(buf, size) ------------------ 2715| 1| LIBSSH2_ED25519_KEY_LEN); 2716| 1| LIBSSH2_FREE(session, key_state->curve25519_public_key); ------------------ | | 238| 1| session->free(ptr, &(session)->abstract) ------------------ 2717| 1| key_state->curve25519_public_key = NULL; 2718| 1| } 2719| | 2720| 2| if(key_state->curve25519_private_key) { ------------------ | Branch (2720:8): [True: 1, False: 1] ------------------ 2721| 1| _libssh2_explicit_zero(key_state->curve25519_private_key, ------------------ | | 51| 1|#define _libssh2_explicit_zero(buf, size) explicit_bzero(buf, size) ------------------ 2722| 1| LIBSSH2_ED25519_KEY_LEN); 2723| 1| LIBSSH2_FREE(session, key_state->curve25519_private_key); ------------------ | | 238| 1| session->free(ptr, &(session)->abstract) ------------------ 2724| 1| key_state->curve25519_private_key = NULL; 2725| 1| } 2726| | 2727| 2| if(key_state->data) { ------------------ | Branch (2727:8): [True: 1, False: 1] ------------------ 2728| 1| LIBSSH2_FREE(session, key_state->data); ------------------ | | 238| 1| session->free(ptr, &(session)->abstract) ------------------ 2729| 1| key_state->data = NULL; 2730| 1| } 2731| | 2732| 2| key_state->state = libssh2_NB_state_idle; 2733| | 2734| 2| if(key_state->exchange_state.state != libssh2_NB_state_idle) { ------------------ | Branch (2734:8): [True: 0, False: 2] ------------------ 2735| 0| curve25519_exchange_state_cleanup(session, &key_state->exchange_state); 2736| 0| } 2737| 2|} kex.c:kex_method_ecdh_key_exchange: 2176| 16|{ 2177| 16| int ret = 0; 2178| 16| int rc = 0; 2179| 16| unsigned char *s; 2180| 16| libssh2_curve_type type; 2181| | 2182| 16| if(key_state->state == libssh2_NB_state_idle) { ------------------ | Branch (2182:8): [True: 16, False: 0] ------------------ 2183| | 2184| 16| key_state->public_key_oct = NULL; 2185| 16| key_state->state = libssh2_NB_state_created; 2186| 16| } 2187| | 2188| 16| if(key_state->state == libssh2_NB_state_created) { ------------------ | Branch (2188:8): [True: 16, False: 0] ------------------ 2189| 16| rc = kex_session_ecdh_curve_type(session->kex->name, &type); 2190| | 2191| 16| if(rc) { ------------------ | Branch (2191:12): [True: 0, False: 16] ------------------ 2192| 0| ret = _libssh2_error(session, -1, "Unknown KEX nistp curve type"); 2193| 0| goto ecdh_clean_exit; 2194| 0| } 2195| | 2196| 16| rc = _libssh2_ecdsa_create_key(session, &key_state->private_key, 2197| 16| &key_state->public_key_oct, 2198| 16| &key_state->public_key_oct_len, type); 2199| | 2200| 16| if(rc) { ------------------ | Branch (2200:12): [True: 0, False: 16] ------------------ 2201| 0| ret = _libssh2_error(session, rc, "Unable to create private key"); 2202| 0| goto ecdh_clean_exit; 2203| 0| } 2204| | 2205| 16| key_state->request[0] = SSH2_MSG_KEX_ECDH_INIT; ------------------ | | 1137| 16|#define SSH2_MSG_KEX_ECDH_INIT 30 ------------------ 2206| 16| s = key_state->request + 1; 2207| 16| _libssh2_store_str(&s, (const char *)key_state->public_key_oct, 2208| 16| key_state->public_key_oct_len); 2209| 16| key_state->request_len = key_state->public_key_oct_len + 5; 2210| | 2211| 16| _libssh2_debug((session, LIBSSH2_TRACE_KEX, ------------------ | | 1090| 16|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 2212| 16| "Initiating ECDH SHA2 NISTP256")); 2213| | 2214| 16| key_state->state = libssh2_NB_state_sent; 2215| 16| } 2216| | 2217| 16| if(key_state->state == libssh2_NB_state_sent) { ------------------ | Branch (2217:8): [True: 16, False: 0] ------------------ 2218| 16| rc = _libssh2_transport_send(session, key_state->request, 2219| 16| key_state->request_len, NULL, 0); 2220| 16| if(rc == LIBSSH2_ERROR_EAGAIN) { ------------------ | | 520| 16|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (2220:12): [True: 0, False: 16] ------------------ 2221| 0| return rc; 2222| 0| } 2223| 16| else if(rc) { ------------------ | Branch (2223:17): [True: 0, False: 16] ------------------ 2224| 0| ret = _libssh2_error(session, rc, "Unable to send ECDH_INIT"); 2225| 0| goto ecdh_clean_exit; 2226| 0| } 2227| | 2228| 16| key_state->state = libssh2_NB_state_sent1; 2229| 16| } 2230| | 2231| 16| if(key_state->state == libssh2_NB_state_sent1) { ------------------ | Branch (2231:8): [True: 16, False: 0] ------------------ 2232| 16| rc = _libssh2_packet_require(session, SSH2_MSG_KEX_ECDH_REPLY, ------------------ | | 1138| 16|#define SSH2_MSG_KEX_ECDH_REPLY 31 ------------------ 2233| 16| &key_state->data, &key_state->data_len, 2234| 16| 0, NULL, 0, &key_state->req_state); 2235| 16| if(rc == LIBSSH2_ERROR_EAGAIN) { ------------------ | | 520| 16|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (2235:12): [True: 0, False: 16] ------------------ 2236| 0| return rc; 2237| 0| } 2238| 16| else if(rc) { ------------------ | Branch (2238:17): [True: 16, False: 0] ------------------ 2239| 16| ret = _libssh2_error(session, rc, 2240| 16| "Timeout waiting for ECDH_REPLY reply"); 2241| 16| goto ecdh_clean_exit; 2242| 16| } 2243| | 2244| 0| key_state->state = libssh2_NB_state_sent2; 2245| 0| } 2246| | 2247| 0| if(key_state->state == libssh2_NB_state_sent2) { ------------------ | Branch (2247:8): [True: 0, False: 0] ------------------ 2248| | 2249| 0| rc = kex_session_ecdh_curve_type(session->kex->name, &type); 2250| | 2251| 0| if(rc) { ------------------ | Branch (2251:12): [True: 0, False: 0] ------------------ 2252| 0| ret = _libssh2_error(session, -1, "Unknown KEX nistp curve type"); 2253| 0| goto ecdh_clean_exit; 2254| 0| } 2255| | 2256| 0| ret = ecdh_sha2_nistp(session, type, key_state->data, 2257| 0| key_state->data_len, 2258| 0| (unsigned char *)key_state->public_key_oct, 2259| 0| key_state->public_key_oct_len, 2260| 0| key_state->private_key, 2261| 0| &key_state->exchange_state); 2262| | 2263| 0| if(ret == LIBSSH2_ERROR_EAGAIN) { ------------------ | | 520| 0|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (2263:12): [True: 0, False: 0] ------------------ 2264| 0| return ret; 2265| 0| } 2266| 0| } 2267| | 2268| 16|ecdh_clean_exit: 2269| | 2270| 16| kex_method_ecdh_cleanup(session, key_state); 2271| | 2272| 16| return ret; 2273| 0|} kex.c:kex_session_ecdh_curve_type: 1940| 16|{ 1941| 16| libssh2_curve_type type; 1942| | 1943| 16| if(!name) ------------------ | Branch (1943:8): [True: 0, False: 16] ------------------ 1944| 0| return -1; 1945| | 1946| 16| if(strcmp(name, "ecdh-sha2-nistp256") == 0) ------------------ | Branch (1946:8): [True: 4, False: 12] ------------------ 1947| 4| type = LIBSSH2_EC_CURVE_NISTP256; 1948| 12| else if(strcmp(name, "ecdh-sha2-nistp384") == 0) ------------------ | Branch (1948:13): [True: 0, False: 12] ------------------ 1949| 0| type = LIBSSH2_EC_CURVE_NISTP384; 1950| 12| else if(strcmp(name, "ecdh-sha2-nistp521") == 0) ------------------ | Branch (1950:13): [True: 12, False: 0] ------------------ 1951| 12| type = LIBSSH2_EC_CURVE_NISTP521; 1952| 0| else { 1953| 0| return -1; 1954| 0| } 1955| | 1956| 16| if(out_type) { ------------------ | Branch (1956:8): [True: 16, False: 0] ------------------ 1957| 16| *out_type = type; 1958| 16| } 1959| | 1960| 16| return 0; 1961| 16|} kex.c:kex_method_ecdh_cleanup: 1979| 32|{ 1980| 32| if(key_state->public_key_oct) { ------------------ | Branch (1980:8): [True: 16, False: 16] ------------------ 1981| 16| LIBSSH2_FREE(session, key_state->public_key_oct); ------------------ | | 238| 16| session->free(ptr, &(session)->abstract) ------------------ 1982| 16| key_state->public_key_oct = NULL; 1983| 16| } 1984| | 1985| 32| if(key_state->private_key) { ------------------ | Branch (1985:8): [True: 16, False: 16] ------------------ 1986| 16| _libssh2_ecdsa_free(key_state->private_key); ------------------ | | 371| 16|#define _libssh2_ecdsa_free(ecdsactx) EC_KEY_free(ecdsactx) ------------------ 1987| 16| key_state->private_key = NULL; 1988| 16| } 1989| | 1990| 32| if(key_state->data) { ------------------ | Branch (1990:8): [True: 0, False: 32] ------------------ 1991| 0| LIBSSH2_FREE(session, key_state->data); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1992| 0| key_state->data = NULL; 1993| 0| } 1994| | 1995| 32| key_state->state = libssh2_NB_state_idle; 1996| | 1997| 32| if(key_state->exchange_state.state != libssh2_NB_state_idle) { ------------------ | Branch (1997:8): [True: 0, False: 32] ------------------ 1998| 0| ecdh_exchange_state_cleanup(session, &key_state->exchange_state); 1999| 0| } 2000| 32|} kex.c:kex_method_diffie_hellman_group_exchange_sha256_key_exchange: 1554| 110|{ 1555| 110| int ret = 0; 1556| 110| int rc; 1557| | 1558| 110| if(key_state->state == libssh2_NB_state_idle) { ------------------ | Branch (1558:8): [True: 110, False: 0] ------------------ 1559| 110| key_state->p = _libssh2_bn_init_from_bin(); ------------------ | | 422| 110|#define _libssh2_bn_init_from_bin() _libssh2_bn_init() | | ------------------ | | | | 421| 110|#define _libssh2_bn_init() BN_new() | | ------------------ ------------------ 1560| 110| key_state->g = _libssh2_bn_init_from_bin(); ------------------ | | 422| 110|#define _libssh2_bn_init_from_bin() _libssh2_bn_init() | | ------------------ | | | | 421| 110|#define _libssh2_bn_init() BN_new() | | ------------------ ------------------ 1561| | /* Ask for a P and G pair */ 1562| 110| key_state->request[0] = SSH_MSG_KEX_DH_GEX_REQUEST; ------------------ | | 1131| 110|#define SSH_MSG_KEX_DH_GEX_REQUEST 34 ------------------ 1563| 110| _libssh2_htonu32(key_state->request + 1, LIBSSH2_DH_GEX_MINGROUP); ------------------ | | 433| 110|#define LIBSSH2_DH_GEX_MINGROUP 2048 ------------------ 1564| 110| _libssh2_htonu32(key_state->request + 5, LIBSSH2_DH_GEX_OPTGROUP); ------------------ | | 434| 110|#define LIBSSH2_DH_GEX_OPTGROUP 4096 ------------------ 1565| 110| _libssh2_htonu32(key_state->request + 9, LIBSSH2_DH_GEX_MAXGROUP); ------------------ | | 435| 110|#define LIBSSH2_DH_GEX_MAXGROUP 8192 ------------------ 1566| 110| key_state->request_len = 13; 1567| 110| _libssh2_debug((session, LIBSSH2_TRACE_KEX, ------------------ | | 1090| 110|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 1568| 110| "Initiating Diffie-Hellman Group-Exchange SHA256")); 1569| | 1570| 110| key_state->state = libssh2_NB_state_created; 1571| 110| } 1572| | 1573| 110| if(key_state->state == libssh2_NB_state_created) { ------------------ | Branch (1573:8): [True: 110, False: 0] ------------------ 1574| 110| rc = _libssh2_transport_send(session, key_state->request, 1575| 110| key_state->request_len, NULL, 0); 1576| 110| if(rc == LIBSSH2_ERROR_EAGAIN) { ------------------ | | 520| 110|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (1576:12): [True: 0, False: 110] ------------------ 1577| 0| return rc; 1578| 0| } 1579| 110| else if(rc) { ------------------ | Branch (1579:17): [True: 0, False: 110] ------------------ 1580| 0| ret = _libssh2_error(session, rc, 1581| 0| "Unable to send " 1582| 0| "Group Exchange Request SHA256"); 1583| 0| goto dh_gex_clean_exit; 1584| 0| } 1585| | 1586| 110| key_state->state = libssh2_NB_state_sent; 1587| 110| } 1588| | 1589| 110| if(key_state->state == libssh2_NB_state_sent) { ------------------ | Branch (1589:8): [True: 110, False: 0] ------------------ 1590| 110| rc = _libssh2_packet_require(session, SSH_MSG_KEX_DH_GEX_GROUP, ------------------ | | 1132| 110|#define SSH_MSG_KEX_DH_GEX_GROUP 31 ------------------ 1591| 110| &key_state->data, &key_state->data_len, 1592| 110| 0, NULL, 0, &key_state->req_state); 1593| 110| if(rc == LIBSSH2_ERROR_EAGAIN) { ------------------ | | 520| 110|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (1593:12): [True: 0, False: 110] ------------------ 1594| 0| return rc; 1595| 0| } 1596| 110| else if(rc) { ------------------ | Branch (1596:17): [True: 3, False: 107] ------------------ 1597| 3| ret = _libssh2_error(session, rc, 1598| 3| "Timeout waiting for GEX_GROUP reply SHA256"); 1599| 3| goto dh_gex_clean_exit; 1600| 3| } 1601| | 1602| 107| key_state->state = libssh2_NB_state_sent1; 1603| 107| } 1604| | 1605| 107| if(key_state->state == libssh2_NB_state_sent1) { ------------------ | Branch (1605:8): [True: 107, False: 0] ------------------ 1606| 107| unsigned char *p, *g; 1607| 107| size_t p_len, g_len; 1608| 107| struct string_buf buf; 1609| 107| libssh2_sha256_ctx exchange_hash_ctx; ------------------ | | 252| 107|#define libssh2_sha256_ctx EVP_MD_CTX * ------------------ 1610| 107| int bits; 1611| | 1612| 107| if(key_state->data_len < 9) { ------------------ | Branch (1612:12): [True: 0, False: 107] ------------------ 1613| 0| ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO, ------------------ | | 495| 0|#define LIBSSH2_ERROR_PROTO (-14) ------------------ 1614| 0| "Unexpected key length DH-SHA256"); 1615| 0| goto dh_gex_clean_exit; 1616| 0| } 1617| | 1618| 107| buf.data = key_state->data; 1619| 107| buf.dataptr = buf.data; 1620| 107| buf.len = key_state->data_len; 1621| | 1622| 107| buf.dataptr++; /* increment to big num */ 1623| | 1624| 107| if(_libssh2_get_bignum_bytes(&buf, &p, &p_len)) { ------------------ | Branch (1624:12): [True: 0, False: 107] ------------------ 1625| 0| ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO, ------------------ | | 495| 0|#define LIBSSH2_ERROR_PROTO (-14) ------------------ 1626| 0| "Unexpected value DH-SHA256 p"); 1627| 0| goto dh_gex_clean_exit; 1628| 0| } 1629| | 1630| 107| if(_libssh2_get_bignum_bytes(&buf, &g, &g_len)) { ------------------ | Branch (1630:12): [True: 0, False: 107] ------------------ 1631| 0| ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO, ------------------ | | 495| 0|#define LIBSSH2_ERROR_PROTO (-14) ------------------ 1632| 0| "Unexpected value DH-SHA256 g"); 1633| 0| goto dh_gex_clean_exit; 1634| 0| } 1635| | 1636| 107| if(_libssh2_bn_from_bin(key_state->p, p_len, p)) { ------------------ | Branch (1636:12): [True: 0, False: 107] ------------------ 1637| 0| ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO, ------------------ | | 495| 0|#define LIBSSH2_ERROR_PROTO (-14) ------------------ 1638| 0| "Invalid DH-SHA256 p"); 1639| 0| goto dh_gex_clean_exit; 1640| 0| } 1641| | 1642| 107| bits = (int)_libssh2_bn_bits(key_state->p); ------------------ | | 428| 107|#define _libssh2_bn_bits(bn) BN_num_bits(bn) ------------------ 1643| 107| if(bits < LIBSSH2_DH_GEX_MINGROUP || ------------------ | | 433| 214|#define LIBSSH2_DH_GEX_MINGROUP 2048 ------------------ | Branch (1643:12): [True: 107, False: 0] ------------------ 1644| 107| bits > LIBSSH2_DH_GEX_MAXGROUP) { ------------------ | | 435| 0|#define LIBSSH2_DH_GEX_MAXGROUP 8192 ------------------ | Branch (1644:12): [True: 0, False: 0] ------------------ 1645| 107| ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO, ------------------ | | 495| 107|#define LIBSSH2_ERROR_PROTO (-14) ------------------ 1646| 107| "DH-SHA256 p out of range"); 1647| 107| goto dh_gex_clean_exit; 1648| 107| } 1649| | 1650| 0| if(_libssh2_bn_from_bin(key_state->g, g_len, g)) { ------------------ | Branch (1650:12): [True: 0, False: 0] ------------------ 1651| 0| ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO, ------------------ | | 495| 0|#define LIBSSH2_ERROR_PROTO (-14) ------------------ 1652| 0| "Invalid DH-SHA256 g"); 1653| 0| goto dh_gex_clean_exit; 1654| 0| } 1655| | 1656| 0| ret = diffie_hellman_sha_algo(session, key_state->g, key_state->p, 1657| 0| (int)p_len, 256, 1658| 0| (void *)&exchange_hash_ctx, 1659| 0| SSH_MSG_KEX_DH_GEX_INIT, ------------------ | | 1133| 0|#define SSH_MSG_KEX_DH_GEX_INIT 32 ------------------ 1660| 0| SSH_MSG_KEX_DH_GEX_REPLY, ------------------ | | 1134| 0|#define SSH_MSG_KEX_DH_GEX_REPLY 33 ------------------ 1661| 0| key_state->data + 1, 1662| 0| key_state->data_len - 1, 1663| 0| &key_state->exchange_state); 1664| 0| if(ret == LIBSSH2_ERROR_EAGAIN) { ------------------ | | 520| 0|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (1664:12): [True: 0, False: 0] ------------------ 1665| 0| return ret; 1666| 0| } 1667| 0| } 1668| | 1669| 110|dh_gex_clean_exit: 1670| 110| kex_diffie_hellman_cleanup(session, key_state); 1671| | 1672| 110| return ret; 1673| 107|} kex.c:diffie_hellman_sha_algo: 639| 2|{ 640| 2| int ret = 0; 641| 2| int rc; 642| | 643| 2| int digest_len = 0; 644| | 645| 2| if(sha_algo_value == 512) ------------------ | Branch (645:8): [True: 2, False: 0] ------------------ 646| 2| digest_len = SHA512_DIGEST_LENGTH; 647| 0| else if(sha_algo_value == 384) ------------------ | Branch (647:13): [True: 0, False: 0] ------------------ 648| 0| digest_len = SHA384_DIGEST_LENGTH; 649| 0| else if(sha_algo_value == 256) ------------------ | Branch (649:13): [True: 0, False: 0] ------------------ 650| 0| digest_len = SHA256_DIGEST_LENGTH; 651| 0| else if(sha_algo_value == 1) ------------------ | Branch (651:13): [True: 0, False: 0] ------------------ 652| 0| digest_len = SHA1_DIGEST_LENGTH; ------------------ | | 51| 0|#define SHA1_DIGEST_LENGTH SHA_DIGEST_LENGTH ------------------ 653| 0| else { 654| 0| ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO, ------------------ | | 495| 0|#define LIBSSH2_ERROR_PROTO (-14) ------------------ 655| 0| "sha algo value is unimplemented"); 656| 0| goto clean_exit; 657| 0| } 658| | 659| 2| if(exchange_state->state == libssh2_NB_state_idle) { ------------------ | Branch (659:8): [True: 2, False: 0] ------------------ 660| | /* Setup initial values */ 661| 2| exchange_state->e_packet = NULL; 662| 2| exchange_state->s_packet = NULL; 663| 2| exchange_state->k_value = NULL; 664| 2| exchange_state->ctx = _libssh2_bn_ctx_new(); ------------------ | | 419| 2|#define _libssh2_bn_ctx_new() BN_CTX_new() ------------------ 665| 2| libssh2_dh_init(&exchange_state->x); ------------------ | | 440| 2|#define libssh2_dh_init(dhctx) _libssh2_dh_init(dhctx) ------------------ 666| 2| exchange_state->e = _libssh2_bn_init(); /* g^x mod p */ ------------------ | | 421| 2|#define _libssh2_bn_init() BN_new() ------------------ 667| 2| exchange_state->f = _libssh2_bn_init_from_bin(); /* g^(Random from ------------------ | | 422| 2|#define _libssh2_bn_init_from_bin() _libssh2_bn_init() | | ------------------ | | | | 421| 2|#define _libssh2_bn_init() BN_new() | | ------------------ ------------------ 668| | server) mod p */ 669| 2| exchange_state->k = _libssh2_bn_init(); /* The shared secret: f^x mod ------------------ | | 421| 2|#define _libssh2_bn_init() BN_new() ------------------ 670| | p */ 671| | 672| | /* Zero the whole thing out */ 673| 2| memset(&exchange_state->req_state, 0, 674| 2| sizeof(exchange_state->req_state)); 675| | 676| | /* Generate x and e */ 677| 2| if(_libssh2_bn_bits(p) > LIBSSH2_DH_MAX_MODULUS_BITS) { ------------------ | | 428| 2|#define _libssh2_bn_bits(bn) BN_num_bits(bn) ------------------ if(_libssh2_bn_bits(p) > LIBSSH2_DH_MAX_MODULUS_BITS) { ------------------ | | 437| 2|#define LIBSSH2_DH_MAX_MODULUS_BITS 16384 ------------------ | Branch (677:12): [True: 0, False: 2] ------------------ 678| 0| ret = _libssh2_error(session, LIBSSH2_ERROR_INVAL, ------------------ | | 517| 0|#define LIBSSH2_ERROR_INVAL (-34) ------------------ 679| 0| "dh modulus value is too large"); 680| 0| goto clean_exit; 681| 0| } 682| | 683| 2| rc = libssh2_dh_key_pair(&exchange_state->x, exchange_state->e, g, p, ------------------ | | 442| 2| _libssh2_dh_key_pair(dhctx, public, g, p, group_order, bnctx) ------------------ 684| 2| group_order, exchange_state->ctx); 685| 2| if(rc) { ------------------ | Branch (685:12): [True: 0, False: 2] ------------------ 686| 0| ret = _libssh2_error(session, LIBSSH2_ERROR_KEX_FAILURE, ------------------ | | 486| 0|#define LIBSSH2_ERROR_KEX_FAILURE (-5) ------------------ 687| 0| "dh key pair generation failed"); 688| 0| goto clean_exit; 689| 0| } 690| | 691| | /* Send KEX init */ 692| | /* packet_type(1) + String Length(4) + leading 0(1) */ 693| 2| exchange_state->e_packet_len = 694| 2| _libssh2_bn_bytes(exchange_state->e) + 6; ------------------ | | 427| 2|#define _libssh2_bn_bytes(bn) BN_num_bytes(bn) ------------------ 695| 2| if(_libssh2_bn_bits(exchange_state->e) % 8) { ------------------ | | 428| 2|#define _libssh2_bn_bits(bn) BN_num_bits(bn) ------------------ | Branch (695:12): [True: 1, False: 1] ------------------ 696| | /* Leading 00 not needed */ 697| 1| exchange_state->e_packet_len--; 698| 1| } 699| | 700| 2| exchange_state->e_packet = 701| 2| LIBSSH2_ALLOC(session, exchange_state->e_packet_len); ------------------ | | 232| 2| session->alloc(count, &(session)->abstract) ------------------ 702| 2| if(!exchange_state->e_packet) { ------------------ | Branch (702:12): [True: 0, False: 2] ------------------ 703| 0| ret = _libssh2_error(session, LIBSSH2_ERROR_ALLOC, ------------------ | | 487| 0|#define LIBSSH2_ERROR_ALLOC (-6) ------------------ 704| 0| "Out of memory error"); 705| 0| goto clean_exit; 706| 0| } 707| 2| exchange_state->e_packet[0] = packet_type_init; 708| 2| _libssh2_htonu32(exchange_state->e_packet + 1, 709| 2| (uint32_t)(exchange_state->e_packet_len - 5)); 710| 2| if(_libssh2_bn_bits(exchange_state->e) % 8) { ------------------ | | 428| 2|#define _libssh2_bn_bits(bn) BN_num_bits(bn) ------------------ | Branch (710:12): [True: 1, False: 1] ------------------ 711| 1| if(_libssh2_bn_to_bin(exchange_state->e, ------------------ | | 426| 1|#define _libssh2_bn_to_bin(bn, val) (BN_bn2bin(bn, val) <= 0) | | ------------------ | | | Branch (426:37): [True: 0, False: 1] | | ------------------ ------------------ 712| 1| exchange_state->e_packet + 5)) { 713| 0| ret = _libssh2_error(session, LIBSSH2_ERROR_OUT_OF_BOUNDARY, ------------------ | | 524| 0|#define LIBSSH2_ERROR_OUT_OF_BOUNDARY (-41) ------------------ 714| 0| "Can't write exchange_state->e"); 715| 0| goto clean_exit; 716| 0| } 717| 1| } 718| 1| else { 719| 1| exchange_state->e_packet[5] = 0; 720| 1| if(_libssh2_bn_to_bin(exchange_state->e, ------------------ | | 426| 1|#define _libssh2_bn_to_bin(bn, val) (BN_bn2bin(bn, val) <= 0) | | ------------------ | | | Branch (426:37): [True: 0, False: 1] | | ------------------ ------------------ 721| 1| exchange_state->e_packet + 6)) { 722| 0| ret = _libssh2_error(session, LIBSSH2_ERROR_OUT_OF_BOUNDARY, ------------------ | | 524| 0|#define LIBSSH2_ERROR_OUT_OF_BOUNDARY (-41) ------------------ 723| 0| "Can't write exchange_state->e"); 724| 0| goto clean_exit; 725| 0| } 726| 1| } 727| | 728| 2| _libssh2_debug((session, LIBSSH2_TRACE_KEX, "Sending KEX packet %u", ------------------ | | 1090| 2|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 729| 2| (unsigned int)packet_type_init)); 730| 2| exchange_state->state = libssh2_NB_state_created; 731| 2| } 732| | 733| 2| if(exchange_state->state == libssh2_NB_state_created) { ------------------ | Branch (733:8): [True: 2, False: 0] ------------------ 734| 2| rc = _libssh2_transport_send(session, exchange_state->e_packet, 735| 2| exchange_state->e_packet_len, NULL, 0); 736| 2| if(rc == LIBSSH2_ERROR_EAGAIN) { ------------------ | | 520| 2|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (736:12): [True: 0, False: 2] ------------------ 737| 0| return rc; 738| 0| } 739| 2| else if(rc) { ------------------ | Branch (739:17): [True: 0, False: 2] ------------------ 740| 0| ret = _libssh2_error(session, rc, 741| 0| "Unable to send KEX init message"); 742| 0| goto clean_exit; 743| 0| } 744| 2| exchange_state->state = libssh2_NB_state_sent; 745| 2| } 746| | 747| 2| if(exchange_state->state == libssh2_NB_state_sent) { ------------------ | Branch (747:8): [True: 2, False: 0] ------------------ 748| 2| if(session->burn_optimistic_kexinit) { ------------------ | Branch (748:12): [True: 2, False: 0] ------------------ 749| | /* The first KEX packet to come along will be the guess initially 750| | * sent by the server. That guess turned out to be wrong so we 751| | * need to silently ignore it */ 752| 2| int burn_type; 753| | 754| 2| _libssh2_debug((session, LIBSSH2_TRACE_KEX, ------------------ | | 1090| 2|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 755| 2| "Waiting for badly guessed KEX packet " 756| 2| "(to be ignored)")); 757| 2| burn_type = 758| 2| _libssh2_packet_burn(session, &exchange_state->burn_state); 759| 2| if(burn_type == LIBSSH2_ERROR_EAGAIN) { ------------------ | | 520| 2|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (759:16): [True: 0, False: 2] ------------------ 760| 0| return burn_type; 761| 0| } 762| 2| else if(burn_type <= 0) { ------------------ | Branch (762:21): [True: 2, False: 0] ------------------ 763| | /* Failed to receive a packet */ 764| 2| ret = burn_type; 765| 2| goto clean_exit; 766| 2| } 767| 0| session->burn_optimistic_kexinit = 0; 768| | 769| 0| _libssh2_debug((session, LIBSSH2_TRACE_KEX, ------------------ | | 1090| 0|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 770| 0| "Burnt packet of type: %02x", 771| 0| (unsigned int)burn_type)); 772| 0| } 773| | 774| 0| exchange_state->state = libssh2_NB_state_sent1; 775| 0| } 776| | 777| 0| if(exchange_state->state == libssh2_NB_state_sent1) { ------------------ | Branch (777:8): [True: 0, False: 0] ------------------ 778| | /* Wait for KEX reply */ 779| 0| struct string_buf buf; 780| 0| int err; 781| 0| int hok; 782| | 783| 0| rc = _libssh2_packet_require(session, packet_type_reply, 784| 0| &exchange_state->s_packet, 785| 0| &exchange_state->s_packet_len, 0, NULL, 786| 0| 0, &exchange_state->req_state); 787| 0| if(rc == LIBSSH2_ERROR_EAGAIN) { ------------------ | | 520| 0|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (787:12): [True: 0, False: 0] ------------------ 788| 0| return rc; 789| 0| } 790| 0| if(rc) { ------------------ | Branch (790:12): [True: 0, False: 0] ------------------ 791| 0| ret = _libssh2_error(session, LIBSSH2_ERROR_TIMEOUT, ------------------ | | 490| 0|#define LIBSSH2_ERROR_TIMEOUT (-9) ------------------ 792| 0| "Timed out waiting for KEX reply"); 793| 0| goto clean_exit; 794| 0| } 795| | 796| 0| ret = process_host_key(session, &buf, exchange_state, NULL, 0); 797| 0| if(ret) { ------------------ | Branch (797:12): [True: 0, False: 0] ------------------ 798| 0| goto clean_exit; 799| 0| } 800| | 801| 0| if(_libssh2_get_string(&buf, &(exchange_state->f_value), ------------------ | Branch (801:12): [True: 0, False: 0] ------------------ 802| 0| &(exchange_state->f_value_len))) { 803| 0| ret = _libssh2_error(session, LIBSSH2_ERROR_HOSTKEY_INIT, ------------------ | | 491| 0|#define LIBSSH2_ERROR_HOSTKEY_INIT (-10) ------------------ 804| 0| "Unable to get DH-SHA f value"); 805| 0| goto clean_exit; 806| 0| } 807| | 808| 0| if(_libssh2_bn_from_bin(exchange_state->f, ------------------ | Branch (808:12): [True: 0, False: 0] ------------------ 809| 0| exchange_state->f_value_len, 810| 0| exchange_state->f_value)) { 811| 0| ret = _libssh2_error(session, LIBSSH2_ERROR_HOSTKEY_INIT, ------------------ | | 491| 0|#define LIBSSH2_ERROR_HOSTKEY_INIT (-10) ------------------ 812| 0| "Invalid DH-SHA f value"); 813| 0| goto clean_exit; 814| 0| } 815| | 816| 0| if(_libssh2_get_string(&buf, &(exchange_state->h_sig), ------------------ | Branch (816:12): [True: 0, False: 0] ------------------ 817| 0| &(exchange_state->h_sig_len))) { 818| 0| ret = _libssh2_error(session, LIBSSH2_ERROR_HOSTKEY_INIT, ------------------ | | 491| 0|#define LIBSSH2_ERROR_HOSTKEY_INIT (-10) ------------------ 819| 0| "Unable to get DH-SHA h sig"); 820| 0| goto clean_exit; 821| 0| } 822| | 823| | /* Compute the shared secret */ 824| 0| libssh2_dh_secret(&exchange_state->x, exchange_state->k, ------------------ | | 444| 0| _libssh2_dh_secret(dhctx, secret, f, p, bnctx) ------------------ 825| 0| exchange_state->f, p, exchange_state->ctx); 826| 0| exchange_state->k_value_len = _libssh2_bn_bytes(exchange_state->k) + 5; ------------------ | | 427| 0|#define _libssh2_bn_bytes(bn) BN_num_bytes(bn) ------------------ 827| 0| if(_libssh2_bn_bits(exchange_state->k) % 8) { ------------------ | | 428| 0|#define _libssh2_bn_bits(bn) BN_num_bits(bn) ------------------ | Branch (827:12): [True: 0, False: 0] ------------------ 828| | /* don't need leading 00 */ 829| 0| exchange_state->k_value_len--; 830| 0| } 831| 0| exchange_state->k_value = 832| 0| LIBSSH2_ALLOC(session, exchange_state->k_value_len); ------------------ | | 232| 0| session->alloc(count, &(session)->abstract) ------------------ 833| 0| if(!exchange_state->k_value) { ------------------ | Branch (833:12): [True: 0, False: 0] ------------------ 834| 0| ret = _libssh2_error(session, LIBSSH2_ERROR_ALLOC, ------------------ | | 487| 0|#define LIBSSH2_ERROR_ALLOC (-6) ------------------ 835| 0| "Unable to allocate buffer for DH-SHA K"); 836| 0| goto clean_exit; 837| 0| } 838| 0| _libssh2_htonu32(exchange_state->k_value, 839| 0| (uint32_t)(exchange_state->k_value_len - 4)); 840| 0| if(_libssh2_bn_bits(exchange_state->k) % 8) { ------------------ | | 428| 0|#define _libssh2_bn_bits(bn) BN_num_bits(bn) ------------------ | Branch (840:12): [True: 0, False: 0] ------------------ 841| 0| if(_libssh2_bn_to_bin(exchange_state->k, ------------------ | | 426| 0|#define _libssh2_bn_to_bin(bn, val) (BN_bn2bin(bn, val) <= 0) | | ------------------ | | | Branch (426:37): [True: 0, False: 0] | | ------------------ ------------------ 842| 0| exchange_state->k_value + 4)) { 843| 0| ret = _libssh2_error(session, LIBSSH2_ERROR_OUT_OF_BOUNDARY, ------------------ | | 524| 0|#define LIBSSH2_ERROR_OUT_OF_BOUNDARY (-41) ------------------ 844| 0| "Can't write exchange_state->k"); 845| 0| goto clean_exit; 846| 0| } 847| 0| } 848| 0| else { 849| 0| exchange_state->k_value[4] = 0; 850| 0| if(_libssh2_bn_to_bin(exchange_state->k, ------------------ | | 426| 0|#define _libssh2_bn_to_bin(bn, val) (BN_bn2bin(bn, val) <= 0) | | ------------------ | | | Branch (426:37): [True: 0, False: 0] | | ------------------ ------------------ 851| 0| exchange_state->k_value + 5)) { 852| 0| ret = _libssh2_error(session, LIBSSH2_ERROR_OUT_OF_BOUNDARY, ------------------ | | 524| 0|#define LIBSSH2_ERROR_OUT_OF_BOUNDARY (-41) ------------------ 853| 0| "Can't write exchange_state->k"); 854| 0| goto clean_exit; 855| 0| } 856| 0| } 857| | 858| 0| if(!sha_algo_ctx_init(sha_algo_value, exchange_hash_ctx)) { ------------------ | Branch (858:12): [True: 0, False: 0] ------------------ 859| 0| ret = _libssh2_error(session, LIBSSH2_ERROR_HASH_INIT, ------------------ | | 536| 0|#define LIBSSH2_ERROR_HASH_INIT (-53) ------------------ 860| 0| "Unable to initialize hash context"); 861| 0| goto clean_exit; 862| 0| } 863| 0| hok = 1; 864| 0| if(session->local.banner) { ------------------ | Branch (864:12): [True: 0, False: 0] ------------------ 865| 0| _libssh2_htonu32(exchange_state->h_sig_comp, 866| 0| (uint32_t)(strlen((char *)session->local.banner) - 2)); 867| 0| hok &= sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, 868| 0| exchange_state->h_sig_comp, 4); 869| 0| hok &= sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, 870| 0| session->local.banner, 871| 0| strlen((char *)session->local.banner) - 2); 872| 0| } 873| 0| else { 874| 0| _libssh2_htonu32(exchange_state->h_sig_comp, 875| 0| sizeof(LIBSSH2_SSH_DEFAULT_BANNER) - 1); ------------------ | | 192| 0|#define LIBSSH2_SSH_DEFAULT_BANNER LIBSSH2_SSH_BANNER | | ------------------ | | | | 190| 0|#define LIBSSH2_SSH_BANNER "SSH-2.0-libssh2_" LIBSSH2_VERSION | | | | ------------------ | | | | | | 53| 0|#define LIBSSH2_VERSION "1.11.2_DEV" | | | | ------------------ | | ------------------ ------------------ 876| 0| hok &= sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, 877| 0| exchange_state->h_sig_comp, 4); 878| 0| hok &= sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, 879| 0| (const void *)LIBSSH2_SSH_DEFAULT_BANNER, ------------------ | | 192| 0|#define LIBSSH2_SSH_DEFAULT_BANNER LIBSSH2_SSH_BANNER | | ------------------ | | | | 190| 0|#define LIBSSH2_SSH_BANNER "SSH-2.0-libssh2_" LIBSSH2_VERSION | | | | ------------------ | | | | | | 53| 0|#define LIBSSH2_VERSION "1.11.2_DEV" | | | | ------------------ | | ------------------ ------------------ 880| 0| sizeof(LIBSSH2_SSH_DEFAULT_BANNER) - 1); ------------------ | | 192| 0|#define LIBSSH2_SSH_DEFAULT_BANNER LIBSSH2_SSH_BANNER | | ------------------ | | | | 190| 0|#define LIBSSH2_SSH_BANNER "SSH-2.0-libssh2_" LIBSSH2_VERSION | | | | ------------------ | | | | | | 53| 0|#define LIBSSH2_VERSION "1.11.2_DEV" | | | | ------------------ | | ------------------ ------------------ 881| 0| } 882| | 883| 0| _libssh2_htonu32(exchange_state->h_sig_comp, 884| 0| (uint32_t)strlen((char *)session->remote.banner)); 885| 0| hok &= sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, 886| 0| exchange_state->h_sig_comp, 4); 887| 0| hok &= sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, 888| 0| session->remote.banner, 889| 0| strlen((char *)session->remote.banner)); 890| | 891| 0| _libssh2_htonu32(exchange_state->h_sig_comp, 892| 0| (uint32_t)session->local.kexinit_len); 893| 0| hok &= sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, 894| 0| exchange_state->h_sig_comp, 4); 895| 0| hok &= sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, 896| 0| session->local.kexinit, 897| 0| session->local.kexinit_len); 898| | 899| 0| _libssh2_htonu32(exchange_state->h_sig_comp, 900| 0| (uint32_t)session->remote.kexinit_len); 901| 0| hok &= sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, 902| 0| exchange_state->h_sig_comp, 4); 903| 0| hok &= sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, 904| 0| session->remote.kexinit, 905| 0| session->remote.kexinit_len); 906| | 907| 0| _libssh2_htonu32(exchange_state->h_sig_comp, 908| 0| session->server_hostkey_len); 909| 0| hok &= sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, 910| 0| exchange_state->h_sig_comp, 4); 911| 0| hok &= sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, 912| 0| session->server_hostkey, 913| 0| session->server_hostkey_len); 914| | 915| 0| if(packet_type_init == SSH_MSG_KEX_DH_GEX_INIT) { ------------------ | | 1133| 0|#define SSH_MSG_KEX_DH_GEX_INIT 32 ------------------ | Branch (915:12): [True: 0, False: 0] ------------------ 916| | /* diffie-hellman-group-exchange hashes additional fields */ 917| 0| _libssh2_htonu32(exchange_state->h_sig_comp, 918| 0| LIBSSH2_DH_GEX_MINGROUP); ------------------ | | 433| 0|#define LIBSSH2_DH_GEX_MINGROUP 2048 ------------------ 919| 0| _libssh2_htonu32(exchange_state->h_sig_comp + 4, 920| 0| LIBSSH2_DH_GEX_OPTGROUP); ------------------ | | 434| 0|#define LIBSSH2_DH_GEX_OPTGROUP 4096 ------------------ 921| 0| _libssh2_htonu32(exchange_state->h_sig_comp + 8, 922| 0| LIBSSH2_DH_GEX_MAXGROUP); ------------------ | | 435| 0|#define LIBSSH2_DH_GEX_MAXGROUP 8192 ------------------ 923| 0| hok &= sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, 924| 0| exchange_state->h_sig_comp, 12); 925| 0| } 926| | 927| 0| if(midhash) { ------------------ | Branch (927:12): [True: 0, False: 0] ------------------ 928| 0| hok &= sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, 929| 0| midhash, midhash_len); 930| 0| } 931| | 932| 0| hok &= sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, 933| 0| exchange_state->e_packet + 1, 934| 0| exchange_state->e_packet_len - 1); 935| | 936| 0| _libssh2_htonu32(exchange_state->h_sig_comp, 937| 0| (uint32_t)exchange_state->f_value_len); 938| 0| hok &= sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, 939| 0| exchange_state->h_sig_comp, 4); 940| 0| hok &= sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, 941| 0| exchange_state->f_value, 942| 0| exchange_state->f_value_len); 943| | 944| 0| hok &= sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, 945| 0| exchange_state->k_value, 946| 0| exchange_state->k_value_len); 947| | 948| 0| if(!hok || ------------------ | Branch (948:12): [True: 0, False: 0] ------------------ 949| 0| !sha_algo_ctx_final(sha_algo_value, exchange_hash_ctx, ------------------ | Branch (949:12): [True: 0, False: 0] ------------------ 950| 0| exchange_state->h_sig_comp)) { 951| 0| ret = _libssh2_error(session, LIBSSH2_ERROR_HASH_CALC, ------------------ | | 537| 0|#define LIBSSH2_ERROR_HASH_CALC (-54) ------------------ 952| 0| "kex: failed to calculate hash"); 953| 0| goto clean_exit; 954| 0| } 955| | 956| 0| err = session->hostkey->sig_verify(session, 957| 0| exchange_state->h_sig, 958| 0| exchange_state->h_sig_len, 959| 0| exchange_state->h_sig_comp, 960| 0| digest_len, 961| 0| &session->server_hostkey_abstract); 962| | 963| 0| if(err) { ------------------ | Branch (963:12): [True: 0, False: 0] ------------------ 964| 0| _libssh2_debug((session, LIBSSH2_TRACE_KEX, ------------------ | | 1090| 0|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 965| 0| "Failed hostkey sig_verify(): %s: %d", 966| 0| session->hostkey->name, err)); 967| 0| ret = _libssh2_error(session, LIBSSH2_ERROR_HOSTKEY_SIGN, ------------------ | | 492| 0|#define LIBSSH2_ERROR_HOSTKEY_SIGN (-11) ------------------ 968| 0| "Unable to verify hostkey signature " 969| 0| "DH-SHA"); 970| 0| goto clean_exit; 971| 0| } 972| | 973| 0| _libssh2_debug((session, LIBSSH2_TRACE_KEX, ------------------ | | 1090| 0|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 974| 0| "Sending NEWKEYS message")); 975| 0| exchange_state->c = SSH_MSG_NEWKEYS; ------------------ | | 1122| 0|#define SSH_MSG_NEWKEYS 21 ------------------ 976| | 977| 0| exchange_state->state = libssh2_NB_state_sent2; 978| 0| } 979| | 980| 0| if(exchange_state->state == libssh2_NB_state_sent2) { ------------------ | Branch (980:8): [True: 0, False: 0] ------------------ 981| 0| rc = _libssh2_transport_send(session, &exchange_state->c, 1, NULL, 0); 982| 0| if(rc == LIBSSH2_ERROR_EAGAIN) { ------------------ | | 520| 0|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (982:12): [True: 0, False: 0] ------------------ 983| 0| return rc; 984| 0| } 985| 0| else if(rc) { ------------------ | Branch (985:17): [True: 0, False: 0] ------------------ 986| 0| ret = _libssh2_error(session, rc, 987| 0| "Unable to send NEWKEYS message DH-SHA"); 988| 0| goto clean_exit; 989| 0| } 990| | 991| 0| exchange_state->state = libssh2_NB_state_sent3; 992| 0| } 993| | 994| 0| if(exchange_state->state == libssh2_NB_state_sent3) { ------------------ | Branch (994:8): [True: 0, False: 0] ------------------ 995| 0| ret = finish_kex(session, exchange_state, digest_len, sha_algo_value); 996| 0| if(ret == LIBSSH2_ERROR_EAGAIN) { ------------------ | | 520| 0|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (996:12): [True: 0, False: 0] ------------------ 997| 0| return ret; 998| 0| } 999| 0| } 1000| | 1001| 2|clean_exit: 1002| 2| diffie_hellman_state_cleanup(session, exchange_state); 1003| | 1004| 2| return ret; 1005| 0|} kex.c:diffie_hellman_state_cleanup: 573| 2|{ 574| 2| libssh2_dh_dtor(&exchange_state->x); ------------------ | | 445| 2|#define libssh2_dh_dtor(dhctx) _libssh2_dh_dtor(dhctx) ------------------ 575| 2| _libssh2_bn_free(exchange_state->e); ------------------ | | 429| 2|#define _libssh2_bn_free(bn) BN_clear_free(bn) ------------------ 576| 2| exchange_state->e = NULL; 577| 2| _libssh2_bn_free(exchange_state->f); ------------------ | | 429| 2|#define _libssh2_bn_free(bn) BN_clear_free(bn) ------------------ 578| 2| exchange_state->f = NULL; 579| 2| _libssh2_bn_free(exchange_state->k); ------------------ | | 429| 2|#define _libssh2_bn_free(bn) BN_clear_free(bn) ------------------ 580| 2| exchange_state->k = NULL; 581| 2| _libssh2_bn_ctx_free(exchange_state->ctx); ------------------ | | 420| 2|#define _libssh2_bn_ctx_free(bnctx) BN_CTX_free(bnctx) ------------------ 582| 2| exchange_state->ctx = NULL; 583| | 584| 2| if(exchange_state->e_packet) { ------------------ | Branch (584:8): [True: 0, False: 2] ------------------ 585| 0| LIBSSH2_FREE(session, exchange_state->e_packet); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 586| 0| exchange_state->e_packet = NULL; 587| 0| } 588| | 589| 2| if(exchange_state->s_packet) { ------------------ | Branch (589:8): [True: 0, False: 2] ------------------ 590| 0| LIBSSH2_FREE(session, exchange_state->s_packet); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 591| 0| exchange_state->s_packet = NULL; 592| 0| } 593| | 594| 2| if(exchange_state->k_value) { ------------------ | Branch (594:8): [True: 0, False: 2] ------------------ 595| 0| LIBSSH2_FREE(session, exchange_state->k_value); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 596| 0| exchange_state->k_value = NULL; 597| 0| } 598| | 599| 2| exchange_state->state = libssh2_NB_state_idle; 600| 2|} kex.c:kex_diffie_hellman_cleanup: 604| 257|{ 605| 257| if(key_state->state != libssh2_NB_state_idle) { ------------------ | Branch (605:8): [True: 117, False: 140] ------------------ 606| 117| _libssh2_bn_free(key_state->p); ------------------ | | 429| 117|#define _libssh2_bn_free(bn) BN_clear_free(bn) ------------------ 607| 117| key_state->p = NULL; 608| 117| _libssh2_bn_free(key_state->g); ------------------ | | 429| 117|#define _libssh2_bn_free(bn) BN_clear_free(bn) ------------------ 609| 117| key_state->g = NULL; 610| | 611| 117| if(key_state->data) { ------------------ | Branch (611:12): [True: 114, False: 3] ------------------ 612| 114| LIBSSH2_FREE(session, key_state->data); ------------------ | | 238| 114| session->free(ptr, &(session)->abstract) ------------------ 613| 114| key_state->data = NULL; 614| 114| } 615| 117| key_state->state = libssh2_NB_state_idle; 616| 117| } 617| | 618| 257| if(key_state->exchange_state.state != libssh2_NB_state_idle) { ------------------ | Branch (618:8): [True: 0, False: 257] ------------------ 619| 0| diffie_hellman_state_cleanup(session, &key_state->exchange_state); 620| 0| } 621| 257|} kex.c:kex_method_diffie_hellman_group16_sha512_key_exchange: 1199| 2|{ 1200| 2| static const unsigned char p_value[512] = { 1201| 2| 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, 1202| 2| 0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, 1203| 2| 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6, 1204| 2| 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, 1205| 2| 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D, 1206| 2| 0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, 1207| 2| 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9, 1208| 2| 0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, 1209| 2| 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11, 1210| 2| 0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, 1211| 2| 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36, 1212| 2| 0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, 1213| 2| 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56, 1214| 2| 0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, 1215| 2| 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08, 1216| 2| 0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, 1217| 2| 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2, 1218| 2| 0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, 1219| 2| 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 0x39, 0x95, 0x49, 0x7C, 1220| 2| 0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, 1221| 2| 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D, 1222| 2| 0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, 1223| 2| 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A, 0xEA, 0x71, 0x57, 1224| 2| 0x5D, 0x06, 0x0C, 0x7D, 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, 1225| 2| 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, 0x1E, 0x8C, 0x94, 0xE0, 1226| 2| 0x4A, 0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, 1227| 2| 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76, 0x02, 0x73, 1228| 2| 0x3E, 0xC8, 0x6A, 0x64, 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, 1229| 2| 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, 0x77, 0x09, 0x88, 0xC0, 1230| 2| 0xBA, 0xD9, 0x46, 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, 1231| 2| 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1, 0x20, 1232| 2| 0xA9, 0x21, 0x08, 0x01, 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7, 1233| 2| 0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, 0x99, 0xC3, 0x27, 0x18, 1234| 2| 0x6A, 0xF4, 0xE2, 0x3C, 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA, 1235| 2| 0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8, 0xDB, 0xBB, 0xC2, 0xDB, 1236| 2| 0x04, 0xDE, 0x8E, 0xF9, 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6, 1237| 2| 0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, 0x99, 0xB2, 0x96, 0x4F, 1238| 2| 0xA0, 0x90, 0xC3, 0xA2, 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED, 1239| 2| 0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF, 0xB8, 0x1B, 0xDD, 0x76, 1240| 2| 0x21, 0x70, 0x48, 0x1C, 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9, 1241| 2| 0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1, 0x86, 0xFF, 0xB7, 0xDC, 1242| 2| 0x90, 0xA6, 0xC0, 0x8F, 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x06, 0x31, 0x99, 1243| 2| 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF 1244| 2| }; 1245| 2| int ret; 1246| 2| libssh2_sha512_ctx exchange_hash_ctx; ------------------ | | 290| 2|#define libssh2_sha512_ctx EVP_MD_CTX * ------------------ 1247| | 1248| 2| if(key_state->state == libssh2_NB_state_idle) { ------------------ | Branch (1248:8): [True: 2, False: 0] ------------------ 1249| 2| key_state->p = _libssh2_bn_init_from_bin(); /* SSH2 defined value ------------------ | | 422| 2|#define _libssh2_bn_init_from_bin() _libssh2_bn_init() | | ------------------ | | | | 421| 2|#define _libssh2_bn_init() BN_new() | | ------------------ ------------------ 1250| | (p_value) */ 1251| 2| key_state->g = _libssh2_bn_init(); /* SSH2 defined value (2) */ ------------------ | | 421| 2|#define _libssh2_bn_init() BN_new() ------------------ 1252| | 1253| | /* g == 2 */ 1254| | /* Initialize P and G */ 1255| 2| if(!key_state->g || _libssh2_bn_set_word(key_state->g, 2)) { ------------------ | | 423| 2|#define _libssh2_bn_set_word(bn, val) !BN_set_word(bn, val) | | ------------------ | | | Branch (423:39): [True: 0, False: 2] | | ------------------ ------------------ | Branch (1255:12): [True: 0, False: 2] ------------------ 1256| 0| ret = _libssh2_error(session, LIBSSH2_ERROR_ALLOC, ------------------ | | 487| 0|#define LIBSSH2_ERROR_ALLOC (-6) ------------------ 1257| 0| "Failed to allocate key state g."); 1258| 0| goto clean_exit; 1259| 0| } 1260| 2| if(!key_state->p || _libssh2_bn_from_bin(key_state->p, 512, p_value)) { ------------------ | Branch (1260:12): [True: 0, False: 2] | Branch (1260:29): [True: 0, False: 2] ------------------ 1261| 0| ret = _libssh2_error(session, LIBSSH2_ERROR_ALLOC, ------------------ | | 487| 0|#define LIBSSH2_ERROR_ALLOC (-6) ------------------ 1262| 0| "Failed to allocate key state p."); 1263| 0| goto clean_exit; 1264| 0| } 1265| | 1266| 2| _libssh2_debug((session, LIBSSH2_TRACE_KEX, ------------------ | | 1090| 2|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 1267| 2| "Initiating Diffie-Hellman Group16 Key Exchange")); 1268| | 1269| 2| key_state->state = libssh2_NB_state_created; 1270| 2| } 1271| | 1272| 2| ret = diffie_hellman_sha_algo(session, key_state->g, key_state->p, 512, 1273| 2| 512, (void *)&exchange_hash_ctx, 1274| 2| SSH_MSG_KEXDH_INIT, SSH_MSG_KEXDH_REPLY, ------------------ | | 1125| 2|#define SSH_MSG_KEXDH_INIT 30 ------------------ SSH_MSG_KEXDH_INIT, SSH_MSG_KEXDH_REPLY, ------------------ | | 1126| 2|#define SSH_MSG_KEXDH_REPLY 31 ------------------ 1275| 2| NULL, 0, &key_state->exchange_state); 1276| 2| if(ret == LIBSSH2_ERROR_EAGAIN) { ------------------ | | 520| 2|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (1276:8): [True: 0, False: 2] ------------------ 1277| 0| return ret; 1278| 0| } 1279| | 1280| 2|clean_exit: 1281| 2| kex_diffie_hellman_cleanup(session, key_state); 1282| | 1283| 2| return ret; 1284| 2|} kex.c:kex_method_diffie_hellman_group_exchange_sha1_key_exchange: 1428| 7|{ 1429| 7| int ret = 0; 1430| 7| int rc; 1431| | 1432| 7| if(key_state->state == libssh2_NB_state_idle) { ------------------ | Branch (1432:8): [True: 7, False: 0] ------------------ 1433| 7| key_state->p = _libssh2_bn_init_from_bin(); ------------------ | | 422| 7|#define _libssh2_bn_init_from_bin() _libssh2_bn_init() | | ------------------ | | | | 421| 7|#define _libssh2_bn_init() BN_new() | | ------------------ ------------------ 1434| 7| key_state->g = _libssh2_bn_init_from_bin(); ------------------ | | 422| 7|#define _libssh2_bn_init_from_bin() _libssh2_bn_init() | | ------------------ | | | | 421| 7|#define _libssh2_bn_init() BN_new() | | ------------------ ------------------ 1435| | /* Ask for a P and G pair */ 1436| 7| key_state->request[0] = SSH_MSG_KEX_DH_GEX_REQUEST; ------------------ | | 1131| 7|#define SSH_MSG_KEX_DH_GEX_REQUEST 34 ------------------ 1437| 7| _libssh2_htonu32(key_state->request + 1, LIBSSH2_DH_GEX_MINGROUP); ------------------ | | 433| 7|#define LIBSSH2_DH_GEX_MINGROUP 2048 ------------------ 1438| 7| _libssh2_htonu32(key_state->request + 5, LIBSSH2_DH_GEX_OPTGROUP); ------------------ | | 434| 7|#define LIBSSH2_DH_GEX_OPTGROUP 4096 ------------------ 1439| 7| _libssh2_htonu32(key_state->request + 9, LIBSSH2_DH_GEX_MAXGROUP); ------------------ | | 435| 7|#define LIBSSH2_DH_GEX_MAXGROUP 8192 ------------------ 1440| 7| key_state->request_len = 13; 1441| 7| _libssh2_debug((session, LIBSSH2_TRACE_KEX, ------------------ | | 1090| 7|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 1442| 7| "Initiating Diffie-Hellman Group-Exchange SHA1")); 1443| | 1444| 7| key_state->state = libssh2_NB_state_created; 1445| 7| } 1446| | 1447| 7| if(key_state->state == libssh2_NB_state_created) { ------------------ | Branch (1447:8): [True: 7, False: 0] ------------------ 1448| 7| rc = _libssh2_transport_send(session, key_state->request, 1449| 7| key_state->request_len, NULL, 0); 1450| 7| if(rc == LIBSSH2_ERROR_EAGAIN) { ------------------ | | 520| 7|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (1450:12): [True: 0, False: 7] ------------------ 1451| 0| return rc; 1452| 0| } 1453| 7| else if(rc) { ------------------ | Branch (1453:17): [True: 0, False: 7] ------------------ 1454| 0| ret = _libssh2_error(session, rc, 1455| 0| "Unable to send Group Exchange Request"); 1456| 0| goto dh_gex_clean_exit; 1457| 0| } 1458| | 1459| 7| key_state->state = libssh2_NB_state_sent; 1460| 7| } 1461| | 1462| 7| if(key_state->state == libssh2_NB_state_sent) { ------------------ | Branch (1462:8): [True: 7, False: 0] ------------------ 1463| 7| rc = _libssh2_packet_require(session, SSH_MSG_KEX_DH_GEX_GROUP, ------------------ | | 1132| 7|#define SSH_MSG_KEX_DH_GEX_GROUP 31 ------------------ 1464| 7| &key_state->data, &key_state->data_len, 1465| 7| 0, NULL, 0, &key_state->req_state); 1466| 7| if(rc == LIBSSH2_ERROR_EAGAIN) { ------------------ | | 520| 7|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (1466:12): [True: 0, False: 7] ------------------ 1467| 0| return rc; 1468| 0| } 1469| 7| else if(rc) { ------------------ | Branch (1469:17): [True: 0, False: 7] ------------------ 1470| 0| ret = _libssh2_error(session, rc, 1471| 0| "Timeout waiting for GEX_GROUP reply"); 1472| 0| goto dh_gex_clean_exit; 1473| 0| } 1474| | 1475| 7| key_state->state = libssh2_NB_state_sent1; 1476| 7| } 1477| | 1478| 7| if(key_state->state == libssh2_NB_state_sent1) { ------------------ | Branch (1478:8): [True: 7, False: 0] ------------------ 1479| 7| size_t p_len, g_len; 1480| 7| unsigned char *p, *g; 1481| 7| struct string_buf buf; 1482| 7| libssh2_sha1_ctx exchange_hash_ctx; ------------------ | | 233| 7|#define libssh2_sha1_ctx EVP_MD_CTX * ------------------ 1483| 7| int bits; 1484| | 1485| 7| if(key_state->data_len < 9) { ------------------ | Branch (1485:12): [True: 0, False: 7] ------------------ 1486| 0| ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO, ------------------ | | 495| 0|#define LIBSSH2_ERROR_PROTO (-14) ------------------ 1487| 0| "Unexpected key length DH-SHA1"); 1488| 0| goto dh_gex_clean_exit; 1489| 0| } 1490| | 1491| 7| buf.data = key_state->data; 1492| 7| buf.dataptr = buf.data; 1493| 7| buf.len = key_state->data_len; 1494| | 1495| 7| buf.dataptr++; /* increment to big num */ 1496| | 1497| 7| if(_libssh2_get_bignum_bytes(&buf, &p, &p_len)) { ------------------ | Branch (1497:12): [True: 0, False: 7] ------------------ 1498| 0| ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO, ------------------ | | 495| 0|#define LIBSSH2_ERROR_PROTO (-14) ------------------ 1499| 0| "Unexpected value DH-SHA1 p"); 1500| 0| goto dh_gex_clean_exit; 1501| 0| } 1502| | 1503| 7| if(_libssh2_get_bignum_bytes(&buf, &g, &g_len)) { ------------------ | Branch (1503:12): [True: 0, False: 7] ------------------ 1504| 0| ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO, ------------------ | | 495| 0|#define LIBSSH2_ERROR_PROTO (-14) ------------------ 1505| 0| "Unexpected value DH-SHA1 g"); 1506| 0| goto dh_gex_clean_exit; 1507| 0| } 1508| | 1509| 7| if(_libssh2_bn_from_bin(key_state->p, p_len, p)) { ------------------ | Branch (1509:12): [True: 0, False: 7] ------------------ 1510| 0| ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO, ------------------ | | 495| 0|#define LIBSSH2_ERROR_PROTO (-14) ------------------ 1511| 0| "Invalid DH-SHA1 p"); 1512| 0| goto dh_gex_clean_exit; 1513| 0| } 1514| | 1515| 7| bits = (int)_libssh2_bn_bits(key_state->p); ------------------ | | 428| 7|#define _libssh2_bn_bits(bn) BN_num_bits(bn) ------------------ 1516| 7| if(bits < LIBSSH2_DH_GEX_MINGROUP || ------------------ | | 433| 14|#define LIBSSH2_DH_GEX_MINGROUP 2048 ------------------ | Branch (1516:12): [True: 7, False: 0] ------------------ 1517| 7| bits > LIBSSH2_DH_GEX_MAXGROUP) { ------------------ | | 435| 0|#define LIBSSH2_DH_GEX_MAXGROUP 8192 ------------------ | Branch (1517:12): [True: 0, False: 0] ------------------ 1518| 7| ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO, ------------------ | | 495| 7|#define LIBSSH2_ERROR_PROTO (-14) ------------------ 1519| 7| "DH-SHA1 p out of range"); 1520| 7| goto dh_gex_clean_exit; 1521| 7| } 1522| | 1523| 0| if(_libssh2_bn_from_bin(key_state->g, g_len, g)) { ------------------ | Branch (1523:12): [True: 0, False: 0] ------------------ 1524| 0| ret = _libssh2_error(session, LIBSSH2_ERROR_PROTO, ------------------ | | 495| 0|#define LIBSSH2_ERROR_PROTO (-14) ------------------ 1525| 0| "Invalid DH-SHA1 g"); 1526| 0| goto dh_gex_clean_exit; 1527| 0| } 1528| | 1529| 0| ret = diffie_hellman_sha_algo(session, key_state->g, key_state->p, 1530| 0| (int)p_len, 1, 1531| 0| (void *)&exchange_hash_ctx, 1532| 0| SSH_MSG_KEX_DH_GEX_INIT, ------------------ | | 1133| 0|#define SSH_MSG_KEX_DH_GEX_INIT 32 ------------------ 1533| 0| SSH_MSG_KEX_DH_GEX_REPLY, ------------------ | | 1134| 0|#define SSH_MSG_KEX_DH_GEX_REPLY 33 ------------------ 1534| 0| key_state->data + 1, 1535| 0| key_state->data_len - 1, 1536| 0| &key_state->exchange_state); 1537| 0| if(ret == LIBSSH2_ERROR_EAGAIN) { ------------------ | | 520| 0|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (1537:12): [True: 0, False: 0] ------------------ 1538| 0| return ret; 1539| 0| } 1540| 0| } 1541| | 1542| 7|dh_gex_clean_exit: 1543| 7| kex_diffie_hellman_cleanup(session, key_state); 1544| | 1545| 7| return ret; 1546| 7|} _libssh2_mac_methods: 445| 996|{ 446| 996| return mac_methods; 447| 996|} _libssh2_mac_override: 503| 304|{ 504| 304|#if LIBSSH2_AES_GCM 505| 304| if(!strcmp(crypt->name, "aes256-gcm@openssh.com") || ------------------ | Branch (505:8): [True: 6, False: 298] ------------------ 506| 298| !strcmp(crypt->name, "aes128-gcm@openssh.com")) ------------------ | Branch (506:8): [True: 0, False: 298] ------------------ 507| 6| return &mac_method_hmac_aesgcm; 508| |#else 509| | (void)crypt; 510| |#endif /* LIBSSH2_AES_GCM */ 511| 298| return NULL; 512| 304|} _libssh2_error_flags: 86| 767|{ 87| 767| if(!session) { ------------------ | Branch (87:8): [True: 0, False: 767] ------------------ 88| 0| if(errmsg) ------------------ | Branch (88:12): [True: 0, False: 0] ------------------ 89| 0| fprintf(stderr, "Session is NULL, error: %s\n", errmsg); 90| 0| return errcode; 91| 0| } 92| | 93| 767| if(session->err_flags & LIBSSH2_ERR_FLAG_DUP) ------------------ | | 1109| 767|#define LIBSSH2_ERR_FLAG_DUP 1 ------------------ | Branch (93:8): [True: 0, False: 767] ------------------ 94| 0| LIBSSH2_FREE(session, (char *)LIBSSH2_UNCONST(session->err_msg)); ------------------ | | 238| 767| session->free(ptr, &(session)->abstract) ------------------ 95| | 96| 767| session->err_code = errcode; 97| 767| session->err_flags = 0; 98| | 99| 767| if(errmsg && ((errflags & LIBSSH2_ERR_FLAG_DUP) != 0)) { ------------------ | | 1109| 767|#define LIBSSH2_ERR_FLAG_DUP 1 ------------------ | Branch (99:8): [True: 767, False: 0] | Branch (99:18): [True: 0, False: 767] ------------------ 100| 0| size_t len = strlen(errmsg); 101| 0| char *copy = LIBSSH2_ALLOC(session, len + 1); ------------------ | | 232| 0| session->alloc(count, &(session)->abstract) ------------------ 102| 0| if(copy) { ------------------ | Branch (102:12): [True: 0, False: 0] ------------------ 103| 0| memcpy(copy, errmsg, len + 1); 104| 0| session->err_flags = LIBSSH2_ERR_FLAG_DUP; ------------------ | | 1109| 0|#define LIBSSH2_ERR_FLAG_DUP 1 ------------------ 105| 0| session->err_msg = copy; 106| 0| } 107| 0| else 108| | /* Out of memory: this code path is very unlikely */ 109| 0| session->err_msg = "former error forgotten (OOM)"; 110| 0| } 111| 767| else 112| 767| session->err_msg = errmsg; 113| | 114| 767|#ifdef LIBSSH2DEBUG 115| 767| if((errcode == LIBSSH2_ERROR_EAGAIN) && !session->api_block_mode) ------------------ | | 520| 767|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (115:8): [True: 0, False: 767] | Branch (115:45): [True: 0, False: 0] ------------------ 116| | /* if this is EAGAIN and we're in non-blocking mode, don't generate 117| | a debug output for this */ 118| 0| return errcode; 119| 767| _libssh2_debug((session, LIBSSH2_TRACE_ERROR, "%d - %s", session->err_code, ------------------ | | 1090| 767|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 120| 767| session->err_msg)); 121| 767|#endif 122| | 123| 767| return errcode; 124| 767|} _libssh2_error: 127| 767|{ 128| 767| return _libssh2_error_flags(session, errcode, errmsg, 0); 129| 767|} _libssh2_recv: 158| 198k|{ 159| 198k| ssize_t rc; 160| | 161| 198k| (void)abstract; 162| | 163| 198k| rc = libssh2_recv(socket, buffer, length, flags); ------------------ | | 56| 198k|#define libssh2_recv recv ------------------ 164| 198k| if(rc < 0) { ------------------ | Branch (164:8): [True: 0, False: 198k] ------------------ 165| 0| int err; 166| |#ifdef _WIN32 167| | err = _libssh2_wsa2errno(); 168| |#else 169| 0| err = errno; 170| 0|#endif 171| | /* Profiling tools that use SIGPROF can cause EINTR responses. 172| | recv() does not modify its arguments when it returns EINTR, 173| | but there may be data waiting, so the caller should try again */ 174| 0| if(err == EINTR) ------------------ | Branch (174:12): [True: 0, False: 0] ------------------ 175| 0| return -EAGAIN; 176| | /* Sometimes the first recv() function call sets errno to ENOENT on 177| | Solaris and HP-UX */ 178| 0| if(err == ENOENT) ------------------ | Branch (178:12): [True: 0, False: 0] ------------------ 179| 0| return -EAGAIN; 180| 0|#ifdef EWOULDBLOCK /* For VMS and other special unixes */ 181| 0| else if(err == EWOULDBLOCK) ------------------ | Branch (181:17): [True: 0, False: 0] ------------------ 182| 0| return -EAGAIN; 183| 0|#endif 184| 0| else 185| 0| return -err; 186| 0| } 187| 198k| return rc; 188| 198k|} _libssh2_send: 196| 773|{ 197| 773| ssize_t rc; 198| | 199| 773| (void)abstract; 200| | 201| 773| rc = libssh2_send(socket, buffer, length, flags); ------------------ | | 57| 773|#define libssh2_send send ------------------ 202| 773| if(rc < 0) { ------------------ | Branch (202:8): [True: 0, False: 773] ------------------ 203| 0| int err; 204| |#ifdef _WIN32 205| | err = _libssh2_wsa2errno(); 206| |#else 207| 0| err = errno; 208| 0|#endif 209| | /* Profiling tools that use SIGPROF can cause EINTR responses. 210| | send() is defined as not yet sending any data when it returns EINTR, 211| | so the caller should try again */ 212| 0| if(err == EINTR) ------------------ | Branch (212:12): [True: 0, False: 0] ------------------ 213| 0| return -EAGAIN; 214| 0|#ifdef EWOULDBLOCK /* For VMS and other special unixes */ 215| 0| if(err == EWOULDBLOCK) ------------------ | Branch (215:12): [True: 0, False: 0] ------------------ 216| 0| return -EAGAIN; 217| 0|#endif 218| 0| return -err; 219| 0| } 220| 773| return rc; 221| 773|} _libssh2_ntohu32: 224| 49.4k|{ 225| 49.4k| return 226| 49.4k| ((uint32_t)buf[0] << 24) | 227| 49.4k| ((uint32_t)buf[1] << 16) | 228| 49.4k| ((uint32_t)buf[2] << 8) | 229| 49.4k| ((uint32_t)buf[3]); 230| 49.4k|} _libssh2_htonu32: 246| 4.17k|{ 247| 4.17k| buf[0] = (unsigned char)((value >> 24) & 0xFF); 248| 4.17k| buf[1] = (value >> 16) & 0xFF; 249| 4.17k| buf[2] = (value >> 8) & 0xFF; 250| 4.17k| buf[3] = value & 0xFF; 251| 4.17k|} _libssh2_store_u32: 254| 971|{ 255| 971| _libssh2_htonu32(*buf, value); 256| 971| *buf += sizeof(uint32_t); 257| 971|} _libssh2_store_str: 276| 335|{ 277| 335| uint32_t len_stored = (uint32_t)len; 278| | 279| 335| _libssh2_store_u32(buf, len_stored); 280| 335| if(len_stored) { ------------------ | Branch (280:8): [True: 335, False: 0] ------------------ 281| 335| memcpy(*buf, str, len_stored); 282| 335| *buf += len_stored; 283| 335| } 284| | 285| 335| assert(len_stored == len); ------------------ | Branch (285:5): [True: 0, False: 335] | Branch (285:5): [True: 335, False: 0] ------------------ 286| 335| return len_stored == len; 287| 335|} _libssh2_base64_encode: 455| 1|{ 456| 1| unsigned char ibuf[3]; 457| 1| unsigned char obuf[4]; 458| 1| int i; 459| 1| int inputparts; 460| 1| char *output; 461| 1| char *base64data; 462| 1| const char *indata = inp; 463| | 464| 1| *outptr = NULL; /* set to NULL in case of failure before we reach the 465| | end */ 466| | 467| 1| if(insize == 0) ------------------ | Branch (467:8): [True: 0, False: 1] ------------------ 468| 0| return 0; /* nothing to encode */ 469| | 470| 1| base64data = output = LIBSSH2_ALLOC(session, insize * 4 / 3 + 4); ------------------ | | 232| 1| session->alloc(count, &(session)->abstract) ------------------ 471| 1| if(!output) ------------------ | Branch (471:8): [True: 0, False: 1] ------------------ 472| 0| return 0; 473| | 474| 12| while(insize > 0) { ------------------ | Branch (474:11): [True: 11, False: 1] ------------------ 475| 44| for(i = inputparts = 0; i < 3; i++) { ------------------ | Branch (475:33): [True: 33, False: 11] ------------------ 476| 33| if(insize > 0) { ------------------ | Branch (476:16): [True: 32, False: 1] ------------------ 477| 32| inputparts++; 478| 32| ibuf[i] = *indata; 479| 32| indata++; 480| 32| insize--; 481| 32| } 482| 1| else 483| 1| ibuf[i] = 0; 484| 33| } 485| | 486| 11| obuf[0] = (unsigned char) ((ibuf[0] & 0xFC) >> 2); 487| 11| obuf[1] = (unsigned char)(((ibuf[0] & 0x03) << 4) | \ 488| 11| ((ibuf[1] & 0xF0) >> 4)); 489| 11| obuf[2] = (unsigned char)(((ibuf[1] & 0x0F) << 2) | \ 490| 11| ((ibuf[2] & 0xC0) >> 6)); 491| 11| obuf[3] = (unsigned char) (ibuf[2] & 0x3F); 492| | 493| 11| switch(inputparts) { 494| 0| case 1: /* only one byte read */ ------------------ | Branch (494:9): [True: 0, False: 11] ------------------ 495| 0| output[0] = table64[obuf[0]]; 496| 0| output[1] = table64[obuf[1]]; 497| 0| output[2] = '='; 498| 0| output[3] = '='; 499| 0| break; 500| 1| case 2: /* two bytes read */ ------------------ | Branch (500:9): [True: 1, False: 10] ------------------ 501| 1| output[0] = table64[obuf[0]]; 502| 1| output[1] = table64[obuf[1]]; 503| 1| output[2] = table64[obuf[2]]; 504| 1| output[3] = '='; 505| 1| break; 506| 10| default: ------------------ | Branch (506:9): [True: 10, False: 1] ------------------ 507| 10| output[0] = table64[obuf[0]]; 508| 10| output[1] = table64[obuf[1]]; 509| 10| output[2] = table64[obuf[2]]; 510| 10| output[3] = table64[obuf[3]]; 511| 10| break; 512| 11| } 513| 11| output += 4; 514| 11| } 515| 1| *output = 0; 516| 1| *outptr = base64data; /* make it return the actual data memory */ 517| | 518| 1| return strlen(base64data); /* return the length of the new data */ 519| 1|} _libssh2_debug_low: 549| 236k|{ 550| 236k| char buffer[1536]; 551| 236k| int len, msglen, buflen = sizeof(buffer); 552| 236k| va_list vargs; 553| 236k| struct timeval now; 554| 236k| static long firstsec; 555| 236k| static const char * const contexts[] = { 556| 236k| "Unknown", 557| 236k| "Transport", 558| 236k| "Key Ex", 559| 236k| "Userauth", 560| 236k| "Conn", 561| 236k| "SCP", 562| 236k| "SFTP", 563| 236k| "Failure Event", 564| 236k| "Publickey", 565| 236k| "Socket", 566| 236k| }; 567| 236k| const char *contexttext = contexts[0]; 568| 236k| unsigned int contextindex; 569| | 570| 236k| if(!(session->showmask & context)) { ------------------ | Branch (570:8): [True: 236k, False: 0] ------------------ 571| | /* no such output asked for */ 572| 236k| return; 573| 236k| } 574| | 575| | /* Find the first matching context string for this message */ 576| 0| for(contextindex = 0; contextindex < ARRAY_SIZE(contexts); ------------------ | | 1238| 0|#define ARRAY_SIZE(a) (sizeof(a) / sizeof((a)[0])) ------------------ | Branch (576:27): [True: 0, False: 0] ------------------ 577| 0| contextindex++) { 578| 0| if((context & (1 << contextindex)) != 0) { ------------------ | Branch (578:12): [True: 0, False: 0] ------------------ 579| 0| contexttext = contexts[contextindex]; 580| 0| break; 581| 0| } 582| 0| } 583| | 584| 0| gettimeofday(&now, NULL); 585| 0| if(!firstsec) { ------------------ | Branch (585:8): [True: 0, False: 0] ------------------ 586| 0| firstsec = now.tv_sec; 587| 0| } 588| 0| now.tv_sec -= firstsec; 589| | 590| 0| len = snprintf(buffer, buflen, "[libssh2] %d.%06d %s: ", 591| 0| (int)now.tv_sec, (int)now.tv_usec, contexttext); 592| | 593| 0| if(len >= buflen) ------------------ | Branch (593:8): [True: 0, False: 0] ------------------ 594| 0| msglen = buflen - 1; 595| 0| else { 596| 0| buflen -= len; 597| 0| msglen = len; 598| 0| va_start(vargs, format); 599| 0|#if defined(__GNUC__) || defined(__clang__) 600| 0|#pragma GCC diagnostic push 601| 0|#pragma GCC diagnostic ignored "-Wformat-nonliteral" 602| 0|#endif 603| 0| len = vsnprintf(buffer + msglen, buflen, format, vargs); 604| 0|#if defined(__GNUC__) || defined(__clang__) 605| 0|#pragma GCC diagnostic pop 606| 0|#endif 607| 0| va_end(vargs); 608| 0| msglen += len < buflen ? len : buflen - 1; ------------------ | Branch (608:19): [True: 0, False: 0] ------------------ 609| 0| } 610| | 611| 0| if(session->tracehandler) ------------------ | Branch (611:8): [True: 0, False: 0] ------------------ 612| 0| (session->tracehandler)(session, session->tracehandler_context, buffer, 613| 0| msglen); 614| 0| else 615| 0| fprintf(stderr, "%s\n", buffer); 616| 0|} _libssh2_list_add: 647| 1.13k|{ 648| | /* store a pointer to the head */ 649| 1.13k| entry->head = head; 650| | 651| | /* we add this entry at the "top" so it has no next */ 652| 1.13k| entry->next = NULL; 653| | 654| | /* make our prev point to what the head thinks is last */ 655| 1.13k| entry->prev = head->last; 656| | 657| | /* and make head's last be us now */ 658| 1.13k| head->last = entry; 659| | 660| | /* make sure our 'prev' node points to us next */ 661| 1.13k| if(entry->prev) ------------------ | Branch (661:8): [True: 887, False: 251] ------------------ 662| 887| entry->prev->next = entry; 663| 251| else 664| 251| head->first = entry; 665| 1.13k|} _libssh2_list_first: 669| 3.16k|{ 670| 3.16k| return head->first; 671| 3.16k|} _libssh2_list_next: 675| 6.41k|{ 676| 6.41k| return node->next; 677| 6.41k|} _libssh2_list_remove: 687| 1.13k|{ 688| 1.13k| if(entry->prev) ------------------ | Branch (688:8): [True: 35, False: 1.10k] ------------------ 689| 35| entry->prev->next = entry->next; 690| 1.10k| else 691| 1.10k| entry->head->first = entry->next; 692| | 693| 1.13k| if(entry->next) ------------------ | Branch (693:8): [True: 852, False: 286] ------------------ 694| 852| entry->next->prev = entry->prev; 695| 286| else 696| 286| entry->head->last = entry->prev; 697| 1.13k|} _libssh2_get_byte: 832| 5|{ 833| 5| if(!_libssh2_check_length(buf, 1)) { ------------------ | Branch (833:8): [True: 0, False: 5] ------------------ 834| 0| return -1; 835| 0| } 836| | 837| 5| *out = buf->dataptr[0]; 838| 5| buf->dataptr += 1; 839| 5| return 0; 840| 5|} _libssh2_get_u32: 854| 2.10k|{ 855| 2.10k| if(!_libssh2_check_length(buf, 4)) { ------------------ | Branch (855:8): [True: 0, False: 2.10k] ------------------ 856| 0| return -1; 857| 0| } 858| | 859| 2.10k| *out = _libssh2_ntohu32(buf->dataptr); 860| 2.10k| buf->dataptr += 4; 861| 2.10k| return 0; 862| 2.10k|} _libssh2_get_string: 888| 1.86k|{ 889| 1.86k| uint32_t data_len; 890| 1.86k| if(!buf || _libssh2_get_u32(buf, &data_len) != 0) { ------------------ | Branch (890:8): [True: 0, False: 1.86k] | Branch (890:16): [True: 0, False: 1.86k] ------------------ 891| 0| return -1; 892| 0| } 893| 1.86k| if(!_libssh2_check_length(buf, data_len)) { ------------------ | Branch (893:8): [True: 116, False: 1.75k] ------------------ 894| 116| return -1; 895| 116| } 896| 1.75k| *outbuf = buf->dataptr; 897| 1.75k| buf->dataptr += data_len; 898| | 899| 1.75k| if(outlen) ------------------ | Branch (899:8): [True: 1.75k, False: 0] ------------------ 900| 1.75k| *outlen = (size_t)data_len; 901| | 902| 1.75k| return 0; 903| 1.86k|} _libssh2_copy_string: 907| 1|{ 908| 1| size_t str_len; 909| 1| unsigned char *str; 910| | 911| 1| if(_libssh2_get_string(buf, &str, &str_len)) { ------------------ | Branch (911:8): [True: 0, False: 1] ------------------ 912| 0| return -1; 913| 0| } 914| | 915| 1| if(str_len) { ------------------ | Branch (915:8): [True: 1, False: 0] ------------------ 916| 1| *outbuf = LIBSSH2_ALLOC(session, str_len); ------------------ | | 232| 1| session->alloc(count, &(session)->abstract) ------------------ 917| 1| if(*outbuf) { ------------------ | Branch (917:12): [True: 1, False: 0] ------------------ 918| 1| memcpy(*outbuf, str, str_len); 919| 1| } 920| 0| else { 921| 0| return -1; 922| 0| } 923| 1| } 924| 0| else { 925| 0| *outbuf = NULL; 926| 0| } 927| | 928| 1| if(outlen) ------------------ | Branch (928:8): [True: 1, False: 0] ------------------ 929| 1| *outlen = str_len; 930| | 931| 1| return 0; 932| 1|} _libssh2_get_bignum_bytes: 936| 228|{ 937| 228| uint32_t data_len; 938| 228| uint32_t bn_len; 939| 228| unsigned char *bnptr; 940| | 941| 228| if(_libssh2_get_u32(buf, &data_len)) { ------------------ | Branch (941:8): [True: 0, False: 228] ------------------ 942| 0| return -1; 943| 0| } 944| 228| if(!_libssh2_check_length(buf, data_len)) { ------------------ | Branch (944:8): [True: 0, False: 228] ------------------ 945| 0| return -1; 946| 0| } 947| | 948| 228| bn_len = data_len; 949| 228| bnptr = buf->dataptr; 950| | 951| | /* trim leading zeros */ 952| 444| while(bn_len > 0 && *bnptr == 0x00) { ------------------ | Branch (952:11): [True: 442, False: 2] | Branch (952:25): [True: 216, False: 226] ------------------ 953| 216| bn_len--; 954| 216| bnptr++; 955| 216| } 956| | 957| 228| *outbuf = bnptr; 958| 228| buf->dataptr += data_len; 959| | 960| 228| if(outlen) ------------------ | Branch (960:8): [True: 228, False: 0] ------------------ 961| 228| *outlen = (size_t)bn_len; 962| | 963| 228| return 0; 964| 228|} _libssh2_check_length: 971| 4.36k|{ 972| 4.36k| unsigned char *endp = &buf->data[buf->len]; 973| 4.36k| size_t left = endp - buf->dataptr; 974| 4.36k| return (requested_len <= left) && (left <= buf->len); ------------------ | Branch (974:12): [True: 4.24k, False: 116] | Branch (974:39): [True: 4.24k, False: 0] ------------------ 975| 4.36k|} _libssh2_openssl_random: 256| 805|{ 257| 805| if(len > INT_MAX) { ------------------ | Branch (257:8): [True: 0, False: 805] ------------------ 258| 0| return -1; 259| 0| } 260| | 261| 805| return RAND_bytes(buf, (int)len) == 1 ? 0 : -1; ------------------ | Branch (261:12): [True: 805, False: 0] ------------------ 262| 805|} _libssh2_openssl_crypto_init: 1108| 152|{ 1109| |#if defined(LIBSSH2_WOLFSSL) && defined(DEBUG_WOLFSSL) 1110| | wolfSSL_Debugging_ON(); 1111| |#endif 1112| 152|} _libssh2_openssl_crypto_exit: 1114| 152|void _libssh2_openssl_crypto_exit(void) {} _libssh2_curve25519_new: 2023| 1|{ 2024| 1| EVP_PKEY *key = NULL; 2025| 1| EVP_PKEY_CTX *pctx = NULL; 2026| 1| unsigned char *priv = NULL, *pub = NULL; 2027| 1| size_t privLen, pubLen; 2028| 1| int rc = -1; 2029| | 2030| 1| pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_X25519, NULL); 2031| 1| if(!pctx) ------------------ | Branch (2031:8): [True: 0, False: 1] ------------------ 2032| 0| return -1; 2033| | 2034| 1| if(EVP_PKEY_keygen_init(pctx) != 1 || ------------------ | Branch (2034:8): [True: 0, False: 1] ------------------ 2035| 1| EVP_PKEY_keygen(pctx, &key) != 1) { ------------------ | Branch (2035:8): [True: 0, False: 1] ------------------ 2036| 0| goto clean_exit; 2037| 0| } 2038| | 2039| 1| if(out_private_key) { ------------------ | Branch (2039:8): [True: 1, False: 0] ------------------ 2040| 1| privLen = LIBSSH2_ED25519_KEY_LEN; ------------------ | | 79| 1|#define LIBSSH2_ED25519_KEY_LEN 32 ------------------ 2041| 1| priv = LIBSSH2_ALLOC(session, privLen); ------------------ | | 232| 1| session->alloc(count, &(session)->abstract) ------------------ 2042| 1| if(!priv) ------------------ | Branch (2042:12): [True: 0, False: 1] ------------------ 2043| 0| goto clean_exit; 2044| | 2045| 1| if(EVP_PKEY_get_raw_private_key(key, priv, &privLen) != 1 || ------------------ | Branch (2045:12): [True: 0, False: 1] ------------------ 2046| 1| privLen != LIBSSH2_ED25519_KEY_LEN) { ------------------ | | 79| 1|#define LIBSSH2_ED25519_KEY_LEN 32 ------------------ | Branch (2046:12): [True: 0, False: 1] ------------------ 2047| 0| goto clean_exit; 2048| 0| } 2049| | 2050| 1| *out_private_key = priv; 2051| 1| priv = NULL; 2052| 1| } 2053| | 2054| 1| if(out_public_key) { ------------------ | Branch (2054:8): [True: 1, False: 0] ------------------ 2055| 1| pubLen = LIBSSH2_ED25519_KEY_LEN; ------------------ | | 79| 1|#define LIBSSH2_ED25519_KEY_LEN 32 ------------------ 2056| 1| pub = LIBSSH2_ALLOC(session, pubLen); ------------------ | | 232| 1| session->alloc(count, &(session)->abstract) ------------------ 2057| 1| if(!pub) ------------------ | Branch (2057:12): [True: 0, False: 1] ------------------ 2058| 0| goto clean_exit; 2059| | 2060| 1| if(EVP_PKEY_get_raw_public_key(key, pub, &pubLen) != 1 || ------------------ | Branch (2060:12): [True: 0, False: 1] ------------------ 2061| 1| pubLen != LIBSSH2_ED25519_KEY_LEN) { ------------------ | | 79| 1|#define LIBSSH2_ED25519_KEY_LEN 32 ------------------ | Branch (2061:12): [True: 0, False: 1] ------------------ 2062| 0| goto clean_exit; 2063| 0| } 2064| | 2065| 1| *out_public_key = pub; 2066| 1| pub = NULL; 2067| 1| } 2068| | 2069| | /* success */ 2070| 1| rc = 0; 2071| | 2072| 1|clean_exit: 2073| | 2074| 1| if(pctx) ------------------ | Branch (2074:8): [True: 1, False: 0] ------------------ 2075| 1| EVP_PKEY_CTX_free(pctx); 2076| 1| if(key) ------------------ | Branch (2076:8): [True: 1, False: 0] ------------------ 2077| 1| EVP_PKEY_free(key); 2078| 1| if(priv) ------------------ | Branch (2078:8): [True: 0, False: 1] ------------------ 2079| 0| LIBSSH2_FREE(session, priv); ------------------ | | 238| 1| session->free(ptr, &(session)->abstract) ------------------ 2080| 1| if(pub) ------------------ | Branch (2080:8): [True: 0, False: 1] ------------------ 2081| 0| LIBSSH2_FREE(session, pub); ------------------ | | 238| 1| session->free(ptr, &(session)->abstract) ------------------ 2082| | 2083| 1| return rc; 2084| 1|} _libssh2_sha1_init: 3105| 1|{ 3106| 1|#ifdef HAVE_OPAQUE_STRUCTS 3107| 1| *ctx = EVP_MD_CTX_new(); 3108| | 3109| 1| if(!*ctx) ------------------ | Branch (3109:8): [True: 0, False: 1] ------------------ 3110| 0| return 0; 3111| | 3112| 1| if(EVP_DigestInit(*ctx, EVP_get_digestbyname("sha1"))) ------------------ | Branch (3112:8): [True: 1, False: 0] ------------------ 3113| 1| return 1; 3114| | 3115| 0| EVP_MD_CTX_free(*ctx); 3116| 0| *ctx = NULL; 3117| | 3118| 0| return 0; 3119| |#else 3120| | EVP_MD_CTX_init(ctx); 3121| | return EVP_DigestInit(ctx, EVP_get_digestbyname("sha1")); 3122| |#endif 3123| 1|} _libssh2_sha1_update: 3126| 1|{ 3127| 1|#ifdef HAVE_OPAQUE_STRUCTS 3128| 1| return EVP_DigestUpdate(*ctx, data, len); 3129| |#else 3130| | return EVP_DigestUpdate(ctx, data, len); 3131| |#endif 3132| 1|} _libssh2_sha1_final: 3135| 1|{ 3136| 1|#ifdef HAVE_OPAQUE_STRUCTS 3137| 1| int ret = EVP_DigestFinal(*ctx, out, NULL); 3138| 1| EVP_MD_CTX_free(*ctx); 3139| 1| return ret; 3140| |#else 3141| | return EVP_DigestFinal(ctx, out, NULL); 3142| |#endif 3143| 1|} _libssh2_sha256_init: 3174| 1|{ 3175| 1|#ifdef HAVE_OPAQUE_STRUCTS 3176| 1| *ctx = EVP_MD_CTX_new(); 3177| | 3178| 1| if(!*ctx) ------------------ | Branch (3178:8): [True: 0, False: 1] ------------------ 3179| 0| return 0; 3180| | 3181| 1| if(EVP_DigestInit(*ctx, EVP_get_digestbyname("sha256"))) ------------------ | Branch (3181:8): [True: 1, False: 0] ------------------ 3182| 1| return 1; 3183| | 3184| 0| EVP_MD_CTX_free(*ctx); 3185| 0| *ctx = NULL; 3186| | 3187| 0| return 0; 3188| |#else 3189| | EVP_MD_CTX_init(ctx); 3190| | return EVP_DigestInit(ctx, EVP_get_digestbyname("sha256")); 3191| |#endif 3192| 1|} _libssh2_sha256_update: 3196| 1|{ 3197| 1|#ifdef HAVE_OPAQUE_STRUCTS 3198| 1| return EVP_DigestUpdate(*ctx, data, len); 3199| |#else 3200| | return EVP_DigestUpdate(ctx, data, len); 3201| |#endif 3202| 1|} _libssh2_sha256_final: 3205| 1|{ 3206| 1|#ifdef HAVE_OPAQUE_STRUCTS 3207| 1| int ret = EVP_DigestFinal(*ctx, out, NULL); 3208| 1| EVP_MD_CTX_free(*ctx); 3209| 1| return ret; 3210| |#else 3211| | return EVP_DigestFinal(ctx, out, NULL); 3212| |#endif 3213| 1|} _libssh2_ecdsa_create_key: 4088| 16|{ 4089| 16| int ret = 1; 4090| 16| size_t octal_len = 0; 4091| 16| unsigned char octal_value[EC_MAX_POINT_LEN]; 4092| 16| libssh2_ec_key *private_key = NULL; ------------------ | | 372| 16|#define libssh2_ec_key EC_KEY ------------------ 4093| | 4094| |#ifdef USE_OPENSSL_3 4095| | EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL); 4096| | 4097| | if(ctx && 4098| | EVP_PKEY_keygen_init(ctx) > 0 && 4099| | EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, curve_type) > 0) { 4100| | ret = EVP_PKEY_keygen(ctx, &private_key); 4101| | } 4102| | 4103| | if(ret <= 0) { 4104| | goto clean_exit; 4105| | } 4106| | 4107| | if(out_private_key) 4108| | *out_private_key = private_key; 4109| | 4110| | ret = EVP_PKEY_get_octet_string_param(private_key, OSSL_PKEY_PARAM_PUB_KEY, 4111| | NULL, 0, &octal_len); 4112| | 4113| | if(ret <= 0) { 4114| | goto clean_exit; 4115| | } 4116| | 4117| | *out_public_key_octal = LIBSSH2_ALLOC(session, octal_len); 4118| | 4119| | if(!(*out_public_key_octal)) { 4120| | ret = -1; 4121| | goto clean_exit; 4122| | } 4123| | 4124| | ret = EVP_PKEY_get_octet_string_param(private_key, OSSL_PKEY_PARAM_PUB_KEY, 4125| | octal_value, octal_len, &octal_len); 4126| | 4127| | if(ret <= 0) { 4128| | goto clean_exit; 4129| | } 4130| | 4131| | memcpy(*out_public_key_octal, octal_value, octal_len); 4132| | 4133| | if(out_public_key_octal_len) 4134| | *out_public_key_octal_len = octal_len; 4135| |#else 4136| 16| const EC_POINT *public_key = NULL; 4137| 16| const EC_GROUP *group = NULL; 4138| | 4139| | /* create key */ 4140| 16| BN_CTX *bn_ctx = BN_CTX_new(); 4141| 16| if(!bn_ctx) ------------------ | Branch (4141:8): [True: 0, False: 16] ------------------ 4142| 0| return -1; 4143| | 4144| 16| private_key = EC_KEY_new_by_curve_name(curve_type); 4145| 16| group = EC_KEY_get0_group(private_key); 4146| | 4147| 16| EC_KEY_generate_key(private_key); 4148| 16| public_key = EC_KEY_get0_public_key(private_key); 4149| | 4150| | /* get length */ 4151| 16| octal_len = EC_POINT_point2oct(group, public_key, 4152| 16| POINT_CONVERSION_UNCOMPRESSED, 4153| 16| NULL, 0, bn_ctx); 4154| 16| if(octal_len > EC_MAX_POINT_LEN) { ------------------ | | 226| 16|#define EC_MAX_POINT_LEN ((528 * 2 / 8) + 1) ------------------ | Branch (4154:8): [True: 0, False: 16] ------------------ 4155| 0| ret = -1; 4156| 0| goto clean_exit; 4157| 0| } 4158| | 4159| | /* convert to octal */ 4160| 16| if(EC_POINT_point2oct(group, public_key, POINT_CONVERSION_UNCOMPRESSED, ------------------ | Branch (4160:8): [True: 0, False: 16] ------------------ 4161| 16| octal_value, octal_len, bn_ctx) != octal_len) { 4162| 0| ret = -1; 4163| 0| goto clean_exit; 4164| 0| } 4165| | 4166| 16| if(out_private_key) ------------------ | Branch (4166:8): [True: 16, False: 0] ------------------ 4167| 16| *out_private_key = private_key; 4168| | 4169| 16| if(out_public_key_octal) { ------------------ | Branch (4169:8): [True: 16, False: 0] ------------------ 4170| 16| *out_public_key_octal = LIBSSH2_ALLOC(session, octal_len); ------------------ | | 232| 16| session->alloc(count, &(session)->abstract) ------------------ 4171| 16| if(!*out_public_key_octal) { ------------------ | Branch (4171:12): [True: 0, False: 16] ------------------ 4172| 0| ret = -1; 4173| 0| goto clean_exit; 4174| 0| } 4175| | 4176| 16| memcpy(*out_public_key_octal, octal_value, octal_len); 4177| 16| } 4178| | 4179| 16| if(out_public_key_octal_len) ------------------ | Branch (4179:8): [True: 16, False: 0] ------------------ 4180| 16| *out_public_key_octal_len = octal_len; 4181| 16|#endif /* USE_OPENSSL_3 */ 4182| | 4183| 16|clean_exit: 4184| |#ifdef USE_OPENSSL_3 4185| | if(ctx) 4186| | EVP_PKEY_CTX_free(ctx); 4187| |#else 4188| 16| if(bn_ctx) ------------------ | Branch (4188:8): [True: 16, False: 0] ------------------ 4189| 16| BN_CTX_free(bn_ctx); 4190| 16|#endif 4191| | 4192| 16| return (ret == 1) ? 0 : -1; ------------------ | Branch (4192:12): [True: 16, False: 0] ------------------ 4193| 16|} _libssh2_dh_init: 5134| 2|{ 5135| 2| *dhctx = BN_new(); /* Random from client */ 5136| 2|} _libssh2_dh_key_pair: 5141| 2|{ 5142| | /* Generate x and e */ 5143| 2| BN_rand(*dhctx, group_order * 8 - 1, 0, -1); 5144| 2| BN_mod_exp(public, g, *dhctx, p, bnctx); 5145| 2| return 0; 5146| 2|} _libssh2_dh_dtor: 5158| 2|{ 5159| 2| BN_clear_free(*dhctx); 5160| | *dhctx = NULL; 5161| 2|} _libssh2_bn_from_bin: 5164| 116|{ 5165| 116| if(!BN_bin2bn(val, (int)len, bn)) { ------------------ | Branch (5165:8): [True: 0, False: 116] ------------------ 5166| 0| return -1; 5167| 0| } 5168| | 5169| 116| return 0; 5170| 116|} _libssh2_packet_add: 644| 29.5k|{ 645| 29.5k| int rc = 0; 646| 29.5k| unsigned char *message = NULL; 647| 29.5k| unsigned char *language = NULL; 648| 29.5k| size_t message_len = 0; 649| 29.5k| size_t language_len = 0; 650| 29.5k| LIBSSH2_CHANNEL *channelp = NULL; 651| 29.5k| size_t data_head = 0; 652| 29.5k| unsigned char msg = data[0]; 653| | 654| 29.5k| uint32_t channel = 0; 655| 29.5k| uint32_t len = 0; 656| 29.5k| unsigned char want_reply = 0; 657| | 658| 29.5k| switch(session->packAdd_state) { 659| 29.5k| case libssh2_NB_state_idle: ------------------ | Branch (659:5): [True: 29.5k, False: 0] ------------------ 660| 29.5k| _libssh2_debug((session, LIBSSH2_TRACE_TRANS, ------------------ | | 1090| 29.5k|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 661| 29.5k| "Packet type %u received, length=%ld", 662| 29.5k| (unsigned int)msg, (long)datalen)); 663| | 664| 29.5k| if((macstate == LIBSSH2_MAC_INVALID) && ------------------ | | 1105| 29.5k|#define LIBSSH2_MAC_INVALID (-1) ------------------ | Branch (664:12): [True: 0, False: 29.5k] ------------------ 665| 0| (!session->macerror || ------------------ | Branch (665:13): [True: 0, False: 0] ------------------ 666| 0| LIBSSH2_MACERROR(session, (char *)data, datalen))) { ------------------ | | 256| 0| session->macerror(session, data, (int)(datalen), &(session)->abstract) | | ------------------ | | | Branch (256:5): [True: 0, False: 0] | | ------------------ ------------------ 667| | /* Bad MAC input, but no callback set or non-zero return from the 668| | callback */ 669| | 670| 0| LIBSSH2_FREE(session, data); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 671| 0| return _libssh2_error(session, LIBSSH2_ERROR_INVALID_MAC, ------------------ | | 485| 0|#define LIBSSH2_ERROR_INVALID_MAC (-4) ------------------ 672| 0| "Invalid MAC received"); 673| 0| } 674| 29.5k| session->packAdd_state = libssh2_NB_state_allocated; 675| 29.5k| break; 676| 0| case libssh2_NB_state_jump1: ------------------ | Branch (676:5): [True: 0, False: 29.5k] ------------------ 677| 0| goto libssh2_packet_add_jump_point1; 678| 0| case libssh2_NB_state_jump2: ------------------ | Branch (678:5): [True: 0, False: 29.5k] ------------------ 679| 0| goto libssh2_packet_add_jump_point2; 680| 0| case libssh2_NB_state_jump3: ------------------ | Branch (680:5): [True: 0, False: 29.5k] ------------------ 681| 0| goto libssh2_packet_add_jump_point3; 682| 0| case libssh2_NB_state_jump4: ------------------ | Branch (682:5): [True: 0, False: 29.5k] ------------------ 683| 0| goto libssh2_packet_add_jump_point4; 684| 0| case libssh2_NB_state_jump5: ------------------ | Branch (684:5): [True: 0, False: 29.5k] ------------------ 685| 0| goto libssh2_packet_add_jump_point5; 686| 0| case libssh2_NB_state_jumpauthagent: ------------------ | Branch (686:5): [True: 0, False: 29.5k] ------------------ 687| 0| goto libssh2_packet_add_jump_authagent; 688| 0| default: /* nothing to do */ ------------------ | Branch (688:5): [True: 0, False: 29.5k] ------------------ 689| 0| break; 690| 29.5k| } 691| | 692| 29.5k| if(session->state & LIBSSH2_STATE_INITIAL_KEX) { ------------------ | | 946| 29.5k|#define LIBSSH2_STATE_INITIAL_KEX 0x00000001 ------------------ | Branch (692:8): [True: 28.9k, False: 630] ------------------ 693| 28.9k| if(msg == SSH_MSG_KEXINIT) { ------------------ | | 1121| 28.9k|#define SSH_MSG_KEXINIT 20 ------------------ | Branch (693:12): [True: 500, False: 28.4k] ------------------ 694| 500| if(!session->kex_strict) { ------------------ | Branch (694:16): [True: 500, False: 0] ------------------ 695| 500| if(datalen < 17) { ------------------ | Branch (695:20): [True: 0, False: 500] ------------------ 696| 0| LIBSSH2_FREE(session, data); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 697| 0| session->packAdd_state = libssh2_NB_state_idle; 698| 0| return _libssh2_error(session, 699| 0| LIBSSH2_ERROR_BUFFER_TOO_SMALL, ------------------ | | 521| 0|#define LIBSSH2_ERROR_BUFFER_TOO_SMALL (-38) ------------------ 700| 0| "Data too short extracting kex"); 701| 0| } 702| 500| else { 703| 500| const unsigned char *strict = 704| 500| (const unsigned char *)"kex-strict-s-v00@openssh.com"; 705| 500| struct string_buf buf; 706| 500| unsigned char *algs = NULL; 707| 500| size_t algs_len = 0; 708| | 709| 500| buf.data = (unsigned char *)data; 710| 500| buf.dataptr = buf.data; 711| 500| buf.len = datalen; 712| 500| buf.dataptr += 17; /* advance past type and cookie */ 713| | 714| 500| if(_libssh2_get_string(&buf, &algs, &algs_len)) { ------------------ | Branch (714:24): [True: 1, False: 499] ------------------ 715| 1| LIBSSH2_FREE(session, data); ------------------ | | 238| 1| session->free(ptr, &(session)->abstract) ------------------ 716| 1| session->packAdd_state = libssh2_NB_state_idle; 717| 1| return _libssh2_error(session, 718| 1| LIBSSH2_ERROR_BUFFER_TOO_SMALL, ------------------ | | 521| 1|#define LIBSSH2_ERROR_BUFFER_TOO_SMALL (-38) ------------------ 719| 1| "Algs too short"); 720| 1| } 721| | 722| 499| if(algs_len == 0 || ------------------ | Branch (722:24): [True: 1, False: 498] ------------------ 723| 498| _libssh2_kex_agree_instr(algs, algs_len, strict, 28)) { ------------------ | Branch (723:24): [True: 117, False: 381] ------------------ 724| 118| session->kex_strict = 1; 725| 118| } 726| 499| } 727| 500| } 728| | 729| 499| if(session->kex_strict && seq) { ------------------ | Branch (729:16): [True: 118, False: 381] | Branch (729:39): [True: 1, False: 117] ------------------ 730| 1| LIBSSH2_FREE(session, data); ------------------ | | 238| 1| session->free(ptr, &(session)->abstract) ------------------ 731| 1| session->socket_state = LIBSSH2_SOCKET_DISCONNECTED; ------------------ | | 1097| 1|#define LIBSSH2_SOCKET_DISCONNECTED (-1) ------------------ 732| 1| session->packAdd_state = libssh2_NB_state_idle; 733| 1| libssh2_session_disconnect(session, "strict KEX violation: " ------------------ | | 625| 1| libssh2_session_disconnect_ex(session, SSH_DISCONNECT_BY_APPLICATION, \ | | ------------------ | | | | 467| 1|#define SSH_DISCONNECT_BY_APPLICATION 11 | | ------------------ | | 626| 1| description, "") ------------------ 734| 1| "KEXINIT was not the first packet"); 735| | 736| 1| return _libssh2_error(session, LIBSSH2_ERROR_SOCKET_DISCONNECT, ------------------ | | 494| 1|#define LIBSSH2_ERROR_SOCKET_DISCONNECT (-13) ------------------ 737| 1| "strict KEX violation: " 738| 1| "KEXINIT was not the first packet"); 739| 1| } 740| 499| } 741| | 742| 28.8k| if(session->kex_strict && session->fullpacket_required_type && ------------------ | Branch (742:12): [True: 235, False: 28.6k] | Branch (742:35): [True: 231, False: 4] ------------------ 743| 231| session->fullpacket_required_type != msg) { ------------------ | Branch (743:12): [True: 0, False: 231] ------------------ 744| 0| LIBSSH2_FREE(session, data); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 745| 0| session->socket_state = LIBSSH2_SOCKET_DISCONNECTED; ------------------ | | 1097| 0|#define LIBSSH2_SOCKET_DISCONNECTED (-1) ------------------ 746| 0| session->packAdd_state = libssh2_NB_state_idle; 747| 0| libssh2_session_disconnect(session, "strict KEX violation: " ------------------ | | 625| 0| libssh2_session_disconnect_ex(session, SSH_DISCONNECT_BY_APPLICATION, \ | | ------------------ | | | | 467| 0|#define SSH_DISCONNECT_BY_APPLICATION 11 | | ------------------ | | 626| 0| description, "") ------------------ 748| 0| "unexpected packet type"); 749| | 750| 0| return _libssh2_error(session, LIBSSH2_ERROR_SOCKET_DISCONNECT, ------------------ | | 494| 0|#define LIBSSH2_ERROR_SOCKET_DISCONNECT (-13) ------------------ 751| 0| "strict KEX violation: " 752| 0| "unexpected packet type"); 753| 0| } 754| 28.8k| } 755| | 756| 29.5k| if(session->packAdd_state == libssh2_NB_state_allocated) { ------------------ | Branch (756:8): [True: 29.5k, False: 0] ------------------ 757| | /* A couple exceptions to the packet adding rule: */ 758| 29.5k| switch(msg) { 759| | 760| | /* 761| | byte SSH_MSG_DISCONNECT 762| | uint32 reason code 763| | string description in ISO-10646 UTF-8 encoding [RFC3629] 764| | string language tag [RFC3066] 765| | */ 766| | 767| 1| case SSH_MSG_DISCONNECT: ------------------ | | 1113| 1|#define SSH_MSG_DISCONNECT 1 ------------------ | Branch (767:9): [True: 1, False: 29.5k] ------------------ 768| 1| if(datalen >= 5) { ------------------ | Branch (768:16): [True: 1, False: 0] ------------------ 769| 1| uint32_t reason = 0; 770| 1| struct string_buf buf; 771| 1| buf.data = (unsigned char *)data; 772| 1| buf.dataptr = buf.data; 773| 1| buf.len = datalen; 774| 1| buf.dataptr++; /* advance past type */ 775| | 776| 1| _libssh2_get_u32(&buf, &reason); 777| 1| _libssh2_get_string(&buf, &message, &message_len); 778| 1| _libssh2_get_string(&buf, &language, &language_len); 779| | 780| 1| if(session->ssh_msg_disconnect) { ------------------ | Branch (780:20): [True: 0, False: 1] ------------------ 781| 0| LIBSSH2_DISCONNECT(session, reason, (const char *)message, ------------------ | | 250| 0| session->ssh_msg_disconnect(session, reason, \ | | 251| 0| message, (int)(message_len), \ | | 252| 0| language, (int)(language_len), \ | | 253| 0| &(session)->abstract) ------------------ 782| 0| message_len, (const char *)language, 783| 0| language_len); 784| 0| } 785| | 786| 1| _libssh2_debug((session, LIBSSH2_TRACE_TRANS, ------------------ | | 1090| 1|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 787| 1| "Disconnect(%d): %.*s(%.*s)", reason, 788| 1| (int)message_len, message, 789| 1| (int)language_len, language)); 790| 1| } 791| | 792| 1| LIBSSH2_FREE(session, data); ------------------ | | 238| 1| session->free(ptr, &(session)->abstract) ------------------ 793| 1| session->socket_state = LIBSSH2_SOCKET_DISCONNECTED; ------------------ | | 1097| 1|#define LIBSSH2_SOCKET_DISCONNECTED (-1) ------------------ 794| 1| session->packAdd_state = libssh2_NB_state_idle; 795| 1| return _libssh2_error(session, LIBSSH2_ERROR_SOCKET_DISCONNECT, ------------------ | | 494| 1|#define LIBSSH2_ERROR_SOCKET_DISCONNECT (-13) ------------------ 796| 1| "socket disconnect"); 797| | /* 798| | byte SSH_MSG_IGNORE 799| | string data 800| | */ 801| | 802| 1| case SSH_MSG_IGNORE: ------------------ | | 1114| 1|#define SSH_MSG_IGNORE 2 ------------------ | Branch (802:9): [True: 1, False: 29.5k] ------------------ 803| 1| if(datalen >= 2) { ------------------ | Branch (803:16): [True: 1, False: 0] ------------------ 804| 1| if(session->ssh_msg_ignore) { ------------------ | Branch (804:20): [True: 0, False: 1] ------------------ 805| 0| LIBSSH2_IGNORE(session, (char *)data + 1, datalen - 1); ------------------ | | 240| 0| session->ssh_msg_ignore(session, data, (int)(datalen), \ | | 241| 0| &(session)->abstract) ------------------ 806| 0| } 807| 1| } 808| 0| else if(session->ssh_msg_ignore) { ------------------ | Branch (808:21): [True: 0, False: 0] ------------------ 809| 0| LIBSSH2_IGNORE(session, "", 0); ------------------ | | 240| 0| session->ssh_msg_ignore(session, data, (int)(datalen), \ | | 241| 0| &(session)->abstract) ------------------ 810| 0| } 811| 1| LIBSSH2_FREE(session, data); ------------------ | | 238| 1| session->free(ptr, &(session)->abstract) ------------------ 812| 1| session->packAdd_state = libssh2_NB_state_idle; 813| 1| return 0; 814| | 815| | /* 816| | byte SSH_MSG_DEBUG 817| | boolean always_display 818| | string message in ISO-10646 UTF-8 encoding [RFC3629] 819| | string language tag [RFC3066] 820| | */ 821| | 822| 56| case SSH_MSG_DEBUG: ------------------ | | 1116| 56|#define SSH_MSG_DEBUG 4 ------------------ | Branch (822:9): [True: 56, False: 29.4k] ------------------ 823| 56| if(datalen >= 2) { ------------------ | Branch (823:16): [True: 56, False: 0] ------------------ 824| 56| int always_display = data[1]; 825| | 826| 56| if(datalen >= 6) { ------------------ | Branch (826:20): [True: 56, False: 0] ------------------ 827| 56| struct string_buf buf; 828| 56| buf.data = (unsigned char *)data; 829| 56| buf.dataptr = buf.data; 830| 56| buf.len = datalen; 831| 56| buf.dataptr += 2; /* advance past type & always display */ 832| | 833| 56| _libssh2_get_string(&buf, &message, &message_len); 834| 56| _libssh2_get_string(&buf, &language, &language_len); 835| 56| } 836| | 837| 56| if(session->ssh_msg_debug) { ------------------ | Branch (837:20): [True: 0, False: 56] ------------------ 838| 0| LIBSSH2_DEBUG(session, always_display, ------------------ | | 244| 0| session->ssh_msg_debug(session, always_display, \ | | 245| 0| message, (int)(message_len), \ | | 246| 0| language, (int)(language_len), \ | | 247| 0| &(session)->abstract) ------------------ 839| 0| (const char *)message, message_len, 840| 0| (const char *)language, language_len); 841| 0| } 842| 56| } 843| | 844| 56| _libssh2_debug((session, LIBSSH2_TRACE_TRANS, ------------------ | | 1090| 56|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 845| 56| "Debug Packet: %.*s", (int)message_len, message)); 846| 56| LIBSSH2_FREE(session, data); ------------------ | | 238| 56| session->free(ptr, &(session)->abstract) ------------------ 847| 56| session->packAdd_state = libssh2_NB_state_idle; 848| 56| return 0; 849| | 850| | /* 851| | byte SSH_MSG_EXT_INFO 852| | uint32 nr-extensions 853| | [repeat "nr-extensions" times] 854| | string extension-name [RFC8308] 855| | string extension-value (binary) 856| | */ 857| | 858| 4| case SSH_MSG_EXT_INFO: ------------------ | | 1119| 4|#define SSH_MSG_EXT_INFO 7 ------------------ | Branch (858:9): [True: 4, False: 29.5k] ------------------ 859| 4| if(datalen >= 5) { ------------------ | Branch (859:16): [True: 4, False: 0] ------------------ 860| 4| uint32_t nr_extensions = 0; 861| 4| struct string_buf buf; 862| 4| buf.data = (unsigned char *)data; 863| 4| buf.dataptr = buf.data; 864| 4| buf.len = datalen; 865| 4| buf.dataptr += 1; /* advance past type */ 866| | 867| 4| if(_libssh2_get_u32(&buf, &nr_extensions) != 0 || ------------------ | Branch (867:20): [True: 0, False: 4] ------------------ 868| 4| nr_extensions >= 1024) { ------------------ | Branch (868:20): [True: 4, False: 0] ------------------ 869| 4| rc = _libssh2_error(session, LIBSSH2_ERROR_PROTO, ------------------ | | 495| 4|#define LIBSSH2_ERROR_PROTO (-14) ------------------ 870| 4| "Invalid extension info received"); 871| 4| } 872| | 873| 4| while(rc == 0 && nr_extensions > 0) { ------------------ | Branch (873:23): [True: 0, False: 4] | Branch (873:34): [True: 0, False: 0] ------------------ 874| | 875| 0| size_t name_len = 0; 876| 0| size_t value_len = 0; 877| 0| unsigned char *name = NULL; 878| 0| unsigned char *value = NULL; 879| | 880| 0| nr_extensions -= 1; 881| | 882| 0| if(_libssh2_get_string(&buf, &name, &name_len)) ------------------ | Branch (882:24): [True: 0, False: 0] ------------------ 883| 0| break; 884| 0| if(_libssh2_get_string(&buf, &value, &value_len)) ------------------ | Branch (884:24): [True: 0, False: 0] ------------------ 885| 0| break; 886| | 887| 0| if(name && value) { ------------------ | Branch (887:24): [True: 0, False: 0] | Branch (887:32): [True: 0, False: 0] ------------------ 888| 0| _libssh2_debug((session, LIBSSH2_TRACE_KEX, ------------------ | | 1090| 0|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 889| 0| "Server to Client extension " 890| 0| "%.*s: %.*s", 891| 0| (int)name_len, name, 892| 0| (int)value_len, value)); 893| 0| } 894| | 895| 0| if(name && name_len == 15 && ------------------ | Branch (895:24): [True: 0, False: 0] | Branch (895:32): [True: 0, False: 0] ------------------ 896| 0| memcmp(name, "server-sig-algs", 15) == 0) { ------------------ | Branch (896:24): [True: 0, False: 0] ------------------ 897| 0| if(session->server_sign_algorithms) { ------------------ | Branch (897:28): [True: 0, False: 0] ------------------ 898| 0| LIBSSH2_FREE(session, ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 899| 0| session->server_sign_algorithms); 900| 0| } 901| | 902| 0| session->server_sign_algorithms = 903| 0| LIBSSH2_ALLOC(session, ------------------ | | 232| 0| session->alloc(count, &(session)->abstract) ------------------ 904| 0| value_len + 1); 905| | 906| 0| if(value && session->server_sign_algorithms) { ------------------ | Branch (906:28): [True: 0, False: 0] | Branch (906:37): [True: 0, False: 0] ------------------ 907| 0| memcpy(session->server_sign_algorithms, 908| 0| value, value_len); 909| 0| session->server_sign_algorithms[value_len] = '\0'; 910| 0| } 911| 0| else { 912| 0| rc = _libssh2_error(session, LIBSSH2_ERROR_ALLOC, ------------------ | | 487| 0|#define LIBSSH2_ERROR_ALLOC (-6) ------------------ 913| 0| "memory for server sign algo"); 914| 0| } 915| 0| } 916| 0| } 917| 4| } 918| | 919| 4| LIBSSH2_FREE(session, data); ------------------ | | 238| 4| session->free(ptr, &(session)->abstract) ------------------ 920| 4| session->packAdd_state = libssh2_NB_state_idle; 921| 4| return rc; 922| | 923| | /* 924| | byte SSH_MSG_GLOBAL_REQUEST 925| | string request name in US-ASCII only 926| | boolean want reply 927| | .... request-specific data follows 928| | */ 929| | 930| 0| case SSH_MSG_GLOBAL_REQUEST: ------------------ | | 1155| 0|#define SSH_MSG_GLOBAL_REQUEST 80 ------------------ | Branch (930:9): [True: 0, False: 29.5k] ------------------ 931| 0| if(datalen >= 5) { ------------------ | Branch (931:16): [True: 0, False: 0] ------------------ 932| 0| want_reply = 0; 933| 0| len = _libssh2_ntohu32(data + 1); 934| 0| if((len <= (UINT_MAX - 6)) && (datalen >= (6 + len))) { ------------------ | Branch (934:20): [True: 0, False: 0] | Branch (934:47): [True: 0, False: 0] ------------------ 935| 0| want_reply = data[5 + len]; 936| 0| _libssh2_debug((session, LIBSSH2_TRACE_CONN, ------------------ | | 1090| 0|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 937| 0| "Received global request type " 938| 0| "%.*s (wr %X)", 939| 0| (int)len, data + 5, want_reply)); 940| 0| } 941| | 942| 0| if(want_reply) { ------------------ | Branch (942:20): [True: 0, False: 0] ------------------ 943| 0| static const unsigned char packet = 944| 0| SSH_MSG_REQUEST_FAILURE; ------------------ | | 1157| 0|#define SSH_MSG_REQUEST_FAILURE 82 ------------------ 945| 0|libssh2_packet_add_jump_point5: 946| 0| session->packAdd_state = libssh2_NB_state_jump5; 947| 0| rc = _libssh2_transport_send(session, &packet, 1, NULL, 0); 948| 0| if(rc == LIBSSH2_ERROR_EAGAIN) ------------------ | | 520| 0|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (948:24): [True: 0, False: 0] ------------------ 949| 0| return rc; 950| 0| } 951| 0| } 952| 0| LIBSSH2_FREE(session, data); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 953| 0| session->packAdd_state = libssh2_NB_state_idle; 954| 0| return 0; 955| | 956| | /* 957| | byte SSH_MSG_CHANNEL_EXTENDED_DATA 958| | uint32 recipient channel 959| | uint32 data_type_code 960| | string data 961| | */ 962| | 963| 2| case SSH_MSG_CHANNEL_EXTENDED_DATA: ------------------ | | 1164| 2|#define SSH_MSG_CHANNEL_EXTENDED_DATA 95 ------------------ | Branch (963:9): [True: 2, False: 29.5k] ------------------ 964| | /* streamid(4) */ 965| 2| data_head += 4; 966| | 967| 2| LIBSSH2_FALLTHROUGH(); ------------------ | | 171| 2|# define LIBSSH2_FALLTHROUGH() __attribute__((fallthrough)) ------------------ 968| | 969| | /* 970| | byte SSH_MSG_CHANNEL_DATA 971| | uint32 recipient channel 972| | string data 973| | */ 974| | 975| 32| case SSH_MSG_CHANNEL_DATA: ------------------ | | 1163| 32|#define SSH_MSG_CHANNEL_DATA 94 ------------------ | Branch (975:9): [True: 30, False: 29.4k] ------------------ 976| | /* packet_type(1) + channelno(4) + datalen(4) */ 977| 32| data_head += 9; 978| | 979| 32| if(datalen >= data_head) ------------------ | Branch (979:16): [True: 32, False: 0] ------------------ 980| 32| channelp = 981| 32| _libssh2_channel_locate(session, 982| 32| _libssh2_ntohu32(data + 1)); 983| | 984| 32| if(!channelp) { ------------------ | Branch (984:16): [True: 32, False: 0] ------------------ 985| 32| _libssh2_error(session, LIBSSH2_ERROR_CHANNEL_UNKNOWN, ------------------ | | 506| 32|#define LIBSSH2_ERROR_CHANNEL_UNKNOWN (-23) ------------------ 986| 32| "Packet received for unknown channel"); 987| 32| LIBSSH2_FREE(session, data); ------------------ | | 238| 32| session->free(ptr, &(session)->abstract) ------------------ 988| 32| session->packAdd_state = libssh2_NB_state_idle; 989| 32| return 0; 990| 32| } 991| 0|#ifdef LIBSSH2DEBUG 992| 0| { 993| 0| uint32_t stream_id = 0; 994| 0| if(msg == SSH_MSG_CHANNEL_EXTENDED_DATA) ------------------ | | 1164| 0|#define SSH_MSG_CHANNEL_EXTENDED_DATA 95 ------------------ | Branch (994:20): [True: 0, False: 0] ------------------ 995| 0| stream_id = _libssh2_ntohu32(data + 5); 996| | 997| 0| _libssh2_debug((session, LIBSSH2_TRACE_CONN, ------------------ | | 1090| 0|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 998| 0| "%ld bytes packet_add() for %u/%u/%u", 999| 0| (long)(datalen - data_head), 1000| 0| channelp->local.id, 1001| 0| channelp->remote.id, 1002| 0| stream_id)); 1003| 0| } 1004| 0|#endif 1005| 0| if((channelp->remote.extended_data_ignore_mode == ------------------ | Branch (1005:16): [True: 0, False: 0] ------------------ 1006| 0| LIBSSH2_CHANNEL_EXTENDED_DATA_IGNORE) && ------------------ | | 775| 0|#define LIBSSH2_CHANNEL_EXTENDED_DATA_IGNORE 1 ------------------ 1007| 0| (msg == SSH_MSG_CHANNEL_EXTENDED_DATA)) { ------------------ | | 1164| 0|#define SSH_MSG_CHANNEL_EXTENDED_DATA 95 ------------------ | Branch (1007:16): [True: 0, False: 0] ------------------ 1008| | /* Pretend we didn't receive this */ 1009| 0| LIBSSH2_FREE(session, data); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1010| | 1011| 0| _libssh2_debug((session, LIBSSH2_TRACE_CONN, ------------------ | | 1090| 0|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 1012| 0| "Ignoring extended data and refunding " 1013| 0| "%ld bytes", (long)(datalen - 13))); 1014| 0| if(channelp->read_avail + datalen - data_head >= ------------------ | Branch (1014:20): [True: 0, False: 0] ------------------ 1015| 0| channelp->remote.window_size) 1016| 0| datalen = channelp->remote.window_size - 1017| 0| channelp->read_avail + data_head; 1018| | 1019| 0| channelp->remote.window_size -= (uint32_t)(datalen - 1020| 0| data_head); 1021| 0| _libssh2_debug((session, LIBSSH2_TRACE_CONN, ------------------ | | 1090| 0|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 1022| 0| "shrinking window size by %ld bytes to %u, " 1023| 0| "read_avail %ld", 1024| 0| (long)(datalen - data_head), 1025| 0| channelp->remote.window_size, 1026| 0| (long)channelp->read_avail)); 1027| | 1028| 0| session->packAdd_channelp = channelp; 1029| | 1030| | /* Adjust the window based on the block we just freed */ 1031| 0|libssh2_packet_add_jump_point1: 1032| 0| session->packAdd_state = libssh2_NB_state_jump1; 1033| 0| rc = _libssh2_channel_receive_window_adjust(session-> 1034| 0| packAdd_channelp, 1035| 0| (uint32_t)(datalen - 13), 1036| 0| 1, NULL); 1037| 0| if(rc == LIBSSH2_ERROR_EAGAIN) ------------------ | | 520| 0|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (1037:20): [True: 0, False: 0] ------------------ 1038| 0| return rc; 1039| | 1040| 0| session->packAdd_state = libssh2_NB_state_idle; 1041| 0| return 0; 1042| 0| } 1043| | 1044| | /* 1045| | * REMEMBER! remote means remote as source of data, 1046| | * NOT remote window! 1047| | */ 1048| 0| if(channelp->remote.packet_size < (datalen - data_head)) { ------------------ | Branch (1048:16): [True: 0, False: 0] ------------------ 1049| | /* 1050| | * Spec says we MAY ignore bytes sent beyond 1051| | * packet_size 1052| | */ 1053| 0| _libssh2_error(session, LIBSSH2_ERROR_CHANNEL_PACKET_EXCEEDED, ------------------ | | 508| 0|#define LIBSSH2_ERROR_CHANNEL_PACKET_EXCEEDED (-25) ------------------ 1054| 0| "Packet contains more data than we offered" 1055| 0| " to receive, truncating"); 1056| 0| datalen = channelp->remote.packet_size + data_head; 1057| 0| } 1058| 0| if(channelp->remote.window_size <= channelp->read_avail) { ------------------ | Branch (1058:16): [True: 0, False: 0] ------------------ 1059| | /* 1060| | * Spec says we MAY ignore bytes sent beyond 1061| | * window_size 1062| | */ 1063| 0| _libssh2_error(session, LIBSSH2_ERROR_CHANNEL_WINDOW_EXCEEDED, ------------------ | | 507| 0|#define LIBSSH2_ERROR_CHANNEL_WINDOW_EXCEEDED (-24) ------------------ 1064| 0| "The current receive window is full," 1065| 0| " data ignored"); 1066| 0| LIBSSH2_FREE(session, data); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1067| 0| session->packAdd_state = libssh2_NB_state_idle; 1068| 0| return 0; 1069| 0| } 1070| | /* Reset EOF status */ 1071| 0| channelp->remote.eof = 0; 1072| | 1073| 0| if(channelp->read_avail + datalen - data_head > ------------------ | Branch (1073:16): [True: 0, False: 0] ------------------ 1074| 0| channelp->remote.window_size) { 1075| 0| _libssh2_error(session, LIBSSH2_ERROR_CHANNEL_WINDOW_EXCEEDED, ------------------ | | 507| 0|#define LIBSSH2_ERROR_CHANNEL_WINDOW_EXCEEDED (-24) ------------------ 1076| 0| "Remote sent more data than current " 1077| 0| "window allows, truncating"); 1078| 0| datalen = channelp->remote.window_size - 1079| 0| channelp->read_avail + data_head; 1080| 0| } 1081| | 1082| | /* Update the read_avail counter. The window size will be 1083| | * updated once the data is actually read from the queue 1084| | * from an upper layer */ 1085| 0| channelp->read_avail += datalen - data_head; 1086| | 1087| 0| _libssh2_debug((session, LIBSSH2_TRACE_CONN, ------------------ | | 1090| 0|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 1088| 0| "increasing read_avail by %ld bytes to %ld/%u", 1089| 0| (long)(datalen - data_head), 1090| 0| (long)channelp->read_avail, 1091| 0| channelp->remote.window_size)); 1092| | 1093| 0| break; 1094| | 1095| | /* 1096| | byte SSH_MSG_CHANNEL_EOF 1097| | uint32 recipient channel 1098| | */ 1099| | 1100| 27| case SSH_MSG_CHANNEL_EOF: ------------------ | | 1165| 27|#define SSH_MSG_CHANNEL_EOF 96 ------------------ | Branch (1100:9): [True: 27, False: 29.5k] ------------------ 1101| 27| if(datalen >= 5) ------------------ | Branch (1101:16): [True: 15, False: 12] ------------------ 1102| 15| channelp = 1103| 15| _libssh2_channel_locate(session, 1104| 15| _libssh2_ntohu32(data + 1)); 1105| 27| if(!channelp) ------------------ | Branch (1105:16): [True: 27, False: 0] ------------------ 1106| | /* We may have freed already, just quietly ignore this... */ 1107| 27| ; 1108| 0| else { 1109| 0| _libssh2_debug((session, LIBSSH2_TRACE_CONN, ------------------ | | 1090| 0|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 1110| 0| "EOF received for channel %u/%u", 1111| 0| channelp->local.id, 1112| 0| channelp->remote.id)); 1113| 0| channelp->remote.eof = 1; 1114| 0| } 1115| 27| LIBSSH2_FREE(session, data); ------------------ | | 238| 27| session->free(ptr, &(session)->abstract) ------------------ 1116| 27| session->packAdd_state = libssh2_NB_state_idle; 1117| 27| return 0; 1118| | 1119| | /* 1120| | byte SSH_MSG_CHANNEL_REQUEST 1121| | uint32 recipient channel 1122| | string request type in US-ASCII characters only 1123| | boolean want reply 1124| | .... type-specific data follows 1125| | */ 1126| | 1127| 10| case SSH_MSG_CHANNEL_REQUEST: ------------------ | | 1167| 10|#define SSH_MSG_CHANNEL_REQUEST 98 ------------------ | Branch (1127:9): [True: 10, False: 29.5k] ------------------ 1128| 10| if(datalen >= 9) { ------------------ | Branch (1128:16): [True: 5, False: 5] ------------------ 1129| 5| unsigned char *request; 1130| 5| size_t r_len; 1131| 5| struct string_buf buf; 1132| 5| buf.data = data; 1133| 5| buf.dataptr = buf.data; 1134| 5| buf.len = datalen; 1135| | 1136| 5| buf.dataptr++; /* Advance past packet type */ 1137| | 1138| 5| if(_libssh2_get_u32(&buf, &channel)) { ------------------ | Branch (1138:20): [True: 0, False: 5] ------------------ 1139| 0| rc = _libssh2_error(session, LIBSSH2_ERROR_PROTO, ------------------ | | 495| 0|#define LIBSSH2_ERROR_PROTO (-14) ------------------ 1140| 0| "Unexpected channel value."); 1141| 0| goto clean_exit; 1142| 0| } 1143| | 1144| 5| if(_libssh2_get_string(&buf, &request, &r_len)) { ------------------ | Branch (1144:20): [True: 0, False: 5] ------------------ 1145| 0| rc = _libssh2_error(session, LIBSSH2_ERROR_PROTO, ------------------ | | 495| 0|#define LIBSSH2_ERROR_PROTO (-14) ------------------ 1146| 0| "Unexpected request value."); 1147| 0| goto clean_exit; 1148| 0| } 1149| | 1150| 5| len = (uint32_t)r_len; 1151| | 1152| 5| if(_libssh2_get_byte(&buf, &want_reply)) { ------------------ | Branch (1152:20): [True: 0, False: 5] ------------------ 1153| 0| rc = _libssh2_error(session, LIBSSH2_ERROR_PROTO, ------------------ | | 495| 0|#define LIBSSH2_ERROR_PROTO (-14) ------------------ 1154| 0| "Unexpected want reply value."); 1155| 0| goto clean_exit; 1156| 0| } 1157| | 1158| 5| _libssh2_debug((session, LIBSSH2_TRACE_CONN, ------------------ | | 1090| 5|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 1159| 5| "Channel %u received request type " 1160| 5| "%.*s (wr %X)", 1161| 5| channel, (int)len, request, want_reply)); 1162| | 1163| 5| if(len == strlen("exit-status") && ------------------ | Branch (1163:20): [True: 5, False: 0] ------------------ 1164| 5| !memcmp("exit-status", request, strlen("exit-status"))) { ------------------ | Branch (1164:20): [True: 3, False: 2] ------------------ 1165| | 1166| | /* we've got "exit-status" packet. Set the session value */ 1167| 3| if(datalen >= 20) ------------------ | Branch (1167:24): [True: 3, False: 0] ------------------ 1168| 3| channelp = _libssh2_channel_locate(session, channel); 1169| | 1170| 3| if(channelp) { ------------------ | Branch (1170:24): [True: 0, False: 3] ------------------ 1171| | 1172| 0| uint32_t status = 0; 1173| 0| if(_libssh2_get_u32(&buf, &status)) { ------------------ | Branch (1173:28): [True: 0, False: 0] ------------------ 1174| 0| rc = _libssh2_error(session, LIBSSH2_ERROR_PROTO, ------------------ | | 495| 0|#define LIBSSH2_ERROR_PROTO (-14) ------------------ 1175| 0| "exit-signal status error"); 1176| 0| } 1177| | 1178| 0| channelp->exit_status = (int)status; 1179| | 1180| 0| _libssh2_debug((session, LIBSSH2_TRACE_CONN, ------------------ | | 1090| 0|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 1181| 0| "Exit status %d received for " 1182| 0| "channel %u/%u", 1183| 0| channelp->exit_status, 1184| 0| channelp->local.id, 1185| 0| channelp->remote.id)); 1186| 0| } 1187| 3| } 1188| 2| else if(len == strlen("exit-signal") && ------------------ | Branch (1188:25): [True: 2, False: 0] ------------------ 1189| 2| !memcmp("exit-signal", request, ------------------ | Branch (1189:25): [True: 0, False: 2] ------------------ 1190| 2| strlen("exit-signal"))) { 1191| | 1192| | /* command terminated due to signal */ 1193| 0| if(datalen >= 20) ------------------ | Branch (1193:24): [True: 0, False: 0] ------------------ 1194| 0| channelp = _libssh2_channel_locate(session, channel); 1195| | 1196| 0| if(channelp) { ------------------ | Branch (1196:24): [True: 0, False: 0] ------------------ 1197| | 1198| | /* signal name (without SIG prefix) */ 1199| 0| unsigned char *sig_name = NULL; 1200| 0| size_t sig_len = 0; 1201| 0| if(_libssh2_get_string(&buf, &sig_name, &sig_len)) { ------------------ | Branch (1201:28): [True: 0, False: 0] ------------------ 1202| 0| rc = _libssh2_error(session, LIBSSH2_ERROR_PROTO, ------------------ | | 495| 0|#define LIBSSH2_ERROR_PROTO (-14) ------------------ 1203| 0| "signal name protocol error"); 1204| 0| } 1205| | 1206| 0| if(sig_len > UINT32_MAX - 1) { ------------------ | Branch (1206:28): [True: 0, False: 0] ------------------ 1207| 0| rc = _libssh2_error(session, LIBSSH2_ERROR_PROTO, ------------------ | | 495| 0|#define LIBSSH2_ERROR_PROTO (-14) ------------------ 1208| 0| "signal name out of bounds"); 1209| 0| } 1210| 0| else if(sig_len > 0) { ------------------ | Branch (1210:33): [True: 0, False: 0] ------------------ 1211| 0| channelp->exit_signal = 1212| 0| LIBSSH2_ALLOC(session, sig_len + 1); ------------------ | | 232| 0| session->alloc(count, &(session)->abstract) ------------------ 1213| | 1214| 0| if(channelp->exit_signal) { ------------------ | Branch (1214:32): [True: 0, False: 0] ------------------ 1215| 0| memcpy(channelp->exit_signal, 1216| 0| sig_name, sig_len); 1217| 0| channelp->exit_signal[sig_len] = '\0'; 1218| | 1219| 0| _libssh2_debug((session, LIBSSH2_TRACE_CONN, ------------------ | | 1090| 0|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 1220| 0| "Exit signal %s received for " 1221| 0| "channel %u/%u", 1222| 0| channelp->exit_signal, 1223| 0| channelp->local.id, 1224| 0| channelp->remote.id)); 1225| 0| } 1226| 0| else { 1227| 0| rc = _libssh2_error(session, 1228| 0| LIBSSH2_ERROR_ALLOC, ------------------ | | 487| 0|#define LIBSSH2_ERROR_ALLOC (-6) ------------------ 1229| 0| "exit signal alloc error"); 1230| 0| } 1231| 0| } 1232| 0| else { 1233| 0| channelp->exit_signal = NULL; 1234| 0| } 1235| 0| } 1236| 0| } 1237| | 1238| 5| if(want_reply) { ------------------ | Branch (1238:20): [True: 5, False: 0] ------------------ 1239| 5| unsigned char packet[5]; 1240| 5|libssh2_packet_add_jump_point4: 1241| 5| session->packAdd_state = libssh2_NB_state_jump4; 1242| 5| packet[0] = SSH_MSG_CHANNEL_FAILURE; ------------------ | | 1169| 5|#define SSH_MSG_CHANNEL_FAILURE 100 ------------------ 1243| 5| memcpy(&packet[1], data + 1, 4); 1244| 5| rc = _libssh2_transport_send(session, packet, 5, NULL, 0); 1245| 5| if(rc == LIBSSH2_ERROR_EAGAIN) ------------------ | | 520| 5|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (1245:24): [True: 0, False: 5] ------------------ 1246| 0| return rc; 1247| 5| } 1248| 5| } 1249| | 1250| 10|clean_exit: 1251| | 1252| 10| LIBSSH2_FREE(session, data); ------------------ | | 238| 10| session->free(ptr, &(session)->abstract) ------------------ 1253| 10| session->packAdd_state = libssh2_NB_state_idle; 1254| 10| return rc; 1255| | 1256| | /* 1257| | byte SSH_MSG_CHANNEL_CLOSE 1258| | uint32 recipient channel 1259| | */ 1260| | 1261| 10.5k| case SSH_MSG_CHANNEL_CLOSE: ------------------ | | 1166| 10.5k|#define SSH_MSG_CHANNEL_CLOSE 97 ------------------ | Branch (1261:9): [True: 10.5k, False: 18.9k] ------------------ 1262| 10.5k| if(datalen >= 5) ------------------ | Branch (1262:16): [True: 51, False: 10.4k] ------------------ 1263| 51| channelp = 1264| 51| _libssh2_channel_locate(session, 1265| 51| _libssh2_ntohu32(data + 1)); 1266| 10.5k| if(!channelp) { ------------------ | Branch (1266:16): [True: 10.5k, False: 0] ------------------ 1267| | /* We may have freed already, just quietly ignore this... */ 1268| 10.5k| LIBSSH2_FREE(session, data); ------------------ | | 238| 10.5k| session->free(ptr, &(session)->abstract) ------------------ 1269| 10.5k| session->packAdd_state = libssh2_NB_state_idle; 1270| 10.5k| return 0; 1271| 10.5k| } 1272| 0| _libssh2_debug((session, LIBSSH2_TRACE_CONN, ------------------ | | 1090| 0|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 1273| 0| "Close received for channel %u/%u", 1274| 0| channelp->local.id, 1275| 0| channelp->remote.id)); 1276| | 1277| 0| channelp->remote.close = 1; 1278| 0| channelp->remote.eof = 1; 1279| | 1280| 0| LIBSSH2_FREE(session, data); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1281| 0| session->packAdd_state = libssh2_NB_state_idle; 1282| 0| return 0; 1283| | 1284| | /* 1285| | byte SSH_MSG_CHANNEL_OPEN 1286| | string "session" 1287| | uint32 sender channel 1288| | uint32 initial window size 1289| | uint32 maximum packet size 1290| | */ 1291| | 1292| 17.6k| case SSH_MSG_CHANNEL_OPEN: ------------------ | | 1159| 17.6k|#define SSH_MSG_CHANNEL_OPEN 90 ------------------ | Branch (1292:9): [True: 17.6k, False: 11.8k] ------------------ 1293| 17.6k| if(datalen < 17) ------------------ | Branch (1293:16): [True: 41, False: 17.6k] ------------------ 1294| 41| ; 1295| 17.6k| else if((datalen >= (strlen("forwarded-tcpip") + 5)) && ------------------ | Branch (1295:21): [True: 13, False: 17.6k] ------------------ 1296| 13| (strlen("forwarded-tcpip") == ------------------ | Branch (1296:21): [True: 0, False: 13] ------------------ 1297| 13| _libssh2_ntohu32(data + 1)) && 1298| 0| (memcmp(data + 5, "forwarded-tcpip", ------------------ | Branch (1298:21): [True: 0, False: 0] ------------------ 1299| 0| strlen("forwarded-tcpip")) == 0)) { 1300| | 1301| | /* init the state struct */ 1302| 0| memset(&session->packAdd_Qlstn_state, 0, 1303| 0| sizeof(session->packAdd_Qlstn_state)); 1304| | 1305| 0|libssh2_packet_add_jump_point2: 1306| 0| session->packAdd_state = libssh2_NB_state_jump2; 1307| 0| rc = packet_queue_listener(session, data, datalen, 1308| 0| &session->packAdd_Qlstn_state); 1309| 0| } 1310| 17.6k| else if((datalen >= (strlen("x11") + 5)) && ------------------ | Branch (1310:21): [True: 17.6k, False: 0] ------------------ 1311| 17.6k| ((strlen("x11")) == _libssh2_ntohu32(data + 1)) && ------------------ | Branch (1311:21): [True: 16.4k, False: 1.24k] ------------------ 1312| 16.4k| (memcmp(data + 5, "x11", strlen("x11")) == 0)) { ------------------ | Branch (1312:21): [True: 315, False: 16.0k] ------------------ 1313| | 1314| | /* init the state struct */ 1315| 315| memset(&session->packAdd_x11open_state, 0, 1316| 315| sizeof(session->packAdd_x11open_state)); 1317| | 1318| 315|libssh2_packet_add_jump_point3: 1319| 315| session->packAdd_state = libssh2_NB_state_jump3; 1320| 315| rc = packet_x11_open(session, data, datalen, 1321| 315| &session->packAdd_x11open_state); 1322| 315| } 1323| 17.3k| else if((datalen >= (strlen("auth-agent@openssh.com") + 5)) && ------------------ | Branch (1323:21): [True: 13, False: 17.3k] ------------------ 1324| 13| (strlen("auth-agent@openssh.com") == ------------------ | Branch (1324:21): [True: 0, False: 13] ------------------ 1325| 13| _libssh2_ntohu32(data + 1)) && 1326| 0| (memcmp(data + 5, "auth-agent@openssh.com", ------------------ | Branch (1326:21): [True: 0, False: 0] ------------------ 1327| 0| strlen("auth-agent@openssh.com")) == 0)) { 1328| | 1329| | /* init the state struct */ 1330| 0| memset(&session->packAdd_authagent_state, 0, 1331| 0| sizeof(session->packAdd_authagent_state)); 1332| | 1333| 0|libssh2_packet_add_jump_authagent: 1334| 0| session->packAdd_state = libssh2_NB_state_jumpauthagent; 1335| 0| rc = packet_authagent_open(session, data, datalen, 1336| 0| &session->packAdd_authagent_state); 1337| 0| } 1338| 17.6k| if(rc == LIBSSH2_ERROR_EAGAIN) ------------------ | | 520| 17.6k|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (1338:16): [True: 0, False: 17.6k] ------------------ 1339| 0| return rc; 1340| | 1341| 17.6k| LIBSSH2_FREE(session, data); ------------------ | | 238| 17.6k| session->free(ptr, &(session)->abstract) ------------------ 1342| 17.6k| session->packAdd_state = libssh2_NB_state_idle; 1343| 17.6k| return rc; 1344| | 1345| | /* 1346| | byte SSH_MSG_CHANNEL_WINDOW_ADJUST 1347| | uint32 recipient channel 1348| | uint32 bytes to add 1349| | */ 1350| 17| case SSH_MSG_CHANNEL_WINDOW_ADJUST: ------------------ | | 1162| 17|#define SSH_MSG_CHANNEL_WINDOW_ADJUST 93 ------------------ | Branch (1350:9): [True: 17, False: 29.5k] ------------------ 1351| 17| if(datalen < 9) ------------------ | Branch (1351:16): [True: 3, False: 14] ------------------ 1352| 3| ; 1353| 14| else { 1354| 14| uint32_t bytestoadd = _libssh2_ntohu32(data + 5); 1355| 14| channelp = 1356| 14| _libssh2_channel_locate(session, 1357| 14| _libssh2_ntohu32(data + 1)); 1358| 14| if(channelp) { ------------------ | Branch (1358:20): [True: 0, False: 14] ------------------ 1359| 0| if(bytestoadd > UINT32_MAX - channelp->local.window_size) { ------------------ | Branch (1359:24): [True: 0, False: 0] ------------------ 1360| 0| rc = _libssh2_error(session, LIBSSH2_ERROR_PROTO, ------------------ | | 495| 0|#define LIBSSH2_ERROR_PROTO (-14) ------------------ 1361| 0| "Window adjust out of bounds"); 1362| 0| } 1363| 0| else { 1364| 0| channelp->local.window_size += bytestoadd; 1365| | 1366| 0| _libssh2_debug((session, LIBSSH2_TRACE_CONN, ------------------ | | 1090| 0|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 1367| 0| "Window adjust for channel %u/%u, " 1368| 0| "adding %u bytes, new window_size=%u", 1369| 0| channelp->local.id, 1370| 0| channelp->remote.id, 1371| 0| bytestoadd, 1372| 0| channelp->local.window_size)); 1373| 0| } 1374| 0| } 1375| 14| } 1376| | 1377| 17| LIBSSH2_FREE(session, data); ------------------ | | 238| 17| session->free(ptr, &(session)->abstract) ------------------ 1378| 17| session->packAdd_state = libssh2_NB_state_idle; 1379| 17| return rc; 1380| 1.13k| default: ------------------ | Branch (1380:9): [True: 1.13k, False: 28.3k] ------------------ 1381| 1.13k| break; 1382| 29.5k| } 1383| | 1384| 1.13k| session->packAdd_state = libssh2_NB_state_sent; 1385| 1.13k| } 1386| | 1387| 1.13k| if(session->packAdd_state == libssh2_NB_state_sent) { ------------------ | Branch (1387:8): [True: 1.13k, False: 0] ------------------ 1388| 1.13k| struct packet *packetp = 1389| 1.13k| LIBSSH2_ALLOC(session, sizeof(struct packet)); ------------------ | | 232| 1.13k| session->alloc(count, &(session)->abstract) ------------------ 1390| 1.13k| if(!packetp) { ------------------ | Branch (1390:12): [True: 0, False: 1.13k] ------------------ 1391| 0| _libssh2_debug((session, LIBSSH2_ERROR_ALLOC, ------------------ | | 1090| 0|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 1392| 0| "memory for packet")); 1393| 0| LIBSSH2_FREE(session, data); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1394| 0| session->packAdd_state = libssh2_NB_state_idle; 1395| 0| return LIBSSH2_ERROR_ALLOC; ------------------ | | 487| 0|#define LIBSSH2_ERROR_ALLOC (-6) ------------------ 1396| 0| } 1397| 1.13k| packetp->data = data; 1398| 1.13k| packetp->data_len = datalen; 1399| 1.13k| packetp->data_head = data_head; 1400| | 1401| 1.13k| _libssh2_list_add(&session->packets, &packetp->node); 1402| | 1403| 1.13k| session->packAdd_state = libssh2_NB_state_sent1; 1404| 1.13k| } 1405| | 1406| 1.13k| if((msg == SSH_MSG_KEXINIT && ------------------ | | 1121| 2.27k|#define SSH_MSG_KEXINIT 20 ------------------ | Branch (1406:9): [True: 532, False: 606] ------------------ 1407| 532| !(session->state & LIBSSH2_STATE_EXCHANGING_KEYS)) || ------------------ | | 947| 532|#define LIBSSH2_STATE_EXCHANGING_KEYS 0x00000002 ------------------ | Branch (1407:9): [True: 34, False: 498] ------------------ 1408| 1.10k| (session->packAdd_state == libssh2_NB_state_sent2)) { ------------------ | Branch (1408:8): [True: 0, False: 1.10k] ------------------ 1409| | 1410| 34| if(session->packAdd_state == libssh2_NB_state_sent1) { ------------------ | Branch (1410:12): [True: 34, False: 0] ------------------ 1411| | /* 1412| | * Remote wants new keys 1413| | * Well, it's already in the brigade, 1414| | * let's just call back into ourselves 1415| | */ 1416| 34| _libssh2_debug((session, LIBSSH2_TRACE_TRANS, ------------------ | | 1090| 34|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 1417| 34| "Renegotiating Keys")); 1418| | 1419| 34| session->packAdd_state = libssh2_NB_state_sent2; 1420| 34| } 1421| | 1422| | /* 1423| | * The KEXINIT message has been added to the queue. The packAdd and 1424| | * readPack states need to be reset because _libssh2_kex_exchange 1425| | * (eventually) calls upon _libssh2_transport_read to read the rest of 1426| | * the key exchange conversation. 1427| | */ 1428| 34| session->readPack_state = libssh2_NB_state_idle; 1429| 34| session->packet.total_num = 0; 1430| 34| session->packAdd_state = libssh2_NB_state_idle; 1431| 34| session->fullpacket_state = libssh2_NB_state_idle; 1432| | 1433| 34| memset(&session->startup_key_state, 0, 1434| 34| sizeof(session->startup_key_state)); 1435| | 1436| | /* 1437| | * If there was a key reexchange failure, let's just hope we didn't 1438| | * send NEWKEYS yet, otherwise remote will drop us like a rock 1439| | */ 1440| 34| rc = _libssh2_kex_exchange(session, 1, &session->startup_key_state); 1441| 34| if(rc == LIBSSH2_ERROR_EAGAIN) ------------------ | | 520| 34|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (1441:12): [True: 0, False: 34] ------------------ 1442| 0| return rc; 1443| 34| } 1444| | 1445| 1.13k| session->packAdd_state = libssh2_NB_state_idle; 1446| 1.13k| return 0; 1447| 1.13k|} _libssh2_packet_ask: 1457| 1.64k|{ 1458| 1.64k| struct packet *packet = _libssh2_list_first(&session->packets); 1459| | 1460| 1.64k| _libssh2_debug((session, LIBSSH2_TRACE_TRANS, ------------------ | | 1090| 1.64k|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 1461| 1.64k| "Looking for packet of type: %u", 1462| 1.64k| (unsigned int)packet_type)); 1463| | 1464| 8.06k| while(packet) { ------------------ | Branch (1464:11): [True: 6.68k, False: 1.37k] ------------------ 1465| 6.68k| if(packet->data[0] == packet_type && ------------------ | Branch (1465:12): [True: 271, False: 6.41k] ------------------ 1466| 271| (packet->data_len >= (match_ofs + match_len)) && ------------------ | Branch (1466:12): [True: 271, False: 0] ------------------ 1467| 271| (!match_buf || ------------------ | Branch (1467:13): [True: 271, False: 0] ------------------ 1468| 271| (memcmp(packet->data + match_ofs, match_buf, match_len) == 0))) { ------------------ | Branch (1468:13): [True: 0, False: 0] ------------------ 1469| 271| *data = packet->data; 1470| 271| *data_len = packet->data_len; 1471| | 1472| | /* unlink struct from session->packets */ 1473| 271| _libssh2_list_remove(&packet->node); 1474| | 1475| 271| LIBSSH2_FREE(session, packet); ------------------ | | 238| 271| session->free(ptr, &(session)->abstract) ------------------ 1476| | 1477| 271| return 0; 1478| 271| } 1479| 6.41k| else if(session->kex_strict && ------------------ | Branch (1479:17): [True: 6.41k, False: 2] ------------------ 1480| 6.41k| (session->state & LIBSSH2_STATE_INITIAL_KEX)) { ------------------ | | 946| 6.41k|#define LIBSSH2_STATE_INITIAL_KEX 0x00000001 ------------------ | Branch (1480:17): [True: 2, False: 6.41k] ------------------ 1481| 2| libssh2_session_disconnect(session, "strict KEX violation: " ------------------ | | 625| 2| libssh2_session_disconnect_ex(session, SSH_DISCONNECT_BY_APPLICATION, \ | | ------------------ | | | | 467| 2|#define SSH_DISCONNECT_BY_APPLICATION 11 | | ------------------ | | 626| 2| description, "") ------------------ 1482| 2| "unexpected packet type"); 1483| | 1484| 2| return _libssh2_error(session, LIBSSH2_ERROR_SOCKET_DISCONNECT, ------------------ | | 494| 2|#define LIBSSH2_ERROR_SOCKET_DISCONNECT (-13) ------------------ 1485| 2| "strict KEX violation: " 1486| 2| "unexpected packet type"); 1487| 2| } 1488| 6.41k| packet = _libssh2_list_next(&packet->node); 1489| 6.41k| } 1490| 1.37k| return -1; 1491| 1.64k|} _libssh2_packet_askv: 1503| 2|{ 1504| 2| size_t i, packet_types_len = strlen((const char *)packet_types); 1505| | 1506| 510| for(i = 0; i < packet_types_len; i++) { ------------------ | Branch (1506:16): [True: 508, False: 2] ------------------ 1507| 508| if(_libssh2_packet_ask(session, packet_types[i], data, ------------------ | Branch (1507:12): [True: 0, False: 508] ------------------ 1508| 508| data_len, match_ofs, 1509| 508| match_buf, match_len) == 0) { 1510| 0| return 0; 1511| 0| } 1512| 508| } 1513| | 1514| 2| return -1; 1515| 2|} _libssh2_packet_require: 1531| 308|{ 1532| 308| if(state->start == 0) { ------------------ | Branch (1532:8): [True: 307, False: 1] ------------------ 1533| 307| if(_libssh2_packet_ask(session, packet_type, data, data_len, ------------------ | Branch (1533:12): [True: 34, False: 273] ------------------ 1534| 307| match_ofs, match_buf, 1535| 307| match_len) == 0) { 1536| | /* A packet was available in the packet brigade */ 1537| 34| return 0; 1538| 34| } 1539| | 1540| 273| state->start = time(NULL); 1541| 273| } 1542| | 1543| 28.9k| while(session->socket_state == LIBSSH2_SOCKET_CONNECTED) { ------------------ | | 1096| 28.9k|#define LIBSSH2_SOCKET_CONNECTED 0 ------------------ | Branch (1543:11): [True: 28.9k, False: 0] ------------------ 1544| 28.9k| int ret; 1545| 28.9k| session->fullpacket_required_type = packet_type; 1546| 28.9k| ret = _libssh2_transport_read(session); 1547| 28.9k| session->fullpacket_required_type = 0; 1548| 28.9k| if(ret == LIBSSH2_ERROR_EAGAIN) ------------------ | | 520| 28.9k|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (1548:12): [True: 1, False: 28.9k] ------------------ 1549| 1| return ret; 1550| 28.9k| else if(ret < 0) { ------------------ | Branch (1550:17): [True: 36, False: 28.8k] ------------------ 1551| 36| state->start = 0; 1552| | /* an error which is not just because of blocking */ 1553| 36| return ret; 1554| 36| } 1555| 28.8k| else if(ret == packet_type) { ------------------ | Branch (1555:17): [True: 237, False: 28.6k] ------------------ 1556| | /* Be lazy, let packet_ask pull it out of the brigade */ 1557| 237| ret = _libssh2_packet_ask(session, packet_type, data, data_len, 1558| 237| match_ofs, match_buf, match_len); 1559| 237| state->start = 0; 1560| 237| return ret; 1561| 237| } 1562| 28.6k| else if(ret == 0) { ------------------ | Branch (1562:17): [True: 0, False: 28.6k] ------------------ 1563| | /* nothing available, wait until data arrives or we time out */ 1564| 0| long left = session->packet_read_timeout - (long)(time(NULL) - 1565| 0| state->start); 1566| | 1567| 0| if(left <= 0) { ------------------ | Branch (1567:16): [True: 0, False: 0] ------------------ 1568| 0| state->start = 0; 1569| 0| return LIBSSH2_ERROR_TIMEOUT; ------------------ | | 490| 0|#define LIBSSH2_ERROR_TIMEOUT (-9) ------------------ 1570| 0| } 1571| 0| return -1; /* no packet available yet */ 1572| 0| } 1573| 28.9k| } 1574| | 1575| | /* Only reached if the socket died */ 1576| 0| return LIBSSH2_ERROR_SOCKET_DISCONNECT; ------------------ | | 494| 0|#define LIBSSH2_ERROR_SOCKET_DISCONNECT (-13) ------------------ 1577| 274|} _libssh2_packet_burn: 1586| 2|{ 1587| 2| unsigned char *data; 1588| 2| size_t data_len; 1589| 2| unsigned char i, all_packets[255]; 1590| 2| int ret; 1591| | 1592| 2| if(*state == libssh2_NB_state_idle) { ------------------ | Branch (1592:8): [True: 2, False: 0] ------------------ 1593| 510| for(i = 1; i < 255; i++) { ------------------ | Branch (1593:20): [True: 508, False: 2] ------------------ 1594| 508| all_packets[i - 1] = i; 1595| 508| } 1596| 2| all_packets[254] = 0; 1597| | 1598| 2| if(_libssh2_packet_askv(session, all_packets, &data, &data_len, 0, ------------------ | Branch (1598:12): [True: 0, False: 2] ------------------ 1599| 2| NULL, 0) == 0) { 1600| 0| i = data[0]; 1601| | /* A packet was available in the packet brigade, burn it */ 1602| 0| LIBSSH2_FREE(session, data); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1603| 0| return i; 1604| 0| } 1605| | 1606| 2| _libssh2_debug((session, LIBSSH2_TRACE_TRANS, ------------------ | | 1090| 2|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 1607| 2| "Blocking until packet becomes available to burn")); 1608| 2| *state = libssh2_NB_state_created; 1609| 2| } 1610| | 1611| 636| while(session->socket_state == LIBSSH2_SOCKET_CONNECTED) { ------------------ | | 1096| 636|#define LIBSSH2_SOCKET_CONNECTED 0 ------------------ | Branch (1611:11): [True: 636, False: 0] ------------------ 1612| 636| ret = _libssh2_transport_read(session); 1613| 636| if(ret == LIBSSH2_ERROR_EAGAIN) { ------------------ | | 520| 636|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (1613:12): [True: 0, False: 636] ------------------ 1614| 0| return ret; 1615| 0| } 1616| 636| else if(ret < 0) { ------------------ | Branch (1616:17): [True: 2, False: 634] ------------------ 1617| 2| *state = libssh2_NB_state_idle; 1618| 2| return ret; 1619| 2| } 1620| 634| else if(ret == 0) { ------------------ | Branch (1620:17): [True: 42, False: 592] ------------------ 1621| | /* FIXME: this might busyloop */ 1622| 42| continue; 1623| 42| } 1624| | 1625| | /* Be lazy, let packet_ask pull it out of the brigade */ 1626| 592| if(_libssh2_packet_ask(session, (unsigned char)ret, &data, &data_len, ------------------ | Branch (1626:12): [True: 0, False: 592] ------------------ 1627| 592| 0, NULL, 0) == 0) { 1628| | /* Smoke 'em if you got 'em */ 1629| 0| LIBSSH2_FREE(session, data); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1630| 0| *state = libssh2_NB_state_idle; 1631| 0| return ret; 1632| 0| } 1633| 592| } 1634| | 1635| | /* Only reached if the socket died */ 1636| 0| return LIBSSH2_ERROR_SOCKET_DISCONNECT; ------------------ | | 494| 0|#define LIBSSH2_ERROR_SOCKET_DISCONNECT (-13) ------------------ 1637| 2|} packet.c:packet_x11_open: 279| 315|{ 280| 315| uint32_t failure_code = SSH_OPEN_CONNECT_FAILED; ------------------ | | 1174| 315|#define SSH_OPEN_CONNECT_FAILED 2 ------------------ 281| | /* 17 = packet_type(1) + channel(4) + reason(4) + descr(4) + lang(4) */ 282| 315| size_t packet_len = 17 + strlen(X11FwdUnAvil); ------------------ | | 397| 315|#define X11FwdUnAvil "X11 Forward Unavailable" ------------------ 283| 315| unsigned char *p; 284| 315| LIBSSH2_CHANNEL *channel = x11open_state->channel; 285| 315| int rc; 286| | 287| 315| if(x11open_state->state == libssh2_NB_state_idle) { ------------------ | Branch (287:8): [True: 315, False: 0] ------------------ 288| | 289| 315| size_t offset = strlen("x11") + 5; 290| 315| size_t temp_len = 0; 291| 315| unsigned char *temp_buf = NULL; 292| 315| struct string_buf buf; 293| 315| buf.data = data; 294| 315| buf.dataptr = buf.data; 295| 315| buf.len = datalen; 296| | 297| 315| if(datalen < offset + 12) { /* 3 * 4-byte */ ------------------ | Branch (297:12): [True: 315, False: 0] ------------------ 298| 315| _libssh2_error(session, LIBSSH2_ERROR_INVAL, ------------------ | | 517| 315|#define LIBSSH2_ERROR_INVAL (-34) ------------------ 299| 315| "unexpected data length"); 300| 315| failure_code = SSH_OPEN_CONNECT_FAILED; ------------------ | | 1174| 315|#define SSH_OPEN_CONNECT_FAILED 2 ------------------ 301| 315| goto x11_exit; 302| 315| } 303| | 304| 0| buf.dataptr += offset; 305| | 306| 0| if(_libssh2_get_u32(&buf, &(x11open_state->sender_channel))) { ------------------ | Branch (306:12): [True: 0, False: 0] ------------------ 307| 0| _libssh2_error(session, LIBSSH2_ERROR_INVAL, ------------------ | | 517| 0|#define LIBSSH2_ERROR_INVAL (-34) ------------------ 308| 0| "unexpected sender channel size"); 309| 0| failure_code = SSH_OPEN_CONNECT_FAILED; ------------------ | | 1174| 0|#define SSH_OPEN_CONNECT_FAILED 2 ------------------ 310| 0| goto x11_exit; 311| 0| } 312| 0| if(_libssh2_get_u32(&buf, &(x11open_state->initial_window_size))) { ------------------ | Branch (312:12): [True: 0, False: 0] ------------------ 313| 0| _libssh2_error(session, LIBSSH2_ERROR_INVAL, ------------------ | | 517| 0|#define LIBSSH2_ERROR_INVAL (-34) ------------------ 314| 0| "unexpected window size"); 315| 0| failure_code = SSH_OPEN_CONNECT_FAILED; ------------------ | | 1174| 0|#define SSH_OPEN_CONNECT_FAILED 2 ------------------ 316| 0| goto x11_exit; 317| 0| } 318| 0| if(_libssh2_get_u32(&buf, &(x11open_state->packet_size))) { ------------------ | Branch (318:12): [True: 0, False: 0] ------------------ 319| 0| _libssh2_error(session, LIBSSH2_ERROR_INVAL, ------------------ | | 517| 0|#define LIBSSH2_ERROR_INVAL (-34) ------------------ 320| 0| "unexpected packet size"); 321| 0| failure_code = SSH_OPEN_CONNECT_FAILED; ------------------ | | 1174| 0|#define SSH_OPEN_CONNECT_FAILED 2 ------------------ 322| 0| goto x11_exit; 323| 0| } 324| | 325| 0| if(_libssh2_get_string(&buf, &temp_buf, &temp_len)) { ------------------ | Branch (325:12): [True: 0, False: 0] ------------------ 326| 0| _libssh2_error(session, LIBSSH2_ERROR_INVAL, ------------------ | | 517| 0|#define LIBSSH2_ERROR_INVAL (-34) ------------------ 327| 0| "unexpected host size"); 328| 0| failure_code = SSH_OPEN_CONNECT_FAILED; ------------------ | | 1174| 0|#define SSH_OPEN_CONNECT_FAILED 2 ------------------ 329| 0| goto x11_exit; 330| 0| } 331| 0| x11open_state->shost_len = (uint32_t)temp_len; 332| 0| x11open_state->shost = LIBSSH2_ALLOC(session, ------------------ | | 232| 0| session->alloc(count, &(session)->abstract) ------------------ 333| 0| x11open_state->shost_len + 1); 334| 0| if(!x11open_state->shost) { ------------------ | Branch (334:12): [True: 0, False: 0] ------------------ 335| 0| _libssh2_error(session, LIBSSH2_ERROR_ALLOC, ------------------ | | 487| 0|#define LIBSSH2_ERROR_ALLOC (-6) ------------------ 336| 0| "Unable to allocate memory for shost"); 337| 0| failure_code = SSH_OPEN_CONNECT_FAILED; ------------------ | | 1174| 0|#define SSH_OPEN_CONNECT_FAILED 2 ------------------ 338| 0| goto x11_exit; 339| 0| } 340| 0| memcpy(x11open_state->shost, temp_buf, x11open_state->shost_len); 341| 0| x11open_state->shost[x11open_state->shost_len] = '\0'; 342| | 343| 0| if(_libssh2_get_u32(&buf, &(x11open_state->sport))) { ------------------ | Branch (343:12): [True: 0, False: 0] ------------------ 344| 0| _libssh2_error(session, LIBSSH2_ERROR_INVAL, ------------------ | | 517| 0|#define LIBSSH2_ERROR_INVAL (-34) ------------------ 345| 0| "unexpected port size"); 346| 0| failure_code = SSH_OPEN_CONNECT_FAILED; ------------------ | | 1174| 0|#define SSH_OPEN_CONNECT_FAILED 2 ------------------ 347| 0| goto x11_exit; 348| 0| } 349| | 350| 0| _libssh2_debug((session, LIBSSH2_TRACE_CONN, ------------------ | | 1090| 0|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 351| 0| "X11 Connection Received from %s:%u on channel %u", 352| 0| x11open_state->shost, x11open_state->sport, 353| 0| x11open_state->sender_channel)); 354| | 355| 0| x11open_state->state = libssh2_NB_state_allocated; 356| 0| } 357| | 358| 0| if(session->x11) { ------------------ | Branch (358:8): [True: 0, False: 0] ------------------ 359| 0| if(x11open_state->state == libssh2_NB_state_allocated) { ------------------ | Branch (359:12): [True: 0, False: 0] ------------------ 360| 0| channel = LIBSSH2_CALLOC(session, sizeof(LIBSSH2_CHANNEL)); ------------------ | | 233| 0|#define LIBSSH2_CALLOC(session, count) _libssh2_calloc(session, count) ------------------ 361| 0| if(!channel) { ------------------ | Branch (361:16): [True: 0, False: 0] ------------------ 362| 0| _libssh2_error(session, LIBSSH2_ERROR_ALLOC, ------------------ | | 487| 0|#define LIBSSH2_ERROR_ALLOC (-6) ------------------ 363| 0| "allocate a channel for new connection"); 364| 0| failure_code = SSH_OPEN_RESOURCE_SHORTAGE; ------------------ | | 1176| 0|#define SSH_OPEN_RESOURCE_SHORTAGE 4 ------------------ 365| 0| goto x11_exit; 366| 0| } 367| | 368| 0| channel->session = session; 369| 0| channel->channel_type_len = strlen("x11"); 370| 0| channel->channel_type = LIBSSH2_ALLOC(session, ------------------ | | 232| 0| session->alloc(count, &(session)->abstract) ------------------ 371| 0| channel->channel_type_len + 372| 0| 1); 373| 0| if(!channel->channel_type) { ------------------ | Branch (373:16): [True: 0, False: 0] ------------------ 374| 0| _libssh2_error(session, LIBSSH2_ERROR_ALLOC, ------------------ | | 487| 0|#define LIBSSH2_ERROR_ALLOC (-6) ------------------ 375| 0| "allocate a channel for new connection"); 376| 0| LIBSSH2_FREE(session, channel); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 377| 0| failure_code = SSH_OPEN_RESOURCE_SHORTAGE; ------------------ | | 1176| 0|#define SSH_OPEN_RESOURCE_SHORTAGE 4 ------------------ 378| 0| goto x11_exit; 379| 0| } 380| 0| memcpy(channel->channel_type, "x11", 381| 0| channel->channel_type_len + 1); 382| | 383| 0| channel->remote.id = x11open_state->sender_channel; 384| 0| channel->remote.window_size_initial = 385| 0| LIBSSH2_CHANNEL_WINDOW_DEFAULT; ------------------ | | 769| 0|#define LIBSSH2_CHANNEL_WINDOW_DEFAULT (2*1024*1024) ------------------ 386| 0| channel->remote.window_size = LIBSSH2_CHANNEL_WINDOW_DEFAULT; ------------------ | | 769| 0|#define LIBSSH2_CHANNEL_WINDOW_DEFAULT (2*1024*1024) ------------------ 387| 0| channel->remote.packet_size = LIBSSH2_CHANNEL_PACKET_DEFAULT; ------------------ | | 770| 0|#define LIBSSH2_CHANNEL_PACKET_DEFAULT 32768 ------------------ 388| | 389| 0| channel->local.id = _libssh2_channel_nextid(session); 390| 0| channel->local.window_size_initial = 391| 0| x11open_state->initial_window_size; 392| 0| channel->local.window_size = x11open_state->initial_window_size; 393| 0| channel->local.packet_size = x11open_state->packet_size; 394| | 395| 0| _libssh2_debug((session, LIBSSH2_TRACE_CONN, ------------------ | | 1090| 0|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 396| 0| "X11 Connection established: channel %u/%u " 397| 0| "win %u/%u packet %u/%u", 398| 0| channel->local.id, channel->remote.id, 399| 0| channel->local.window_size, 400| 0| channel->remote.window_size, 401| 0| channel->local.packet_size, 402| 0| channel->remote.packet_size)); 403| 0| p = x11open_state->packet; 404| 0| *(p++) = SSH_MSG_CHANNEL_OPEN_CONFIRMATION; ------------------ | | 1160| 0|#define SSH_MSG_CHANNEL_OPEN_CONFIRMATION 91 ------------------ 405| 0| _libssh2_store_u32(&p, channel->remote.id); 406| 0| _libssh2_store_u32(&p, channel->local.id); 407| 0| _libssh2_store_u32(&p, channel->remote.window_size_initial); 408| 0| _libssh2_store_u32(&p, channel->remote.packet_size); 409| | 410| 0| x11open_state->state = libssh2_NB_state_created; 411| 0| } 412| | 413| 0| if(x11open_state->state == libssh2_NB_state_created) { ------------------ | Branch (413:12): [True: 0, False: 0] ------------------ 414| 0| rc = _libssh2_transport_send(session, x11open_state->packet, 17, 415| 0| NULL, 0); 416| 0| if(rc == LIBSSH2_ERROR_EAGAIN) { ------------------ | | 520| 0|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (416:16): [True: 0, False: 0] ------------------ 417| 0| return rc; 418| 0| } 419| 0| else if(rc) { ------------------ | Branch (419:21): [True: 0, False: 0] ------------------ 420| 0| LIBSSH2_FREE(session, x11open_state->shost); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 421| 0| x11open_state->shost = NULL; 422| 0| x11open_state->state = libssh2_NB_state_idle; 423| 0| return _libssh2_error(session, LIBSSH2_ERROR_SOCKET_SEND, ------------------ | | 488| 0|#define LIBSSH2_ERROR_SOCKET_SEND (-7) ------------------ 424| 0| "Unable to send channel open " 425| 0| "confirmation"); 426| 0| } 427| | 428| | /* Link the channel into the session */ 429| 0| _libssh2_list_add(&session->channels, &channel->node); 430| | 431| | /* 432| | * Pass control to the callback, they may turn right around and 433| | * free the channel, or actually use it 434| | */ 435| 0| LIBSSH2_X11_OPEN(channel, (char *)x11open_state->shost, ------------------ | | 258| 0| channel->session->x11((channel)->session, channel, \ | | 259| 0| shost, sport, &(channel)->session->abstract) ------------------ 436| 0| x11open_state->sport); 437| | 438| 0| LIBSSH2_FREE(session, x11open_state->shost); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 439| 0| x11open_state->shost = NULL; 440| 0| x11open_state->state = libssh2_NB_state_idle; 441| 0| return 0; 442| 0| } 443| 0| } 444| 0| else 445| 0| failure_code = SSH_OPEN_RESOURCE_SHORTAGE; ------------------ | | 1176| 0|#define SSH_OPEN_RESOURCE_SHORTAGE 4 ------------------ 446| | /* fall-through */ 447| 315|x11_exit: 448| 315| LIBSSH2_FREE(session, x11open_state->shost); ------------------ | | 238| 315| session->free(ptr, &(session)->abstract) ------------------ 449| 315| x11open_state->shost = NULL; 450| | 451| 315| p = x11open_state->packet; 452| 315| *(p++) = SSH_MSG_CHANNEL_OPEN_FAILURE; ------------------ | | 1161| 315|#define SSH_MSG_CHANNEL_OPEN_FAILURE 92 ------------------ 453| 315| _libssh2_store_u32(&p, x11open_state->sender_channel); 454| 315| _libssh2_store_u32(&p, failure_code); 455| 315| _libssh2_store_str(&p, X11FwdUnAvil, strlen(X11FwdUnAvil)); ------------------ | | 397| 315|#define X11FwdUnAvil "X11 Forward Unavailable" ------------------ _libssh2_store_str(&p, X11FwdUnAvil, strlen(X11FwdUnAvil)); ------------------ | | 397| 315|#define X11FwdUnAvil "X11 Forward Unavailable" ------------------ 456| 315| _libssh2_htonu32(p, 0); 457| | 458| 315| rc = _libssh2_transport_send(session, x11open_state->packet, packet_len, 459| 315| NULL, 0); 460| 315| if(rc == LIBSSH2_ERROR_EAGAIN) { ------------------ | | 520| 315|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (460:8): [True: 0, False: 315] ------------------ 461| 0| return rc; 462| 0| } 463| 315| else if(rc) { ------------------ | Branch (463:13): [True: 0, False: 315] ------------------ 464| 0| x11open_state->state = libssh2_NB_state_idle; 465| 0| return _libssh2_error(session, rc, "Unable to send open failure"); 466| 0| } 467| 315| x11open_state->state = libssh2_NB_state_idle; 468| 315| return 0; 469| 315|} libssh2_session_init_ex: 427| 141|{ 428| 141| LIBSSH2_ALLOC_FUNC(*local_alloc) = libssh2_default_alloc; ------------------ | | 219| 141|#define LIBSSH2_ALLOC_FUNC(name) void (*(name)(size_t count, \ | | 220| 141| void **abstract)) ------------------ 429| 141| LIBSSH2_FREE_FUNC(*local_free) = libssh2_default_free; ------------------ | | 223| 141|#define LIBSSH2_FREE_FUNC(name) void ((name)(void *ptr, void **abstract)) ------------------ 430| 141| LIBSSH2_REALLOC_FUNC(*local_realloc) = libssh2_default_realloc; ------------------ | | 221| 141|#define LIBSSH2_REALLOC_FUNC(name) void (*(name)(void *ptr, size_t count, \ | | 222| 141| void **abstract)) ------------------ 431| 141| LIBSSH2_SESSION *session; 432| | 433| 141| if(my_alloc) { ------------------ | Branch (433:8): [True: 0, False: 141] ------------------ 434| 0| local_alloc = my_alloc; 435| 0| } 436| 141| if(my_free) { ------------------ | Branch (436:8): [True: 0, False: 141] ------------------ 437| 0| local_free = my_free; 438| 0| } 439| 141| if(my_realloc) { ------------------ | Branch (439:8): [True: 0, False: 141] ------------------ 440| 0| local_realloc = my_realloc; 441| 0| } 442| | 443| 141| session = local_alloc(sizeof(LIBSSH2_SESSION), &abstract); 444| 141| if(session) { ------------------ | Branch (444:8): [True: 141, False: 0] ------------------ 445| 141| memset(session, 0, sizeof(LIBSSH2_SESSION)); 446| 141| session->alloc = local_alloc; 447| 141| session->free = local_free; 448| 141| session->realloc = local_realloc; 449| 141| session->send = _libssh2_send; 450| 141| session->recv = _libssh2_recv; 451| 141| session->abstract = abstract; 452| 141| session->api_timeout = 0; /* timeout-free API by default */ 453| 141| session->api_block_mode = 1; /* blocking API by default */ 454| 141| session->state = LIBSSH2_STATE_INITIAL_KEX; ------------------ | | 946| 141|#define LIBSSH2_STATE_INITIAL_KEX 0x00000001 ------------------ 455| 141| session->fullpacket_required_type = 0; 456| 141| session->packet_read_timeout = LIBSSH2_DEFAULT_READ_TIMEOUT; ------------------ | | 1183| 141|#define LIBSSH2_DEFAULT_READ_TIMEOUT 60 /* generic timeout in seconds used when ------------------ 457| 141| session->flag.quote_paths = 1; /* default behavior is to quote paths 458| | for the scp subsystem */ 459| 141| session->kex = NULL; 460| 141| _libssh2_debug((session, LIBSSH2_TRACE_TRANS, ------------------ | | 1090| 141|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 461| 141| "New session resource allocated")); 462| 141| _libssh2_init_if_needed(); 463| 141| } 464| 141| return session; 465| 141|} _libssh2_wait_socket: 579| 1|{ 580| 1| int rc; 581| 1| int seconds_to_next; 582| 1| int dir; 583| 1| int has_timeout; 584| 1| long ms_to_next = 0; 585| 1| long elapsed_ms; 586| | 587| | /* since libssh2 often sets EAGAIN internally before this function is 588| | called, we can decrease some amount of confusion in user programs by 589| | resetting the error code in this function to reduce the risk of EAGAIN 590| | being stored as error when a blocking function has returned */ 591| 1| session->err_code = LIBSSH2_ERROR_NONE; ------------------ | | 474| 1|#define LIBSSH2_ERROR_NONE 0 ------------------ 592| | 593| 1| rc = libssh2_keepalive_send(session, &seconds_to_next); 594| 1| if(rc) ------------------ | Branch (594:8): [True: 0, False: 1] ------------------ 595| 0| return rc; 596| | 597| 1| ms_to_next = seconds_to_next * 1000; 598| | 599| | /* figure out what to wait for */ 600| 1| dir = libssh2_session_block_directions(session); 601| | 602| 1| if(!dir) { ------------------ | Branch (602:8): [True: 0, False: 1] ------------------ 603| 0| _libssh2_debug((session, LIBSSH2_TRACE_SOCKET, ------------------ | | 1090| 0|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 604| 0| "Nothing to wait for in wait_socket")); 605| | /* To avoid that we hang below just because there's nothing set to 606| | wait for, we timeout on 1 second to also avoid busy-looping 607| | during this condition */ 608| 0| ms_to_next = 1000; 609| 0| } 610| | 611| 1| if(session->api_timeout > 0 && ------------------ | Branch (611:8): [True: 0, False: 1] ------------------ 612| 0| (seconds_to_next == 0 || ms_to_next > session->api_timeout)) { ------------------ | Branch (612:9): [True: 0, False: 0] | Branch (612:33): [True: 0, False: 0] ------------------ 613| 0| time_t now = time(NULL); 614| 0| elapsed_ms = (long)(1000 * difftime(now, start_time)); 615| 0| if(elapsed_ms > session->api_timeout) { ------------------ | Branch (615:12): [True: 0, False: 0] ------------------ 616| 0| return _libssh2_error(session, LIBSSH2_ERROR_TIMEOUT, ------------------ | | 490| 0|#define LIBSSH2_ERROR_TIMEOUT (-9) ------------------ 617| 0| "API timeout expired"); 618| 0| } 619| 0| ms_to_next = (session->api_timeout - elapsed_ms); 620| 0| has_timeout = 1; 621| 0| } 622| 1| else if(ms_to_next > 0) { ------------------ | Branch (622:13): [True: 0, False: 1] ------------------ 623| 0| has_timeout = 1; 624| 0| } 625| 1| else 626| 1| has_timeout = 0; 627| | 628| 1|#ifdef HAVE_POLL 629| 1| { 630| 1| struct pollfd sockets[1]; 631| | 632| 1| sockets[0].fd = session->socket_fd; 633| 1| sockets[0].events = 0; 634| 1| sockets[0].revents = 0; 635| | 636| 1| if(dir & LIBSSH2_SESSION_BLOCK_INBOUND) ------------------ | | 439| 1|#define LIBSSH2_SESSION_BLOCK_INBOUND 0x0001 ------------------ | Branch (636:12): [True: 1, False: 0] ------------------ 637| 1| sockets[0].events |= POLLIN; 638| | 639| 1| if(dir & LIBSSH2_SESSION_BLOCK_OUTBOUND) ------------------ | | 440| 1|#define LIBSSH2_SESSION_BLOCK_OUTBOUND 0x0002 ------------------ | Branch (639:12): [True: 0, False: 1] ------------------ 640| 0| sockets[0].events |= POLLOUT; 641| | 642| 1| rc = poll(sockets, 1, has_timeout ? (int)ms_to_next : -1); ------------------ | Branch (642:31): [True: 0, False: 1] ------------------ 643| 1| } 644| |#else 645| | { 646| | fd_set rfd; 647| | fd_set wfd; 648| | fd_set *writefd = NULL; 649| | fd_set *readfd = NULL; 650| | struct timeval tv; 651| | 652| | tv.tv_sec = ms_to_next / 1000; 653| |#ifdef libssh2_usec_t 654| | tv.tv_usec = (libssh2_usec_t)((ms_to_next - tv.tv_sec * 1000) * 1000); 655| |#else 656| | tv.tv_usec = (ms_to_next - tv.tv_sec * 1000) * 1000; 657| |#endif 658| | 659| | if(dir & LIBSSH2_SESSION_BLOCK_INBOUND) { 660| | FD_ZERO(&rfd); 661| |#if defined(__GNUC__) || defined(__clang__) 662| |#pragma GCC diagnostic push 663| |#pragma GCC diagnostic ignored "-Wsign-conversion" 664| |#endif 665| | FD_SET(session->socket_fd, &rfd); 666| |#if defined(__GNUC__) || defined(__clang__) 667| |#pragma GCC diagnostic pop 668| |#endif 669| | readfd = &rfd; 670| | } 671| | 672| | if(dir & LIBSSH2_SESSION_BLOCK_OUTBOUND) { 673| | FD_ZERO(&wfd); 674| |#if defined(__GNUC__) || defined(__clang__) 675| |#pragma GCC diagnostic push 676| |#pragma GCC diagnostic ignored "-Wsign-conversion" 677| |#endif 678| | FD_SET(session->socket_fd, &wfd); 679| |#if defined(__GNUC__) || defined(__clang__) 680| |#pragma GCC diagnostic pop 681| |#endif 682| | writefd = &wfd; 683| | } 684| | 685| | rc = select((int)(session->socket_fd + 1), readfd, writefd, NULL, 686| | has_timeout ? &tv : NULL); 687| | } 688| |#endif 689| 1| if(rc == 0) { ------------------ | Branch (689:8): [True: 0, False: 1] ------------------ 690| 0| return _libssh2_error(session, LIBSSH2_ERROR_TIMEOUT, ------------------ | | 490| 0|#define LIBSSH2_ERROR_TIMEOUT (-9) ------------------ 691| 0| "Timed out waiting on socket"); 692| 0| } 693| 1| if(rc < 0) { ------------------ | Branch (693:8): [True: 0, False: 1] ------------------ 694| 0| int err; 695| |#ifdef _WIN32 696| | err = _libssh2_wsa2errno(); 697| |#else 698| 0| err = errno; 699| 0|#endif 700| | /* Profiling tools that use SIGPROF can cause EINTR responses. 701| | poll() / select() do not set any descriptor states on EINTR, 702| | but some fds may be ready, so the caller should try again */ 703| 0| if(err == EINTR) ------------------ | Branch (703:12): [True: 0, False: 0] ------------------ 704| 0| return 0; 705| | 706| 0| return _libssh2_error(session, LIBSSH2_ERROR_TIMEOUT, ------------------ | | 490| 0|#define LIBSSH2_ERROR_TIMEOUT (-9) ------------------ 707| 0| "Error waiting on socket"); 708| 0| } 709| | 710| 1| return 0; /* ready to try again */ 711| 1|} libssh2_session_handshake: 856| 141|{ 857| 141| int rc; 858| | 859| 141| BLOCK_ADJUST(rc, session, session_startup(session, sock)); ------------------ | | 56| 141| do { \ | | 57| 141| time_t entry_time = time(NULL); \ | | 58| 142| do { \ | | 59| 142| (rc) = (x); \ | | 60| 142| /* the order of the check below is important to properly \ | | 61| 142| deal with the case when the 'sess' is freed */ \ | | 62| 142| if(((rc) != LIBSSH2_ERROR_EAGAIN) || !(sess) || \ | | ------------------ | | | | 520| 142|#define LIBSSH2_ERROR_EAGAIN (-37) | | ------------------ | | | Branch (62:16): [True: 141, False: 1] | | | Branch (62:50): [True: 0, False: 1] | | ------------------ | | 63| 142| !(sess)->api_block_mode) \ | | ------------------ | | | Branch (63:16): [True: 0, False: 1] | | ------------------ | | 64| 142| break; \ | | 65| 142| (rc) = _libssh2_wait_socket(sess, entry_time); \ | | 66| 1| } while(!(rc)); \ | | ------------------ | | | Branch (66:17): [True: 1, False: 0] | | ------------------ | | 67| 141| } while(0) | | ------------------ | | | Branch (67:13): [Folded, False: 141] | | ------------------ ------------------ 860| | 861| 141| return rc; 862| 141|} libssh2_session_free: 1151| 141|{ 1152| 141| int rc; 1153| | 1154| 141| BLOCK_ADJUST(rc, session, session_free(session)); ------------------ | | 56| 141| do { \ | | 57| 141| time_t entry_time = time(NULL); \ | | 58| 141| do { \ | | 59| 141| (rc) = (x); \ | | 60| 141| /* the order of the check below is important to properly \ | | 61| 141| deal with the case when the 'sess' is freed */ \ | | 62| 141| if(((rc) != LIBSSH2_ERROR_EAGAIN) || !(sess) || \ | | ------------------ | | | | 520| 141|#define LIBSSH2_ERROR_EAGAIN (-37) | | ------------------ | | | Branch (62:16): [True: 141, False: 0] | | | Branch (62:50): [True: 0, False: 0] | | ------------------ | | 63| 141| !(sess)->api_block_mode) \ | | ------------------ | | | Branch (63:16): [True: 0, False: 0] | | ------------------ | | 64| 141| break; \ | | 65| 141| (rc) = _libssh2_wait_socket(sess, entry_time); \ | | 66| 0| } while(!(rc)); \ | | ------------------ | | | Branch (66:17): [True: 0, False: 0] | | ------------------ | | 67| 141| } while(0) | | ------------------ | | | Branch (67:13): [Folded, False: 141] | | ------------------ ------------------ 1155| | 1156| 141| return rc; 1157| 141|} libssh2_session_disconnect_ex: 1213| 3|{ 1214| 3| int rc; 1215| 3| session->state &= ~LIBSSH2_STATE_INITIAL_KEX; ------------------ | | 946| 3|#define LIBSSH2_STATE_INITIAL_KEX 0x00000001 ------------------ 1216| 3| session->state &= ~LIBSSH2_STATE_EXCHANGING_KEYS; ------------------ | | 947| 3|#define LIBSSH2_STATE_EXCHANGING_KEYS 0x00000002 ------------------ 1217| 3| BLOCK_ADJUST(rc, session, ------------------ | | 56| 3| do { \ | | 57| 3| time_t entry_time = time(NULL); \ | | 58| 3| do { \ | | 59| 3| (rc) = (x); \ | | 60| 3| /* the order of the check below is important to properly \ | | 61| 3| deal with the case when the 'sess' is freed */ \ | | 62| 3| if(((rc) != LIBSSH2_ERROR_EAGAIN) || !(sess) || \ | | ------------------ | | | | 520| 3|#define LIBSSH2_ERROR_EAGAIN (-37) | | ------------------ | | | Branch (62:16): [True: 3, False: 0] | | | Branch (62:50): [True: 0, False: 0] | | ------------------ | | 63| 3| !(sess)->api_block_mode) \ | | ------------------ | | | Branch (63:16): [True: 0, False: 0] | | ------------------ | | 64| 3| break; \ | | 65| 3| (rc) = _libssh2_wait_socket(sess, entry_time); \ | | 66| 0| } while(!(rc)); \ | | ------------------ | | | Branch (66:17): [True: 0, False: 0] | | ------------------ | | 67| 3| } while(0) | | ------------------ | | | Branch (67:13): [Folded, False: 3] | | ------------------ ------------------ 1218| 3| session_disconnect(session, reason, description, lang)); 1219| | 1220| 3| return rc; 1221| 3|} _libssh2_session_set_blocking: 1409| 141|{ 1410| 141| int bl = session->api_block_mode; 1411| 141| _libssh2_debug((session, LIBSSH2_TRACE_CONN, ------------------ | | 1090| 282|#define _libssh2_debug(x) _libssh2_debug_low x | | ------------------ | | | Branch (1090:46): [True: 141, False: 0] | | ------------------ ------------------ 1412| 141| "Setting blocking mode %s", blocking ? "ON" : "OFF")); 1413| 141| session->api_block_mode = blocking; 1414| | 1415| 141| return bl; 1416| 141|} libssh2_session_set_blocking: 1424| 141|{ 1425| 141| (void)_libssh2_session_set_blocking(session, blocking); 1426| 141|} libssh2_session_block_directions: 1879| 1|{ 1880| 1| return session->socket_block_directions; 1881| 1|} session.c:libssh2_default_alloc: 73| 31.1k|{ 74| 31.1k| (void)abstract; 75| 31.1k| return malloc(count); 76| 31.1k|} session.c:libssh2_default_free: 80| 31.4k|{ 81| 31.4k| (void)abstract; 82| 31.4k| free(ptr); 83| 31.4k|} session.c:session_startup: 714| 142|{ 715| 142| int rc; 716| | 717| 142| if(!session) { ------------------ | Branch (717:8): [True: 0, False: 142] ------------------ 718| 0| fprintf(stderr, "Session is NULL, error: %i\n", LIBSSH2_ERROR_PROTO); ------------------ | | 495| 0|#define LIBSSH2_ERROR_PROTO (-14) ------------------ 719| 0| return LIBSSH2_ERROR_PROTO; ------------------ | | 495| 0|#define LIBSSH2_ERROR_PROTO (-14) ------------------ 720| 0| } 721| | 722| 142| if(session->startup_state == libssh2_NB_state_idle) { ------------------ | Branch (722:8): [True: 141, False: 1] ------------------ 723| 141| _libssh2_debug((session, LIBSSH2_TRACE_TRANS, ------------------ | | 1090| 141|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 724| 141| "session_startup for socket %ld", (long)sock)); 725| 141| if(LIBSSH2_INVALID_SOCKET == sock) { ------------------ | | 137| 141|#define LIBSSH2_INVALID_SOCKET (-1) ------------------ | Branch (725:12): [True: 0, False: 141] ------------------ 726| | /* Did we forget something? */ 727| 0| return _libssh2_error(session, LIBSSH2_ERROR_BAD_SOCKET, ------------------ | | 528| 0|#define LIBSSH2_ERROR_BAD_SOCKET (-45) ------------------ 728| 0| "Bad socket provided"); 729| 0| } 730| 141| session->socket_fd = sock; 731| | 732| 141| session->socket_prev_blockstate = 733| 141| !get_socket_nonblocking(session->socket_fd); 734| | 735| 141| if(session->socket_prev_blockstate) { ------------------ | Branch (735:12): [True: 141, False: 0] ------------------ 736| | /* If in blocking state change to non-blocking */ 737| 141| rc = session_nonblock(session->socket_fd, 1); 738| 141| if(rc) { ------------------ | Branch (738:16): [True: 0, False: 141] ------------------ 739| 0| return _libssh2_error(session, rc, 740| 0| "Failed changing socket's " 741| 0| "blocking state to non-blocking"); 742| 0| } 743| 141| } 744| | 745| 141| session->startup_state = libssh2_NB_state_created; 746| 141| } 747| | 748| 142| if(session->startup_state == libssh2_NB_state_created) { ------------------ | Branch (748:8): [True: 141, False: 1] ------------------ 749| 141| rc = banner_send(session); 750| 141| if(rc == LIBSSH2_ERROR_EAGAIN) ------------------ | | 520| 141|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (750:12): [True: 0, False: 141] ------------------ 751| 0| return rc; 752| 141| else if(rc) { ------------------ | Branch (752:17): [True: 0, False: 141] ------------------ 753| 0| return _libssh2_error(session, rc, "Failed sending banner"); 754| 0| } 755| 141| session->startup_state = libssh2_NB_state_sent; 756| 141| session->banner_TxRx_state = libssh2_NB_state_idle; 757| 141| } 758| | 759| 142| if(session->startup_state == libssh2_NB_state_sent) { ------------------ | Branch (759:8): [True: 141, False: 1] ------------------ 760| 166| do { 761| 166| rc = banner_receive(session); 762| 166| if(rc == LIBSSH2_ERROR_EAGAIN) ------------------ | | 520| 166|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (762:16): [True: 0, False: 166] ------------------ 763| 0| return rc; 764| 166| else if(rc) ------------------ | Branch (764:21): [True: 2, False: 164] ------------------ 765| 2| return _libssh2_error(session, rc, "Failed getting banner"); 766| 166| } while(strncmp("SSH-", (const char *)session->remote.banner, 4)); ------------------ | Branch (766:17): [True: 25, False: 139] ------------------ 767| | 768| 139| session->startup_state = libssh2_NB_state_sent1; 769| 139| } 770| | 771| 140| if(session->startup_state == libssh2_NB_state_sent1) { ------------------ | Branch (771:8): [True: 140, False: 0] ------------------ 772| 140| rc = _libssh2_kex_exchange(session, 0, &session->startup_key_state); 773| 140| if(rc == LIBSSH2_ERROR_EAGAIN) ------------------ | | 520| 140|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (773:12): [True: 1, False: 139] ------------------ 774| 1| return rc; 775| 139| else if(rc) ------------------ | Branch (775:17): [True: 139, False: 0] ------------------ 776| 139| return _libssh2_error(session, rc, 777| 139| "Unable to exchange encryption keys"); 778| | 779| 0| session->startup_state = libssh2_NB_state_sent2; 780| 0| } 781| | 782| 0| if(session->startup_state == libssh2_NB_state_sent2) { ------------------ | Branch (782:8): [True: 0, False: 0] ------------------ 783| 0| _libssh2_debug((session, LIBSSH2_TRACE_TRANS, ------------------ | | 1090| 0|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 784| 0| "Requesting userauth service")); 785| | 786| | /* Request the userauth service */ 787| 0| session->startup_service[0] = SSH_MSG_SERVICE_REQUEST; ------------------ | | 1117| 0|#define SSH_MSG_SERVICE_REQUEST 5 ------------------ 788| 0| _libssh2_htonu32(session->startup_service + 1, 789| 0| sizeof("ssh-userauth") - 1); 790| 0| memcpy(session->startup_service + 5, "ssh-userauth", 791| 0| sizeof("ssh-userauth") - 1); 792| | 793| 0| session->startup_state = libssh2_NB_state_sent3; 794| 0| } 795| | 796| 0| if(session->startup_state == libssh2_NB_state_sent3) { ------------------ | Branch (796:8): [True: 0, False: 0] ------------------ 797| 0| rc = _libssh2_transport_send(session, session->startup_service, 798| 0| sizeof("ssh-userauth") + 5 - 1, NULL, 0); 799| 0| if(rc == LIBSSH2_ERROR_EAGAIN) ------------------ | | 520| 0|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (799:12): [True: 0, False: 0] ------------------ 800| 0| return rc; 801| 0| else if(rc) { ------------------ | Branch (801:17): [True: 0, False: 0] ------------------ 802| 0| return _libssh2_error(session, rc, 803| 0| "Unable to ask for ssh-userauth service"); 804| 0| } 805| | 806| 0| session->startup_state = libssh2_NB_state_sent4; 807| 0| } 808| | 809| 0| if(session->startup_state == libssh2_NB_state_sent4) { ------------------ | Branch (809:8): [True: 0, False: 0] ------------------ 810| 0| struct string_buf buf; 811| 0| rc = _libssh2_packet_require(session, SSH_MSG_SERVICE_ACCEPT, ------------------ | | 1118| 0|#define SSH_MSG_SERVICE_ACCEPT 6 ------------------ 812| 0| &session->startup_data, 813| 0| &session->startup_data_len, 0, NULL, 0, 814| 0| &session->startup_req_state); 815| 0| if(rc) ------------------ | Branch (815:12): [True: 0, False: 0] ------------------ 816| 0| return _libssh2_error(session, rc, 817| 0| "Failed to get response to " 818| 0| "ssh-userauth request"); 819| | 820| 0| buf.data = session->startup_data; 821| 0| buf.dataptr = buf.data; 822| 0| buf.len = session->startup_data_len; 823| | 824| | /* advance past packet type */ 825| 0| buf.dataptr++; 826| | 827| 0| if(_libssh2_match_string(&buf, "ssh-userauth")) { ------------------ | Branch (827:12): [True: 0, False: 0] ------------------ 828| 0| LIBSSH2_FREE(session, session->startup_data); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 829| 0| session->startup_data = NULL; 830| 0| return _libssh2_error(session, LIBSSH2_ERROR_PROTO, ------------------ | | 495| 0|#define LIBSSH2_ERROR_PROTO (-14) ------------------ 831| 0| "Invalid response received from server"); 832| 0| } 833| | 834| 0| session->startup_service_length = (sizeof("ssh-userauth") - 1); 835| | 836| 0| LIBSSH2_FREE(session, session->startup_data); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 837| 0| session->startup_data = NULL; 838| | 839| 0| session->startup_state = libssh2_NB_state_idle; 840| | 841| 0| return 0; 842| 0| } 843| | 844| | /* just for safety return some error */ 845| 0| return LIBSSH2_ERROR_INVAL; ------------------ | | 517| 0|#define LIBSSH2_ERROR_INVAL (-34) ------------------ 846| 0|} session.c:get_socket_nonblocking: 319| 141|{ /* operate on this */ 320| 141|#ifdef HAVE_O_NONBLOCK 321| | /* most recent unix versions */ 322| 141| int flags = fcntl(sockfd, F_GETFL, 0); 323| | 324| 141| if(flags == -1) { ------------------ | Branch (324:8): [True: 0, False: 141] ------------------ 325| | /* Assume blocking on error */ 326| 0| return 1; 327| 0| } 328| 141| return (flags & O_NONBLOCK); 329| |#elif defined(HAVE_SO_NONBLOCK) 330| | /* BeOS */ 331| | long b; 332| | if(getsockopt(sockfd, SOL_SOCKET, SO_NONBLOCK, &b, sizeof(b))) { 333| | /* Assume blocking on error */ 334| | return 1; 335| | } 336| | return (int)b; 337| |#elif defined(SO_STATE) && defined(__VMS) 338| | /* VMS TCP/IP Services */ 339| | 340| | size_t sockstat = 0; 341| | int callstat = 0; 342| | size_t size = sizeof(int); 343| | 344| | callstat = getsockopt(sockfd, SOL_SOCKET, SO_STATE, 345| | (char *)&sockstat, &size); 346| | if(callstat == -1) { 347| | return 0; 348| | } 349| | if((sockstat & SS_NBIO) != 0) { 350| | return 1; 351| | } 352| | return 0; 353| |#elif defined(_WIN32) 354| | unsigned int option_value; 355| | socklen_t option_len = sizeof(option_value); 356| | 357| | if(getsockopt(sockfd, SOL_SOCKET, SO_ERROR, 358| | (void *)&option_value, &option_len)) { 359| | /* Assume blocking on error */ 360| | return 1; 361| | } 362| | return (int)option_value; 363| |#else 364| | (void)sockfd; 365| | return 1; /* returns blocking */ 366| |#endif 367| 141|} session.c:session_nonblock: 280| 282|{ 281| 282|#ifdef HAVE_O_NONBLOCK 282| | /* most recent unix versions */ 283| 282| int flags; 284| | 285| 282| flags = fcntl(sockfd, F_GETFL, 0); 286| 282| if(nonblock) ------------------ | Branch (286:8): [True: 141, False: 141] ------------------ 287| 141| return fcntl(sockfd, F_SETFL, flags | O_NONBLOCK); 288| 141| else 289| 141| return fcntl(sockfd, F_SETFL, flags & (~O_NONBLOCK)); 290| |#elif defined(HAVE_FIONBIO) 291| | /* older unix versions and VMS */ 292| | int flags; 293| | 294| | flags = nonblock; 295| | return ioctl(sockfd, FIONBIO, &flags); 296| |#elif defined(HAVE_IOCTLSOCKET_CASE) 297| | /* presumably for Amiga */ 298| | return IoctlSocket(sockfd, FIONBIO, (long)nonblock); 299| |#elif defined(HAVE_SO_NONBLOCK) 300| | /* BeOS */ 301| | long b = nonblock ? 1 : 0; 302| | return setsockopt(sockfd, SOL_SOCKET, SO_NONBLOCK, &b, sizeof(b)); 303| |#elif defined(_WIN32) 304| | unsigned long flags; 305| | 306| | flags = nonblock; 307| | return ioctlsocket(sockfd, FIONBIO, &flags); 308| |#else 309| | (void)sockfd; 310| | (void)nonblock; 311| | return 0; /* returns success */ 312| |#endif 313| 282|} session.c:banner_send: 201| 141|{ 202| 141| const char *banner = LIBSSH2_SSH_DEFAULT_BANNER_WITH_CRLF; ------------------ | | 193| 141|#define LIBSSH2_SSH_DEFAULT_BANNER_WITH_CRLF LIBSSH2_SSH_DEFAULT_BANNER "\r\n" | | ------------------ | | | | 192| 141|#define LIBSSH2_SSH_DEFAULT_BANNER LIBSSH2_SSH_BANNER | | | | ------------------ | | | | | | 190| 141|#define LIBSSH2_SSH_BANNER "SSH-2.0-libssh2_" LIBSSH2_VERSION | | | | ------------------ | | ------------------ ------------------ 203| 141| size_t banner_len = sizeof(LIBSSH2_SSH_DEFAULT_BANNER_WITH_CRLF) - 1; ------------------ | | 193| 141|#define LIBSSH2_SSH_DEFAULT_BANNER_WITH_CRLF LIBSSH2_SSH_DEFAULT_BANNER "\r\n" | | ------------------ | | | | 192| 141|#define LIBSSH2_SSH_DEFAULT_BANNER LIBSSH2_SSH_BANNER | | | | ------------------ | | | | | | 190| 141|#define LIBSSH2_SSH_BANNER "SSH-2.0-libssh2_" LIBSSH2_VERSION | | | | ------------------ | | ------------------ ------------------ 204| 141| ssize_t ret; 205| | 206| 141| if(session->banner_TxRx_state == libssh2_NB_state_idle) { ------------------ | Branch (206:8): [True: 141, False: 0] ------------------ 207| 141| if(session->local.banner) { ------------------ | Branch (207:12): [True: 0, False: 141] ------------------ 208| | /* setopt_string will have given us our \r\n characters */ 209| 0| banner_len = strlen((char *)session->local.banner); 210| 0| banner = (char *)session->local.banner; 211| 0| } 212| 141|#ifdef LIBSSH2DEBUG 213| 141| { 214| 141| char banner_dup[256]; 215| | 216| | /* Hack and slash to avoid sending CRLF in debug output */ 217| 141| if(banner_len < 256) { ------------------ | Branch (217:16): [True: 141, False: 0] ------------------ 218| 141| memcpy(banner_dup, banner, banner_len - 2); 219| 141| banner_dup[banner_len - 2] = '\0'; 220| 141| } 221| 0| else { 222| 0| memcpy(banner_dup, banner, 255); 223| 0| banner_dup[255] = '\0'; 224| 0| } 225| | 226| 141| _libssh2_debug((session, LIBSSH2_TRACE_TRANS, ------------------ | | 1090| 141|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 227| 141| "Sending Banner: %s", banner_dup)); 228| 141| } 229| 141|#endif 230| | 231| 141| session->banner_TxRx_state = libssh2_NB_state_created; 232| 141| } 233| | 234| | /* no outgoing block yet! */ 235| 141| session->socket_block_directions &= ~LIBSSH2_SESSION_BLOCK_OUTBOUND; ------------------ | | 440| 141|#define LIBSSH2_SESSION_BLOCK_OUTBOUND 0x0002 ------------------ 236| | 237| 141| ret = LIBSSH2_SEND(session, ------------------ | | 286| 141| LIBSSH2_SEND_FD(session, (session)->socket_fd, buffer, length, flags) | | ------------------ | | | | 281| 282| ((session)->send)(fd, buffer, length, flags, &(session)->abstract) | | | | ------------------ | | | | | Branch (281:43): [True: 0, False: 141] | | | | ------------------ | | ------------------ ------------------ 238| 141| banner + session->banner_TxRx_total_send, 239| 141| banner_len - session->banner_TxRx_total_send, 240| 141| LIBSSH2_SOCKET_SEND_FLAGS(session)); 241| 141| if(ret < 0) ------------------ | Branch (241:8): [True: 0, False: 141] ------------------ 242| 0| _libssh2_debug((session, LIBSSH2_TRACE_SOCKET, ------------------ | | 1090| 0|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 243| 141| "Error sending %ld bytes: %ld", 244| 141| (long)(banner_len - session->banner_TxRx_total_send), 245| 141| (long)-ret)); 246| 141| else 247| 141| _libssh2_debug((session, LIBSSH2_TRACE_SOCKET, ------------------ | | 1090| 141|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 248| 141| "Sent %ld/%ld bytes at %p+%ld", (long)ret, 249| 141| (long)(banner_len - session->banner_TxRx_total_send), 250| 141| (const void *)banner, 251| 141| (long)session->banner_TxRx_total_send)); 252| | 253| 141| if(ret != (ssize_t)(banner_len - session->banner_TxRx_total_send)) { ------------------ | Branch (253:8): [True: 0, False: 141] ------------------ 254| 0| if(ret >= 0 || ret == -EAGAIN) { ------------------ | Branch (254:12): [True: 0, False: 0] | Branch (254:24): [True: 0, False: 0] ------------------ 255| | /* the whole packet could not be sent, save the what was */ 256| 0| session->socket_block_directions = LIBSSH2_SESSION_BLOCK_OUTBOUND; ------------------ | | 440| 0|#define LIBSSH2_SESSION_BLOCK_OUTBOUND 0x0002 ------------------ 257| 0| if(ret > 0) ------------------ | Branch (257:16): [True: 0, False: 0] ------------------ 258| 0| session->banner_TxRx_total_send += ret; 259| 0| return LIBSSH2_ERROR_EAGAIN; ------------------ | | 520| 0|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ 260| 0| } 261| 0| session->banner_TxRx_state = libssh2_NB_state_idle; 262| 0| session->banner_TxRx_total_send = 0; 263| 0| return LIBSSH2_ERROR_SOCKET_RECV; ------------------ | | 526| 0|#define LIBSSH2_ERROR_SOCKET_RECV (-43) ------------------ 264| 0| } 265| | 266| | /* Set the state back to idle */ 267| 141| session->banner_TxRx_state = libssh2_NB_state_idle; 268| 141| session->banner_TxRx_total_send = 0; 269| | 270| 141| return 0; 271| 141|} session.c:banner_receive: 99| 166|{ 100| 166| ssize_t ret; 101| 166| size_t banner_len; 102| | 103| 166| if(session->banner_TxRx_state == libssh2_NB_state_idle) { ------------------ | Branch (103:8): [True: 166, False: 0] ------------------ 104| 166| banner_len = 0; 105| | 106| 166| session->banner_TxRx_state = libssh2_NB_state_created; 107| 166| } 108| 0| else { 109| 0| banner_len = session->banner_TxRx_total_send; 110| 0| } 111| | 112| 198k| while((banner_len < sizeof(session->banner_TxRx_banner)) && ------------------ | Branch (112:11): [True: 198k, False: 24] ------------------ 113| 198k| ((banner_len == 0) || ------------------ | Branch (113:12): [True: 166, False: 198k] ------------------ 114| 198k| (session->banner_TxRx_banner[banner_len - 1] != '\n'))) { ------------------ | Branch (114:12): [True: 198k, False: 140] ------------------ 115| 198k| char c = '\0'; 116| | 117| | /* no incoming block yet! */ 118| 198k| session->socket_block_directions &= ~LIBSSH2_SESSION_BLOCK_INBOUND; ------------------ | | 439| 198k|#define LIBSSH2_SESSION_BLOCK_INBOUND 0x0001 ------------------ 119| | 120| 198k| ret = LIBSSH2_RECV(session, &c, 1, LIBSSH2_SOCKET_RECV_FLAGS(session)); ------------------ | | 288| 198k| LIBSSH2_RECV_FD(session, (session)->socket_fd, buffer, length, flags) | | ------------------ | | | | 283| 396k| ((session)->recv)(fd, buffer, length, flags, &(session)->abstract) | | | | ------------------ | | | | | Branch (283:43): [True: 0, False: 198k] | | | | ------------------ | | ------------------ ------------------ 121| 198k| if(ret < 0) { ------------------ | Branch (121:12): [True: 0, False: 198k] ------------------ 122| 0| if(session->api_block_mode || (ret != -EAGAIN)) ------------------ | Branch (122:16): [True: 0, False: 0] | Branch (122:43): [True: 0, False: 0] ------------------ 123| | /* ignore EAGAIN when non-blocking */ 124| 0| _libssh2_debug((session, LIBSSH2_TRACE_SOCKET, ------------------ | | 1090| 0|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 125| 0| "Error recving %d bytes: %ld", 1, (long)-ret)); 126| 0| } 127| 198k| else 128| 198k| _libssh2_debug((session, LIBSSH2_TRACE_SOCKET, ------------------ | | 1090| 198k|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 129| 198k| "Recved %ld bytes banner", (long)ret)); 130| | 131| 198k| if(ret < 0) { ------------------ | Branch (131:12): [True: 0, False: 198k] ------------------ 132| 0| if(ret == -EAGAIN) { ------------------ | Branch (132:16): [True: 0, False: 0] ------------------ 133| 0| session->socket_block_directions = 134| 0| LIBSSH2_SESSION_BLOCK_INBOUND; ------------------ | | 439| 0|#define LIBSSH2_SESSION_BLOCK_INBOUND 0x0001 ------------------ 135| 0| session->banner_TxRx_total_send = banner_len; 136| 0| return LIBSSH2_ERROR_EAGAIN; ------------------ | | 520| 0|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ 137| 0| } 138| | 139| | /* Some kinda error */ 140| 0| session->banner_TxRx_state = libssh2_NB_state_idle; 141| 0| session->banner_TxRx_total_send = 0; 142| 0| return LIBSSH2_ERROR_SOCKET_RECV; ------------------ | | 526| 0|#define LIBSSH2_ERROR_SOCKET_RECV (-43) ------------------ 143| 0| } 144| | 145| 198k| if(ret == 0) { ------------------ | Branch (145:12): [True: 2, False: 198k] ------------------ 146| 2| session->socket_state = LIBSSH2_SOCKET_DISCONNECTED; ------------------ | | 1097| 2|#define LIBSSH2_SOCKET_DISCONNECTED (-1) ------------------ 147| 2| return LIBSSH2_ERROR_SOCKET_DISCONNECT; ------------------ | | 494| 2|#define LIBSSH2_ERROR_SOCKET_DISCONNECT (-13) ------------------ 148| 2| } 149| | 150| 198k| if((c == '\r' || c == '\n') && banner_len == 0) { ------------------ | Branch (150:13): [True: 1, False: 198k] | Branch (150:26): [True: 140, False: 198k] | Branch (150:40): [True: 0, False: 141] ------------------ 151| 0| continue; 152| 0| } 153| | 154| 198k| if(c == '\0') { ------------------ | Branch (154:12): [True: 0, False: 198k] ------------------ 155| | /* NULLs are not allowed in SSH banners */ 156| 0| session->banner_TxRx_state = libssh2_NB_state_idle; 157| 0| session->banner_TxRx_total_send = 0; 158| 0| return LIBSSH2_ERROR_BANNER_RECV; ------------------ | | 483| 0|#define LIBSSH2_ERROR_BANNER_RECV (-2) ------------------ 159| 0| } 160| | 161| 198k| session->banner_TxRx_banner[banner_len++] = c; 162| 198k| } 163| | 164| 305| while(banner_len && ------------------ | Branch (164:11): [True: 305, False: 0] ------------------ 165| 305| ((session->banner_TxRx_banner[banner_len - 1] == '\n') || ------------------ | Branch (165:12): [True: 140, False: 165] ------------------ 166| 165| (session->banner_TxRx_banner[banner_len - 1] == '\r'))) { ------------------ | Branch (166:12): [True: 1, False: 164] ------------------ 167| 141| banner_len--; 168| 141| } 169| | 170| | /* From this point on, we are done here */ 171| 164| session->banner_TxRx_state = libssh2_NB_state_idle; 172| 164| session->banner_TxRx_total_send = 0; 173| | 174| 164| if(!banner_len) ------------------ | Branch (174:8): [True: 0, False: 164] ------------------ 175| 0| return LIBSSH2_ERROR_BANNER_RECV; ------------------ | | 483| 0|#define LIBSSH2_ERROR_BANNER_RECV (-2) ------------------ 176| | 177| 164| if(session->remote.banner) ------------------ | Branch (177:8): [True: 23, False: 141] ------------------ 178| 23| LIBSSH2_FREE(session, session->remote.banner); ------------------ | | 238| 187| session->free(ptr, &(session)->abstract) ------------------ 179| | 180| 164| session->remote.banner = LIBSSH2_ALLOC(session, banner_len + 1); ------------------ | | 232| 164| session->alloc(count, &(session)->abstract) ------------------ 181| 164| if(!session->remote.banner) { ------------------ | Branch (181:8): [True: 0, False: 164] ------------------ 182| 0| return _libssh2_error(session, LIBSSH2_ERROR_ALLOC, ------------------ | | 487| 0|#define LIBSSH2_ERROR_ALLOC (-6) ------------------ 183| 0| "Error allocating space for remote banner"); 184| 0| } 185| 164| memcpy(session->remote.banner, session->banner_TxRx_banner, banner_len); 186| 164| session->remote.banner[banner_len] = '\0'; 187| 164| _libssh2_debug((session, LIBSSH2_TRACE_TRANS, "Received Banner: %s", ------------------ | | 1090| 164|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 188| 164| session->remote.banner)); 189| 164| return LIBSSH2_ERROR_NONE; ------------------ | | 474| 164|#define LIBSSH2_ERROR_NONE 0 ------------------ 190| 164|} session.c:session_free: 886| 141|{ 887| 141| int rc; 888| 141| struct packet *pkg; 889| 141| LIBSSH2_CHANNEL *ch; 890| 141| LIBSSH2_LISTENER *l; 891| 141| int packets_left = 0; 892| | 893| 141| if(session->free_state == libssh2_NB_state_idle) { ------------------ | Branch (893:8): [True: 141, False: 0] ------------------ 894| 141| _libssh2_debug((session, LIBSSH2_TRACE_TRANS, ------------------ | | 1090| 141|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 895| 141| "Freeing session resource %p", 896| 141| (void *)session->remote.banner)); 897| | 898| 141| session->free_state = libssh2_NB_state_created; 899| 141| } 900| | 901| 141| if(session->free_state == libssh2_NB_state_created) { ------------------ | Branch (901:8): [True: 141, False: 0] ------------------ 902| | /* !checksrc! disable EQUALSNULL 1 */ 903| 141| while((ch = _libssh2_list_first(&session->channels)) != NULL) { ------------------ | Branch (903:15): [True: 0, False: 141] ------------------ 904| 0| rc = _libssh2_channel_free(ch); 905| 0| if(rc == LIBSSH2_ERROR_EAGAIN) ------------------ | | 520| 0|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (905:16): [True: 0, False: 0] ------------------ 906| 0| return rc; 907| 0| } 908| | 909| 141| session->free_state = libssh2_NB_state_sent; 910| 141| } 911| | 912| 141| if(session->free_state == libssh2_NB_state_sent) { ------------------ | Branch (912:8): [True: 141, False: 0] ------------------ 913| | /* !checksrc! disable EQUALSNULL 1 */ 914| 141| while((l = _libssh2_list_first(&session->listeners)) != NULL) { ------------------ | Branch (914:15): [True: 0, False: 141] ------------------ 915| 0| rc = _libssh2_channel_forward_cancel(l); 916| 0| if(rc == LIBSSH2_ERROR_EAGAIN) ------------------ | | 520| 0|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (916:16): [True: 0, False: 0] ------------------ 917| 0| return rc; 918| 0| } 919| | 920| 141| session->free_state = libssh2_NB_state_sent1; 921| 141| } 922| | 923| 141| if(session->kex && session->kex->cleanup) { ------------------ | Branch (923:8): [True: 121, False: 20] | Branch (923:24): [True: 121, False: 0] ------------------ 924| 121| session->kex->cleanup(session, 925| 121| &session->startup_key_state.key_state_low); 926| 121| } 927| | 928| 141| if(session->state & LIBSSH2_STATE_NEWKEYS) { ------------------ | | 948| 141|#define LIBSSH2_STATE_NEWKEYS 0x00000004 ------------------ | Branch (928:8): [True: 0, False: 141] ------------------ 929| | /* hostkey */ 930| 0| if(session->hostkey && session->hostkey->dtor) { ------------------ | Branch (930:12): [True: 0, False: 0] | Branch (930:32): [True: 0, False: 0] ------------------ 931| 0| session->hostkey->dtor(session, &session->server_hostkey_abstract); 932| 0| } 933| | 934| | /* Client to Server */ 935| | /* crypt */ 936| 0| if(session->local.crypt && session->local.crypt->dtor) { ------------------ | Branch (936:12): [True: 0, False: 0] | Branch (936:36): [True: 0, False: 0] ------------------ 937| 0| session->local.crypt->dtor(session, 938| 0| &session->local.crypt_abstract); 939| 0| } 940| | /* comp */ 941| 0| if(session->local.comp && session->local.comp->dtor) { ------------------ | Branch (941:12): [True: 0, False: 0] | Branch (941:35): [True: 0, False: 0] ------------------ 942| 0| session->local.comp->dtor(session, 1, 943| 0| &session->local.comp_abstract); 944| 0| } 945| | /* mac */ 946| 0| if(session->local.mac && session->local.mac->dtor) { ------------------ | Branch (946:12): [True: 0, False: 0] | Branch (946:34): [True: 0, False: 0] ------------------ 947| 0| session->local.mac->dtor(session, &session->local.mac_abstract); 948| 0| } 949| | 950| | /* Server to Client */ 951| | /* crypt */ 952| 0| if(session->remote.crypt && session->remote.crypt->dtor) { ------------------ | Branch (952:12): [True: 0, False: 0] | Branch (952:37): [True: 0, False: 0] ------------------ 953| 0| session->remote.crypt->dtor(session, 954| 0| &session->remote.crypt_abstract); 955| 0| } 956| | /* comp */ 957| 0| if(session->remote.comp && session->remote.comp->dtor) { ------------------ | Branch (957:12): [True: 0, False: 0] | Branch (957:36): [True: 0, False: 0] ------------------ 958| 0| session->remote.comp->dtor(session, 0, 959| 0| &session->remote.comp_abstract); 960| 0| } 961| | /* mac */ 962| 0| if(session->remote.mac && session->remote.mac->dtor) { ------------------ | Branch (962:12): [True: 0, False: 0] | Branch (962:35): [True: 0, False: 0] ------------------ 963| 0| session->remote.mac->dtor(session, &session->remote.mac_abstract); 964| 0| } 965| | 966| | /* session_id */ 967| 0| if(session->session_id) { ------------------ | Branch (967:12): [True: 0, False: 0] ------------------ 968| 0| LIBSSH2_FREE(session, session->session_id); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 969| 0| } 970| 0| } 971| | 972| | /* Free banner(s) */ 973| 141| if(session->remote.banner) { ------------------ | Branch (973:8): [True: 141, False: 0] ------------------ 974| 141| LIBSSH2_FREE(session, session->remote.banner); ------------------ | | 238| 141| session->free(ptr, &(session)->abstract) ------------------ 975| 141| } 976| 141| if(session->local.banner) { ------------------ | Branch (976:8): [True: 0, False: 141] ------------------ 977| 0| LIBSSH2_FREE(session, session->local.banner); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 978| 0| } 979| | 980| | /* Free preference(s) */ 981| 141| if(session->kex_prefs) { ------------------ | Branch (981:8): [True: 0, False: 141] ------------------ 982| 0| LIBSSH2_FREE(session, session->kex_prefs); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 983| 0| } 984| 141| if(session->hostkey_prefs) { ------------------ | Branch (984:8): [True: 0, False: 141] ------------------ 985| 0| LIBSSH2_FREE(session, session->hostkey_prefs); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 986| 0| } 987| | 988| 141| if(session->local.kexinit) { ------------------ | Branch (988:8): [True: 0, False: 141] ------------------ 989| 0| LIBSSH2_FREE(session, session->local.kexinit); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 990| 0| } 991| 141| if(session->local.crypt_prefs) { ------------------ | Branch (991:8): [True: 0, False: 141] ------------------ 992| 0| LIBSSH2_FREE(session, session->local.crypt_prefs); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 993| 0| } 994| 141| if(session->local.mac_prefs) { ------------------ | Branch (994:8): [True: 0, False: 141] ------------------ 995| 0| LIBSSH2_FREE(session, session->local.mac_prefs); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 996| 0| } 997| 141| if(session->local.comp_prefs) { ------------------ | Branch (997:8): [True: 0, False: 141] ------------------ 998| 0| LIBSSH2_FREE(session, session->local.comp_prefs); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 999| 0| } 1000| 141| if(session->local.lang_prefs) { ------------------ | Branch (1000:8): [True: 0, False: 141] ------------------ 1001| 0| LIBSSH2_FREE(session, session->local.lang_prefs); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1002| 0| } 1003| | 1004| 141| if(session->remote.kexinit) { ------------------ | Branch (1004:8): [True: 0, False: 141] ------------------ 1005| 0| LIBSSH2_FREE(session, session->remote.kexinit); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1006| 0| } 1007| 141| if(session->remote.crypt_prefs) { ------------------ | Branch (1007:8): [True: 0, False: 141] ------------------ 1008| 0| LIBSSH2_FREE(session, session->remote.crypt_prefs); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1009| 0| } 1010| 141| if(session->remote.mac_prefs) { ------------------ | Branch (1010:8): [True: 0, False: 141] ------------------ 1011| 0| LIBSSH2_FREE(session, session->remote.mac_prefs); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1012| 0| } 1013| 141| if(session->remote.comp_prefs) { ------------------ | Branch (1013:8): [True: 0, False: 141] ------------------ 1014| 0| LIBSSH2_FREE(session, session->remote.comp_prefs); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1015| 0| } 1016| 141| if(session->remote.lang_prefs) { ------------------ | Branch (1016:8): [True: 0, False: 141] ------------------ 1017| 0| LIBSSH2_FREE(session, session->remote.lang_prefs); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1018| 0| } 1019| 141| if(session->server_sign_algorithms) { ------------------ | Branch (1019:8): [True: 0, False: 141] ------------------ 1020| 0| LIBSSH2_FREE(session, session->server_sign_algorithms); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1021| 0| } 1022| 141| if(session->sign_algo_prefs) { ------------------ | Branch (1022:8): [True: 0, False: 141] ------------------ 1023| 0| LIBSSH2_FREE(session, session->sign_algo_prefs); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1024| 0| } 1025| | 1026| | /* 1027| | * Make sure all memory used in the state variables are free 1028| | */ 1029| 141| if(session->kexinit_data) { ------------------ | Branch (1029:8): [True: 0, False: 141] ------------------ 1030| 0| LIBSSH2_FREE(session, session->kexinit_data); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1031| 0| } 1032| 141| if(session->startup_data) { ------------------ | Branch (1032:8): [True: 0, False: 141] ------------------ 1033| 0| LIBSSH2_FREE(session, session->startup_data); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1034| 0| } 1035| 141| if(session->userauth_list_data) { ------------------ | Branch (1035:8): [True: 0, False: 141] ------------------ 1036| 0| LIBSSH2_FREE(session, session->userauth_list_data); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1037| 0| } 1038| 141| if(session->userauth_banner) { ------------------ | Branch (1038:8): [True: 0, False: 141] ------------------ 1039| 0| LIBSSH2_FREE(session, session->userauth_banner); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1040| 0| } 1041| 141| if(session->userauth_pswd_data) { ------------------ | Branch (1041:8): [True: 0, False: 141] ------------------ 1042| 0| LIBSSH2_FREE(session, session->userauth_pswd_data); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1043| 0| } 1044| 141| if(session->userauth_pswd_newpw) { ------------------ | Branch (1044:8): [True: 0, False: 141] ------------------ 1045| 0| LIBSSH2_FREE(session, session->userauth_pswd_newpw); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1046| 0| } 1047| 141| if(session->userauth_host_packet) { ------------------ | Branch (1047:8): [True: 0, False: 141] ------------------ 1048| 0| LIBSSH2_FREE(session, session->userauth_host_packet); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1049| 0| } 1050| 141| if(session->userauth_host_method) { ------------------ | Branch (1050:8): [True: 0, False: 141] ------------------ 1051| 0| LIBSSH2_FREE(session, session->userauth_host_method); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1052| 0| } 1053| 141| if(session->userauth_host_data) { ------------------ | Branch (1053:8): [True: 0, False: 141] ------------------ 1054| 0| LIBSSH2_FREE(session, session->userauth_host_data); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1055| 0| } 1056| 141| if(session->userauth_pblc_data) { ------------------ | Branch (1056:8): [True: 0, False: 141] ------------------ 1057| 0| LIBSSH2_FREE(session, session->userauth_pblc_data); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1058| 0| } 1059| 141| if(session->userauth_pblc_packet) { ------------------ | Branch (1059:8): [True: 0, False: 141] ------------------ 1060| 0| LIBSSH2_FREE(session, session->userauth_pblc_packet); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1061| 0| } 1062| 141| if(session->userauth_pblc_method) { ------------------ | Branch (1062:8): [True: 0, False: 141] ------------------ 1063| 0| LIBSSH2_FREE(session, session->userauth_pblc_method); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1064| 0| } 1065| 141| if(session->userauth_kybd_data) { ------------------ | Branch (1065:8): [True: 0, False: 141] ------------------ 1066| 0| LIBSSH2_FREE(session, session->userauth_kybd_data); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1067| 0| } 1068| 141| if(session->userauth_kybd_packet) { ------------------ | Branch (1068:8): [True: 0, False: 141] ------------------ 1069| 0| LIBSSH2_FREE(session, session->userauth_kybd_packet); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1070| 0| } 1071| 141| if(session->userauth_kybd_auth_instruction) { ------------------ | Branch (1071:8): [True: 0, False: 141] ------------------ 1072| 0| LIBSSH2_FREE(session, session->userauth_kybd_auth_instruction); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1073| 0| } 1074| 141| if(session->open_packet) { ------------------ | Branch (1074:8): [True: 0, False: 141] ------------------ 1075| 0| LIBSSH2_FREE(session, session->open_packet); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1076| 0| } 1077| 141| if(session->open_data) { ------------------ | Branch (1077:8): [True: 0, False: 141] ------------------ 1078| 0| LIBSSH2_FREE(session, session->open_data); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1079| 0| } 1080| 141| if(session->direct_message) { ------------------ | Branch (1080:8): [True: 0, False: 141] ------------------ 1081| 0| LIBSSH2_FREE(session, session->direct_message); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1082| 0| } 1083| 141| if(session->fwdLstn_packet) { ------------------ | Branch (1083:8): [True: 0, False: 141] ------------------ 1084| 0| LIBSSH2_FREE(session, session->fwdLstn_packet); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1085| 0| } 1086| 141| if(session->pkeyInit_data) { ------------------ | Branch (1086:8): [True: 0, False: 141] ------------------ 1087| 0| LIBSSH2_FREE(session, session->pkeyInit_data); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1088| 0| } 1089| 141| if(session->scpRecv_command) { ------------------ | Branch (1089:8): [True: 0, False: 141] ------------------ 1090| 0| LIBSSH2_FREE(session, session->scpRecv_command); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1091| 0| } 1092| 141| if(session->scpSend_command) { ------------------ | Branch (1092:8): [True: 0, False: 141] ------------------ 1093| 0| LIBSSH2_FREE(session, session->scpSend_command); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1094| 0| } 1095| 141| if(session->sftpInit_sftp) { ------------------ | Branch (1095:8): [True: 0, False: 141] ------------------ 1096| 0| LIBSSH2_FREE(session, session->sftpInit_sftp); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1097| 0| } 1098| | 1099| | /* Free payload buffer */ 1100| 141| if(session->packet.total_num) { ------------------ | Branch (1100:8): [True: 8, False: 133] ------------------ 1101| 8| LIBSSH2_FREE(session, session->packet.payload); ------------------ | | 238| 8| session->free(ptr, &(session)->abstract) ------------------ 1102| 8| } 1103| | 1104| | /* Cleanup all remaining packets */ 1105| | /* !checksrc! disable EQUALSNULL 1 */ 1106| 1.00k| while((pkg = _libssh2_list_first(&session->packets)) != NULL) { ------------------ | Branch (1106:11): [True: 867, False: 141] ------------------ 1107| 867| packets_left++; 1108| 867| _libssh2_debug((session, LIBSSH2_TRACE_TRANS, ------------------ | | 1090| 867|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 1109| 867| "packet left with id %d", pkg->data[0])); 1110| | /* unlink the node */ 1111| 867| _libssh2_list_remove(&pkg->node); 1112| | 1113| | /* free */ 1114| 867| LIBSSH2_FREE(session, pkg->data); ------------------ | | 238| 867| session->free(ptr, &(session)->abstract) ------------------ 1115| 867| LIBSSH2_FREE(session, pkg); ------------------ | | 238| 867| session->free(ptr, &(session)->abstract) ------------------ 1116| 867| } 1117| 141| (void)packets_left; 1118| 141| _libssh2_debug((session, LIBSSH2_TRACE_TRANS, ------------------ | | 1090| 141|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 1119| 141| "Extra packets left %d", packets_left)); 1120| | 1121| 141| if(session->socket_prev_blockstate) { ------------------ | Branch (1121:8): [True: 141, False: 0] ------------------ 1122| | /* if the socket was previously blocking, put it back so */ 1123| 141| rc = session_nonblock(session->socket_fd, 0); 1124| 141| if(rc) { ------------------ | Branch (1124:12): [True: 0, False: 141] ------------------ 1125| 0| _libssh2_debug((session, LIBSSH2_TRACE_TRANS, ------------------ | | 1090| 0|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 1126| 0| "unable to reset socket's blocking state")); 1127| 0| } 1128| 141| } 1129| | 1130| 141| if(session->server_hostkey) { ------------------ | Branch (1130:8): [True: 1, False: 140] ------------------ 1131| 1| LIBSSH2_FREE(session, session->server_hostkey); ------------------ | | 238| 1| session->free(ptr, &(session)->abstract) ------------------ 1132| 1| } 1133| | 1134| | /* error string */ 1135| 141| if(session->err_msg && ------------------ | Branch (1135:8): [True: 141, False: 0] ------------------ 1136| 141| ((session->err_flags & LIBSSH2_ERR_FLAG_DUP) != 0)) { ------------------ | | 1109| 141|#define LIBSSH2_ERR_FLAG_DUP 1 ------------------ | Branch (1136:8): [True: 0, False: 141] ------------------ 1137| 0| LIBSSH2_FREE(session, (char *)LIBSSH2_UNCONST(session->err_msg)); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 1138| 0| } 1139| | 1140| 141| LIBSSH2_FREE(session, session); ------------------ | | 238| 141| session->free(ptr, &(session)->abstract) ------------------ 1141| | 1142| 141| return 0; 1143| 141|} session.c:session_disconnect: 1162| 3|{ 1163| 3| unsigned char *s; 1164| 3| size_t descr_len = 0, lang_len = 0; 1165| 3| int rc; 1166| | 1167| 3| if(session->disconnect_state == libssh2_NB_state_idle) { ------------------ | Branch (1167:8): [True: 3, False: 0] ------------------ 1168| 3| _libssh2_debug((session, LIBSSH2_TRACE_TRANS, ------------------ | | 1090| 3|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 1169| 3| "Disconnecting: reason=%d, desc=%s, lang=%s", reason, 1170| 3| description, lang)); 1171| 3| if(description) ------------------ | Branch (1171:12): [True: 3, False: 0] ------------------ 1172| 3| descr_len = strlen(description); 1173| | 1174| 3| if(lang) ------------------ | Branch (1174:12): [True: 3, False: 0] ------------------ 1175| 3| lang_len = strlen(lang); 1176| | 1177| 3| if(descr_len > 256) ------------------ | Branch (1177:12): [True: 0, False: 3] ------------------ 1178| 0| return _libssh2_error(session, LIBSSH2_ERROR_INVAL, ------------------ | | 517| 0|#define LIBSSH2_ERROR_INVAL (-34) ------------------ 1179| 0| "too long description"); 1180| | 1181| 3| if(lang_len > 256) ------------------ | Branch (1181:12): [True: 0, False: 3] ------------------ 1182| 0| return _libssh2_error(session, LIBSSH2_ERROR_INVAL, ------------------ | | 517| 0|#define LIBSSH2_ERROR_INVAL (-34) ------------------ 1183| 0| "too long language string"); 1184| | 1185| | /* 13 = packet_type(1) + reason code(4) + descr_len(4) + lang_len(4) */ 1186| 3| session->disconnect_data_len = descr_len + lang_len + 13; 1187| | 1188| 3| s = session->disconnect_data; 1189| | 1190| 3| *(s++) = SSH_MSG_DISCONNECT; ------------------ | | 1113| 3|#define SSH_MSG_DISCONNECT 1 ------------------ 1191| 3| _libssh2_store_u32(&s, reason); 1192| 3| _libssh2_store_str(&s, description, descr_len); 1193| | /* store length only, lang is sent separately */ 1194| 3| _libssh2_store_u32(&s, (uint32_t)lang_len); 1195| | 1196| 3| session->disconnect_state = libssh2_NB_state_created; 1197| 3| } 1198| | 1199| 3| rc = _libssh2_transport_send(session, session->disconnect_data, 1200| 3| session->disconnect_data_len, 1201| 3| (const unsigned char *)lang, lang_len); 1202| 3| if(rc == LIBSSH2_ERROR_EAGAIN) ------------------ | | 520| 3|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (1202:8): [True: 0, False: 3] ------------------ 1203| 0| return rc; 1204| | 1205| 3| session->disconnect_state = libssh2_NB_state_idle; 1206| | 1207| 3| return 0; 1208| 3|} _libssh2_transport_read: 369| 29.5k|{ 370| 29.5k| int rc; 371| 29.5k| struct transportpacket *p = &session->packet; 372| 29.5k| ssize_t remainpack; /* how much there is left to add to the current payload 373| | package */ 374| 29.5k| ssize_t remainbuf; /* how much data there is remaining in the buffer to 375| | deal with before we should read more from the 376| | network */ 377| 29.5k| ssize_t numbytes; /* how much data to deal with from the buffer on this 378| | iteration through the loop */ 379| 29.5k| ssize_t numdecrypt; /* number of bytes to decrypt this iteration */ 380| 29.5k| unsigned char block[MAX_BLOCKSIZE]; /* working block buffer */ 381| 29.5k| int blocksize; /* minimum number of bytes we need before we can 382| | use them */ 383| 29.5k| int encrypted = 1; /* whether the packet is encrypted or not */ 384| 29.5k| int firstlast = FIRST_BLOCK; /* if the first or last block to decrypt */ ------------------ | | 1058| 29.5k|#define FIRST_BLOCK 1 ------------------ 385| 29.5k| unsigned int auth_len = 0; /* length of the authentication tag */ 386| 29.5k| const struct mac_method *remote_mac = NULL; /* The remote MAC, if used */ 387| | 388| 29.5k| block[4] = 0; 389| | 390| | /* default clear the bit */ 391| 29.5k| session->socket_block_directions &= ~LIBSSH2_SESSION_BLOCK_INBOUND; ------------------ | | 439| 29.5k|#define LIBSSH2_SESSION_BLOCK_INBOUND 0x0001 ------------------ 392| | 393| | /* 394| | * All channels, systems, subsystems, etc eventually make it down here 395| | * when looking for more incoming data. If a key exchange is going on 396| | * (LIBSSH2_STATE_EXCHANGING_KEYS bit is set) then the remote end will 397| | * ONLY send key exchange related traffic. In non-blocking mode, there is 398| | * a chance to break out of the kex_exchange function with an EAGAIN 399| | * status, and never come back to it. If LIBSSH2_STATE_EXCHANGING_KEYS is 400| | * active, then we must redirect to the key exchange. However, if 401| | * kex_exchange is active (as in it is the one that calls this execution 402| | * of packet_read, then don't redirect, as that would be an infinite loop! 403| | */ 404| | 405| 29.5k| if(session->state & LIBSSH2_STATE_EXCHANGING_KEYS && ------------------ | | 947| 59.1k|#define LIBSSH2_STATE_EXCHANGING_KEYS 0x00000002 ------------------ | Branch (405:8): [True: 28.9k, False: 632] ------------------ 406| 28.9k| !(session->state & LIBSSH2_STATE_KEX_ACTIVE)) { ------------------ | | 950| 28.9k|#define LIBSSH2_STATE_KEX_ACTIVE 0x00000010 ------------------ | Branch (406:8): [True: 0, False: 28.9k] ------------------ 407| | 408| | /* Whoever wants a packet won't get anything until the key re-exchange 409| | * is done! 410| | */ 411| 0| _libssh2_debug((session, LIBSSH2_TRACE_TRANS, "Redirecting into the" ------------------ | | 1090| 0|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 412| 0| " key re-exchange from _libssh2_transport_read")); 413| 0| rc = _libssh2_kex_exchange(session, 1, &session->startup_key_state); 414| 0| if(rc) ------------------ | Branch (414:12): [True: 0, False: 0] ------------------ 415| 0| return rc; 416| 0| } 417| | 418| | /* 419| | * =============================== NOTE =============================== 420| | * I know this is very ugly and not a really good use of "goto", but 421| | * this case statement would be even uglier to do it any other way 422| | */ 423| 29.5k| if(session->readPack_state == libssh2_NB_state_jump1) { ------------------ | Branch (423:8): [True: 0, False: 29.5k] ------------------ 424| 0| session->readPack_state = libssh2_NB_state_idle; 425| 0| encrypted = session->readPack_encrypted; 426| 0| goto libssh2_transport_read_point1; 427| 0| } 428| | 429| 29.5k| do { 430| 29.5k| int etm; 431| 29.5k| if(session->socket_state == LIBSSH2_SOCKET_DISCONNECTED) { ------------------ | | 1097| 29.5k|#define LIBSSH2_SOCKET_DISCONNECTED (-1) ------------------ | Branch (431:12): [True: 0, False: 29.5k] ------------------ 432| 0| return LIBSSH2_ERROR_SOCKET_DISCONNECT; ------------------ | | 494| 0|#define LIBSSH2_ERROR_SOCKET_DISCONNECT (-13) ------------------ 433| 0| } 434| | 435| 29.5k| if(session->state & LIBSSH2_STATE_NEWKEYS) { ------------------ | | 948| 29.5k|#define LIBSSH2_STATE_NEWKEYS 0x00000004 ------------------ | Branch (435:12): [True: 0, False: 29.5k] ------------------ 436| 0| blocksize = session->remote.crypt->blocksize; 437| 0| } 438| 29.5k| else { 439| 29.5k| encrypted = 0; /* not encrypted */ 440| 29.5k| blocksize = 5; /* not strictly true, but we can use 5 here to 441| | make the checks below work fine still */ 442| 29.5k| } 443| | 444| 29.5k| if(encrypted) { ------------------ | Branch (444:12): [True: 0, False: 29.5k] ------------------ 445| 0| if(CRYPT_FLAG_R(session, REQUIRES_FULL_PACKET)) { ------------------ | | 1054| 0| ((session)->remote.crypt && \ | | ------------------ | | | Branch (1054:6): [True: 0, False: 0] | | ------------------ | | 1055| 0| ((session)->remote.crypt->flags & LIBSSH2_CRYPT_FLAG_##flag)) | | ------------------ | | | | 1045| 0|#define LIBSSH2_CRYPT_FLAG_REQUIRES_FULL_PACKET 4 | | ------------------ | | | Branch (1055:6): [True: 0, False: 0] | | ------------------ ------------------ 446| 0| auth_len = session->remote.crypt->auth_len; 447| 0| } 448| 0| else { 449| 0| remote_mac = session->remote.mac; 450| 0| } 451| 0| } 452| | 453| 29.5k| etm = encrypted && remote_mac ? remote_mac->etm : 0; ------------------ | Branch (453:15): [True: 0, False: 29.5k] | Branch (453:28): [True: 0, False: 0] ------------------ 454| | 455| | /* read/use a whole big chunk into a temporary area stored in 456| | the LIBSSH2_SESSION struct. We will decrypt data from that 457| | buffer into the packet buffer so this temp one doesn't have 458| | to be able to keep a whole SSH packet, just be large enough 459| | so that we can read big chunks from the network layer. */ 460| | 461| | /* how much data there is remaining in the buffer to deal with 462| | before we should read more from the network */ 463| 29.5k| remainbuf = p->writeidx - p->readidx; 464| | 465| | /* if remainbuf turns negative we have a bad internal error */ 466| 29.5k| assert(remainbuf >= 0); ------------------ | Branch (466:9): [True: 0, False: 29.5k] | Branch (466:9): [True: 29.5k, False: 0] ------------------ 467| | 468| 29.5k| if(remainbuf < blocksize || ------------------ | Branch (468:12): [True: 177, False: 29.4k] ------------------ 469| 29.4k| (CRYPT_FLAG_R(session, REQUIRES_FULL_PACKET) && ------------------ | | 1054| 58.8k| ((session)->remote.crypt && \ | | ------------------ | | | Branch (1054:6): [True: 3.62k, False: 25.7k] | | ------------------ | | 1055| 58.8k| ((session)->remote.crypt->flags & LIBSSH2_CRYPT_FLAG_##flag)) | | ------------------ | | | | 1045| 3.62k|#define LIBSSH2_CRYPT_FLAG_REQUIRES_FULL_PACKET 4 | | ------------------ | | | Branch (1055:6): [True: 1, False: 3.62k] | | ------------------ ------------------ 470| 177| ((ssize_t)p->total_num) > remainbuf)) { ------------------ | Branch (470:13): [True: 0, False: 1] ------------------ 471| | /* If we have less than a blocksize left, it is too 472| | little data to deal with, read more */ 473| 177| ssize_t nread; 474| | 475| | /* move any remainder to the start of the buffer so 476| | that we can do a full refill */ 477| 177| if(remainbuf) { ------------------ | Branch (477:16): [True: 5, False: 172] ------------------ 478| 5| memmove(p->buf, &p->buf[p->readidx], remainbuf); 479| 5| p->readidx = 0; 480| 5| p->writeidx = remainbuf; 481| 5| } 482| 172| else { 483| | /* nothing to move, just zero the indexes */ 484| 172| p->readidx = p->writeidx = 0; 485| 172| } 486| | 487| | /* now read a big chunk from the network into the temp buffer */ 488| 177| nread = LIBSSH2_RECV(session, &p->buf[remainbuf], ------------------ | | 288| 177| LIBSSH2_RECV_FD(session, (session)->socket_fd, buffer, length, flags) | | ------------------ | | | | 283| 354| ((session)->recv)(fd, buffer, length, flags, &(session)->abstract) | | | | ------------------ | | | | | Branch (283:43): [True: 0, False: 177] | | | | ------------------ | | ------------------ ------------------ 489| 177| PACKETBUFSIZE - remainbuf, 490| 177| LIBSSH2_SOCKET_RECV_FLAGS(session)); 491| 177| if(nread <= 0) { ------------------ | Branch (491:16): [True: 9, False: 168] ------------------ 492| | /* check if this is due to EAGAIN and return the special 493| | return code if so, error out normally otherwise */ 494| 9| if((nread < 0) && (nread == -EAGAIN)) { ------------------ | Branch (494:20): [True: 0, False: 9] | Branch (494:35): [True: 0, False: 0] ------------------ 495| 0| session->socket_block_directions |= 496| 0| LIBSSH2_SESSION_BLOCK_INBOUND; ------------------ | | 439| 0|#define LIBSSH2_SESSION_BLOCK_INBOUND 0x0001 ------------------ 497| 0| return LIBSSH2_ERROR_EAGAIN; ------------------ | | 520| 0|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ 498| 0| } 499| 9| _libssh2_debug((session, LIBSSH2_TRACE_SOCKET, ------------------ | | 1090| 9|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 500| 9| "Error recving %ld bytes (got %ld)", 501| 9| (long)(PACKETBUFSIZE - remainbuf), 502| 9| (long)-nread)); 503| 9| return LIBSSH2_ERROR_SOCKET_RECV; ------------------ | | 526| 9|#define LIBSSH2_ERROR_SOCKET_RECV (-43) ------------------ 504| 9| } 505| 168| _libssh2_debug((session, LIBSSH2_TRACE_SOCKET, ------------------ | | 1090| 168|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 506| 168| "Recved %ld/%ld bytes to %p+%ld", (long)nread, 507| 168| (long)(PACKETBUFSIZE - remainbuf), (void *)p->buf, 508| 168| (long)remainbuf)); 509| | 510| 168| debugdump(session, "libssh2_transport_read() raw", 511| 168| &p->buf[remainbuf], nread); 512| | /* advance write pointer */ 513| 168| p->writeidx += nread; 514| | 515| | /* update remainbuf counter */ 516| 168| remainbuf = p->writeidx - p->readidx; 517| 168| } 518| | 519| | /* how much data to deal with from the buffer */ 520| 29.5k| numbytes = remainbuf; 521| | 522| 29.5k| if(!p->total_num) { ------------------ | Branch (522:12): [True: 29.5k, False: 24] ------------------ 523| 29.5k| size_t total_num; /* the number of bytes following the initial 524| | (5 bytes) packet length and padding length 525| | fields */ 526| | 527| | /* packet length is not encrypted in encode-then-mac mode 528| | and we do not need to decrypt first block */ 529| 29.5k| ssize_t required_size = etm ? 4 : blocksize; ------------------ | Branch (529:37): [True: 0, False: 29.5k] ------------------ 530| | 531| | /* No payload package area allocated yet. To know the 532| | size of this payload, we need enough to decrypt the first 533| | blocksize data. */ 534| | 535| 29.5k| if(numbytes < required_size) { ------------------ | Branch (535:16): [True: 1, False: 29.5k] ------------------ 536| | /* we cannot act on anything less than blocksize, but this 537| | check is only done for the initial block since once we have 538| | got the start of a block we can in fact deal with fractions 539| | */ 540| 1| session->socket_block_directions |= 541| 1| LIBSSH2_SESSION_BLOCK_INBOUND; ------------------ | | 439| 1|#define LIBSSH2_SESSION_BLOCK_INBOUND 0x0001 ------------------ 542| 1| return LIBSSH2_ERROR_EAGAIN; ------------------ | | 520| 1|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ 543| 1| } 544| | 545| 29.5k| if(etm) { ------------------ | Branch (545:16): [True: 0, False: 29.5k] ------------------ 546| | /* etm size field is not encrypted */ 547| 0| memcpy(block, &p->buf[p->readidx], 4); 548| 0| memcpy(p->init, &p->buf[p->readidx], 4); 549| 0| } 550| 29.5k| else if(encrypted && session->remote.crypt->get_len) { ------------------ | Branch (550:21): [True: 0, False: 29.5k] | Branch (550:34): [True: 0, False: 0] ------------------ 551| 0| unsigned int len = 0; 552| 0| unsigned char *ptr = NULL; 553| | 554| 0| rc = session->remote.crypt->get_len(session, 555| 0| session->remote.seqno, 556| 0| &p->buf[p->readidx], 557| 0| numbytes, 558| 0| &len, 559| 0| &session->remote.crypt_abstract); 560| | 561| 0| if(rc != LIBSSH2_ERROR_NONE) { ------------------ | | 474| 0|#define LIBSSH2_ERROR_NONE 0 ------------------ | Branch (561:20): [True: 0, False: 0] ------------------ 562| 0| p->total_num = 0; /* no packet buffer available */ 563| 0| if(p->payload) ------------------ | Branch (563:24): [True: 0, False: 0] ------------------ 564| 0| LIBSSH2_FREE(session, p->payload); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 565| 0| p->payload = NULL; 566| 0| return rc; 567| 0| } 568| | 569| | /* store size in buffers for use below */ 570| 0| ptr = &block[0]; 571| 0| _libssh2_store_u32(&ptr, len); 572| | 573| 0| ptr = &p->init[0]; 574| 0| _libssh2_store_u32(&ptr, len); 575| 0| } 576| 29.5k| else { 577| 29.5k| if(encrypted) { ------------------ | Branch (577:20): [True: 0, False: 29.5k] ------------------ 578| | /* first decrypted block */ 579| 0| rc = decrypt(session, &p->buf[p->readidx], 580| 0| block, blocksize, FIRST_BLOCK); ------------------ | | 1058| 0|#define FIRST_BLOCK 1 ------------------ 581| 0| if(rc != LIBSSH2_ERROR_NONE) { ------------------ | | 474| 0|#define LIBSSH2_ERROR_NONE 0 ------------------ | Branch (581:24): [True: 0, False: 0] ------------------ 582| 0| return rc; 583| 0| } 584| | /* Save the first 5 bytes of the decrypted package, to be 585| | used in the hash calculation later down. 586| | This is ignored in the INTEGRATED_MAC case. */ 587| 0| memcpy(p->init, block, 5); 588| 0| } 589| 29.5k| else { 590| | /* the data is plain, just copy it verbatim to 591| | the working block buffer */ 592| 29.5k| memcpy(block, &p->buf[p->readidx], blocksize); 593| 29.5k| } 594| | 595| | /* advance the read pointer */ 596| 29.5k| p->readidx += blocksize; 597| | 598| | /* we now have the initial blocksize bytes decrypted, 599| | * and we can extract packet and padding length from it 600| | */ 601| 29.5k| p->packet_length = _libssh2_ntohu32(block); 602| 29.5k| } 603| | 604| 29.5k| if(!encrypted || !CRYPT_FLAG_R(session, REQUIRES_FULL_PACKET)) { ------------------ | | 1054| 0| ((session)->remote.crypt && \ | | ------------------ | | | Branch (1054:6): [True: 0, False: 0] | | ------------------ | | 1055| 0| ((session)->remote.crypt->flags & LIBSSH2_CRYPT_FLAG_##flag)) | | ------------------ | | | | 1045| 0|#define LIBSSH2_CRYPT_FLAG_REQUIRES_FULL_PACKET 4 | | ------------------ | | | Branch (1055:6): [True: 0, False: 0] | | ------------------ ------------------ | Branch (604:16): [True: 29.5k, False: 0] ------------------ 605| 29.5k| if(p->packet_length < 1) { ------------------ | Branch (605:20): [True: 1, False: 29.5k] ------------------ 606| 1| return LIBSSH2_ERROR_DECRYPT; ------------------ | | 493| 1|#define LIBSSH2_ERROR_DECRYPT (-12) ------------------ 607| 1| } 608| 29.5k| else if(p->packet_length > LIBSSH2_PACKET_MAXPAYLOAD) { ------------------ | | 216| 29.5k|#define LIBSSH2_PACKET_MAXPAYLOAD 40000 ------------------ | Branch (608:25): [True: 21, False: 29.5k] ------------------ 609| 21| return LIBSSH2_ERROR_OUT_OF_BOUNDARY; ------------------ | | 524| 21|#define LIBSSH2_ERROR_OUT_OF_BOUNDARY (-41) ------------------ 610| 21| } 611| | 612| 29.5k| if(etm) { ------------------ | Branch (612:20): [True: 0, False: 29.5k] ------------------ 613| | /* don't know what padding is until we decrypt the full 614| | packet */ 615| 0| p->padding_length = 0; 616| | 617| | /* we collect entire undecrypted packet including the 618| | packet length field that we run MAC over */ 619| 0| p->packet_length = _libssh2_ntohu32(block); 620| 0| total_num = 4 + p->packet_length + remote_mac->mac_len; 621| 0| } 622| 29.5k| else { 623| | /* padding_length has not been authenticated yet, but it 624| | won't actually be used (except for the sanity check 625| | immediately following) until after the entire packet is 626| | authenticated, so this is safe. */ 627| 29.5k| p->padding_length = block[4]; 628| 29.5k| if(p->padding_length > p->packet_length - 1) { ------------------ | Branch (628:24): [True: 0, False: 29.5k] ------------------ 629| 0| return LIBSSH2_ERROR_DECRYPT; ------------------ | | 493| 0|#define LIBSSH2_ERROR_DECRYPT (-12) ------------------ 630| 0| } 631| | 632| | /* total_num is the number of bytes following the initial 633| | (5 bytes) packet length and padding length fields */ 634| 29.5k| total_num = p->packet_length - 1 + 635| 29.5k| (encrypted && remote_mac ? remote_mac->mac_len : 0); ------------------ | Branch (635:26): [True: 0, False: 29.5k] | Branch (635:39): [True: 0, False: 0] ------------------ 636| 29.5k| } 637| 29.5k| } 638| 0| else { 639| | /* advance the read pointer past size field if the packet 640| | length is not required for decryption */ 641| | 642| | /* add size field to be included in total packet size 643| | * calculation so it doesn't get dropped off on subsequent 644| | * partial reads 645| | */ 646| 0| total_num = 4; 647| | 648| 0| p->packet_length = _libssh2_ntohu32(block); 649| 0| if(p->packet_length < 1) ------------------ | Branch (649:20): [True: 0, False: 0] ------------------ 650| 0| return LIBSSH2_ERROR_DECRYPT; ------------------ | | 493| 0|#define LIBSSH2_ERROR_DECRYPT (-12) ------------------ 651| | 652| | /* total_num may include size field, however due to existing 653| | * logic it needs to be removed after the entire packet is read 654| | */ 655| | 656| 0| total_num += p->packet_length + 657| 0| (remote_mac ? remote_mac->mac_len : 0) + auth_len; ------------------ | Branch (657:22): [True: 0, False: 0] ------------------ 658| | 659| | /* don't know what padding is until we decrypt the full 660| | packet */ 661| 0| p->padding_length = 0; 662| 0| } 663| | 664| | /* RFC4253 section 6.1 Maximum Packet Length says: 665| | * 666| | * "All implementations MUST be able to process 667| | * packets with uncompressed payload length of 32768 668| | * bytes or less and total packet size of 35000 bytes 669| | * or less (including length, padding length, payload, 670| | * padding, and MAC.)." 671| | */ 672| 29.5k| if(total_num > LIBSSH2_PACKET_MAXPAYLOAD || total_num == 0) { ------------------ | | 216| 59.0k|#define LIBSSH2_PACKET_MAXPAYLOAD 40000 ------------------ | Branch (672:16): [True: 0, False: 29.5k] | Branch (672:57): [True: 0, False: 29.5k] ------------------ 673| 0| return LIBSSH2_ERROR_OUT_OF_BOUNDARY; ------------------ | | 524| 0|#define LIBSSH2_ERROR_OUT_OF_BOUNDARY (-41) ------------------ 674| 0| } 675| | 676| | /* Get a packet handle put data into. We get one to 677| | hold all data, including padding and MAC. */ 678| 29.5k| p->payload = LIBSSH2_ALLOC(session, total_num); ------------------ | | 232| 29.5k| session->alloc(count, &(session)->abstract) ------------------ 679| 29.5k| if(!p->payload) { ------------------ | Branch (679:16): [True: 0, False: 29.5k] ------------------ 680| 0| return LIBSSH2_ERROR_ALLOC; ------------------ | | 487| 0|#define LIBSSH2_ERROR_ALLOC (-6) ------------------ 681| 0| } 682| 29.5k| p->total_num = total_num; 683| | /* init write pointer to start of payload buffer */ 684| 29.5k| p->wptr = p->payload; 685| | 686| 29.5k| if(!encrypted || !CRYPT_FLAG_R(session, REQUIRES_FULL_PACKET)) { ------------------ | | 1054| 0| ((session)->remote.crypt && \ | | ------------------ | | | Branch (1054:6): [True: 0, False: 0] | | ------------------ | | 1055| 0| ((session)->remote.crypt->flags & LIBSSH2_CRYPT_FLAG_##flag)) | | ------------------ | | | | 1045| 0|#define LIBSSH2_CRYPT_FLAG_REQUIRES_FULL_PACKET 4 | | ------------------ | | | Branch (1055:6): [True: 0, False: 0] | | ------------------ ------------------ | Branch (686:16): [True: 29.5k, False: 0] ------------------ 687| 29.5k| if(!etm && blocksize > 5) { ------------------ | Branch (687:20): [True: 29.5k, False: 0] | Branch (687:28): [True: 0, False: 29.5k] ------------------ 688| | /* copy the data from index 5 to the end of 689| | the blocksize from the temporary buffer to 690| | the start of the decrypted buffer */ 691| 0| if(blocksize - 5 <= (int)total_num) { ------------------ | Branch (691:24): [True: 0, False: 0] ------------------ 692| 0| memcpy(p->wptr, &block[5], blocksize - 5); 693| 0| p->wptr += blocksize - 5; /* advance write pointer */ 694| 0| if(etm) { ------------------ | Branch (694:28): [True: 0, False: 0] ------------------ 695| | /* advance past unencrypted packet length */ 696| 0| p->wptr += 4; 697| 0| } 698| 0| } 699| 0| else { 700| 0| if(p->payload) ------------------ | Branch (700:28): [True: 0, False: 0] ------------------ 701| 0| LIBSSH2_FREE(session, p->payload); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 702| 0| p->payload = NULL; 703| 0| return LIBSSH2_ERROR_OUT_OF_BOUNDARY; ------------------ | | 524| 0|#define LIBSSH2_ERROR_OUT_OF_BOUNDARY (-41) ------------------ 704| 0| } 705| 0| } 706| | 707| | /* init the data_num field to the number of bytes of 708| | the package read so far */ 709| 29.5k| p->data_num = p->wptr - p->payload; 710| | 711| | /* we already dealt with a blocksize worth of data */ 712| 29.5k| if(!etm) ------------------ | Branch (712:20): [True: 29.5k, False: 0] ------------------ 713| 29.5k| numbytes -= blocksize; 714| 29.5k| } 715| 0| else { 716| | /* haven't started reading payload yet */ 717| 0| p->data_num = 0; 718| | 719| | /* we already dealt with packet size worth of data */ 720| 0| if(!encrypted) ------------------ | Branch (720:20): [True: 0, False: 0] ------------------ 721| 0| numbytes -= 4; 722| 0| } 723| 29.5k| } 724| | 725| | /* how much there is left to add to the current payload 726| | package */ 727| 29.5k| remainpack = p->total_num - p->data_num; 728| | 729| 29.5k| if(numbytes > remainpack) { ------------------ | Branch (729:12): [True: 29.5k, False: 33] ------------------ 730| | /* if we have more data in the buffer than what is going into this 731| | particular packet, we limit this round to this packet only */ 732| 29.5k| numbytes = remainpack; 733| 29.5k| } 734| | 735| 29.5k| if(encrypted && CRYPT_FLAG_R(session, REQUIRES_FULL_PACKET)) { ------------------ | | 1054| 0| ((session)->remote.crypt && \ | | ------------------ | | | Branch (1054:6): [True: 0, False: 0] | | ------------------ | | 1055| 0| ((session)->remote.crypt->flags & LIBSSH2_CRYPT_FLAG_##flag)) | | ------------------ | | | | 1045| 0|#define LIBSSH2_CRYPT_FLAG_REQUIRES_FULL_PACKET 4 | | ------------------ | | | Branch (1055:6): [True: 0, False: 0] | | ------------------ ------------------ | Branch (735:12): [True: 0, False: 29.5k] ------------------ 736| 0| if(numbytes < remainpack) { ------------------ | Branch (736:16): [True: 0, False: 0] ------------------ 737| | /* need a full packet before checking MAC */ 738| 0| session->socket_block_directions |= 739| 0| LIBSSH2_SESSION_BLOCK_INBOUND; ------------------ | | 439| 0|#define LIBSSH2_SESSION_BLOCK_INBOUND 0x0001 ------------------ 740| 0| return LIBSSH2_ERROR_EAGAIN; ------------------ | | 520| 0|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ 741| 0| } 742| | 743| | /* we have a full packet, now remove the size field from numbytes 744| | and total_num to process only the packet data */ 745| 0| numbytes -= 4; 746| 0| p->total_num -= 4; 747| 0| } 748| | 749| 29.5k| if(encrypted && !etm) { ------------------ | Branch (749:12): [True: 0, False: 29.5k] | Branch (749:25): [True: 0, False: 0] ------------------ 750| | /* At the end of the incoming stream, there is a MAC, 751| | and we don't want to decrypt that since we need it 752| | "raw". We MUST however decrypt the padding data 753| | since it is used for the hash later on. */ 754| 0| int skip = (remote_mac ? remote_mac->mac_len : 0) + auth_len; ------------------ | Branch (754:25): [True: 0, False: 0] ------------------ 755| | 756| 0| if(CRYPT_FLAG_R(session, INTEGRATED_MAC)) ------------------ | | 1054| 0| ((session)->remote.crypt && \ | | ------------------ | | | Branch (1054:6): [True: 0, False: 0] | | ------------------ | | 1055| 0| ((session)->remote.crypt->flags & LIBSSH2_CRYPT_FLAG_##flag)) | | ------------------ | | | | 1041| 0|#define LIBSSH2_CRYPT_FLAG_INTEGRATED_MAC 1 | | ------------------ | | | Branch (1055:6): [True: 0, False: 0] | | ------------------ ------------------ 757| | /* This crypto method DOES need the MAC to go through 758| | decryption so it can be authenticated. */ 759| 0| skip = 0; 760| | 761| | /* if what we have plus numbytes is bigger than the 762| | total minus the skip margin, we should lower the 763| | amount to decrypt even more */ 764| 0| if((p->data_num + numbytes) >= (p->total_num - skip)) { ------------------ | Branch (764:16): [True: 0, False: 0] ------------------ 765| | /* decrypt the entire rest of the package */ 766| 0| numdecrypt = LIBSSH2_MAX(0, ------------------ | | 215| 0|#define LIBSSH2_MAX(x, y) ((x) > (y) ? (x) : (y)) | | ------------------ | | | Branch (215:29): [True: 0, False: 0] | | ------------------ ------------------ 767| 0| (int)(p->total_num - skip) - (int)p->data_num); 768| 0| firstlast = LAST_BLOCK; ------------------ | | 1060| 0|#define LAST_BLOCK 2 ------------------ 769| 0| } 770| 0| else { 771| 0| ssize_t frac; 772| 0| numdecrypt = numbytes; 773| 0| frac = numdecrypt % blocksize; 774| 0| if(frac) { ------------------ | Branch (774:20): [True: 0, False: 0] ------------------ 775| | /* not an aligned amount of blocks, align it by reducing 776| | the number of bytes processed this loop */ 777| 0| numdecrypt -= frac; 778| | /* and make it no unencrypted data 779| | after it */ 780| 0| numbytes = 0; 781| 0| } 782| 0| if(CRYPT_FLAG_R(session, INTEGRATED_MAC)) { ------------------ | | 1054| 0| ((session)->remote.crypt && \ | | ------------------ | | | Branch (1054:6): [True: 0, False: 0] | | ------------------ | | 1055| 0| ((session)->remote.crypt->flags & LIBSSH2_CRYPT_FLAG_##flag)) | | ------------------ | | | | 1041| 0|#define LIBSSH2_CRYPT_FLAG_INTEGRATED_MAC 1 | | ------------------ | | | Branch (1055:6): [True: 0, False: 0] | | ------------------ ------------------ 783| | /* Make sure that we save enough bytes to make the last 784| | * block large enough to hold the entire integrated MAC */ 785| 0| numdecrypt = LIBSSH2_MIN(numdecrypt, ------------------ | | 216| 0|#define LIBSSH2_MIN(x, y) ((x) < (y) ? (x) : (y)) | | ------------------ | | | Branch (216:29): [True: 0, False: 0] | | ------------------ ------------------ 786| 0| (int)(p->total_num - skip - blocksize - p->data_num)); 787| 0| numbytes = 0; 788| 0| } 789| 0| firstlast = MIDDLE_BLOCK; ------------------ | | 1059| 0|#define MIDDLE_BLOCK 0 ------------------ 790| 0| } 791| 0| } 792| 29.5k| else { 793| | /* unencrypted data should not be decrypted at all */ 794| 29.5k| numdecrypt = 0; 795| 29.5k| } 796| 29.5k| assert(numdecrypt >= 0); ------------------ | Branch (796:9): [True: 0, False: 29.5k] | Branch (796:9): [True: 29.5k, False: 0] ------------------ 797| | 798| | /* if there are bytes to decrypt, do that */ 799| 29.5k| if(numdecrypt > 0) { ------------------ | Branch (799:12): [True: 0, False: 29.5k] ------------------ 800| | /* now decrypt the lot */ 801| 0| if(CRYPT_FLAG_R(session, REQUIRES_FULL_PACKET)) { ------------------ | | 1054| 0| ((session)->remote.crypt && \ | | ------------------ | | | Branch (1054:6): [True: 0, False: 0] | | ------------------ | | 1055| 0| ((session)->remote.crypt->flags & LIBSSH2_CRYPT_FLAG_##flag)) | | ------------------ | | | | 1045| 0|#define LIBSSH2_CRYPT_FLAG_REQUIRES_FULL_PACKET 4 | | ------------------ | | | Branch (1055:6): [True: 0, False: 0] | | ------------------ ------------------ 802| 0| rc = session->remote.crypt->crypt(session, 803| 0| session->remote.seqno, 804| 0| &p->buf[p->readidx], 805| 0| numdecrypt, 806| 0| &session->remote.crypt_abstract, 807| 0| 0); 808| | 809| 0| if(rc != LIBSSH2_ERROR_NONE) { ------------------ | | 474| 0|#define LIBSSH2_ERROR_NONE 0 ------------------ | Branch (809:20): [True: 0, False: 0] ------------------ 810| 0| p->total_num = 0; /* no packet buffer available */ 811| 0| return rc; 812| 0| } 813| | 814| 0| memcpy(p->wptr, &p->buf[p->readidx], numbytes); 815| | 816| | /* advance read index past size field now that we've decrypted 817| | full packet */ 818| 0| p->readidx += 4; 819| | 820| | /* include auth tag in bytes decrypted */ 821| 0| numdecrypt += auth_len; 822| | 823| | /* set padding now that the packet has been verified and 824| | decrypted */ 825| 0| p->padding_length = p->wptr[0]; 826| | 827| 0| if(p->padding_length > p->packet_length - 1) { ------------------ | Branch (827:20): [True: 0, False: 0] ------------------ 828| 0| return LIBSSH2_ERROR_DECRYPT; ------------------ | | 493| 0|#define LIBSSH2_ERROR_DECRYPT (-12) ------------------ 829| 0| } 830| 0| } 831| 0| else { 832| 0| rc = decrypt(session, &p->buf[p->readidx], p->wptr, numdecrypt, 833| 0| firstlast); 834| | 835| 0| if(rc != LIBSSH2_ERROR_NONE) { ------------------ | | 474| 0|#define LIBSSH2_ERROR_NONE 0 ------------------ | Branch (835:20): [True: 0, False: 0] ------------------ 836| 0| p->total_num = 0; /* no packet buffer available */ 837| 0| return rc; 838| 0| } 839| 0| } 840| | 841| | /* advance the read pointer */ 842| 0| p->readidx += numdecrypt; 843| | /* advance write pointer */ 844| 0| p->wptr += numdecrypt; 845| | /* increase data_num */ 846| 0| p->data_num += numdecrypt; 847| | 848| | /* bytes left to take care of without decryption */ 849| 0| numbytes -= numdecrypt; 850| 0| } 851| | 852| | /* if there are bytes to copy that aren't decrypted, 853| | copy them as-is to the target buffer */ 854| 29.5k| if(numbytes > 0) { ------------------ | Branch (854:12): [True: 29.5k, False: 1] ------------------ 855| | 856| 29.5k| if((size_t)numbytes <= (p->total_num - (p->wptr - p->payload))) { ------------------ | Branch (856:16): [True: 29.5k, False: 0] ------------------ 857| 29.5k| memcpy(p->wptr, &p->buf[p->readidx], numbytes); 858| 29.5k| } 859| 0| else { 860| 0| if(p->payload) ------------------ | Branch (860:20): [True: 0, False: 0] ------------------ 861| 0| LIBSSH2_FREE(session, p->payload); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 862| 0| p->payload = NULL; 863| 0| return LIBSSH2_ERROR_OUT_OF_BOUNDARY; ------------------ | | 524| 0|#define LIBSSH2_ERROR_OUT_OF_BOUNDARY (-41) ------------------ 864| 0| } 865| | 866| | /* advance the read pointer */ 867| 29.5k| p->readidx += numbytes; 868| | /* advance write pointer */ 869| 29.5k| p->wptr += numbytes; 870| | /* increase data_num */ 871| 29.5k| p->data_num += numbytes; 872| 29.5k| } 873| | 874| | /* now check how much data there's left to read to finish the 875| | current packet */ 876| 29.5k| remainpack = p->total_num - p->data_num; 877| | 878| 29.5k| if(!remainpack) { ------------------ | Branch (878:12): [True: 29.5k, False: 32] ------------------ 879| | /* we have a full packet */ 880| 29.5k|libssh2_transport_read_point1: 881| 29.5k| rc = fullpacket(session, encrypted); 882| 29.5k| if(rc == LIBSSH2_ERROR_EAGAIN) { ------------------ | | 520| 29.5k|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (882:16): [True: 0, False: 29.5k] ------------------ 883| | 884| 0| if(session->packAdd_state != libssh2_NB_state_idle) { ------------------ | Branch (884:20): [True: 0, False: 0] ------------------ 885| | /* fullpacket only returns LIBSSH2_ERROR_EAGAIN if 886| | * libssh2_packet_add() returns LIBSSH2_ERROR_EAGAIN. If 887| | * that returns LIBSSH2_ERROR_EAGAIN but the packAdd_state 888| | * is idle, then the packet has been added to the brigade, 889| | * but some immediate action that was taken based on the 890| | * packet type (such as key re-exchange) is not yet 891| | * complete. Clear the way for a new packet to be read 892| | * in. 893| | */ 894| 0| session->readPack_encrypted = encrypted; 895| 0| session->readPack_state = libssh2_NB_state_jump1; 896| 0| } 897| | 898| 0| return rc; 899| 0| } 900| | 901| 29.5k| p->total_num = 0; /* no packet buffer available */ 902| | 903| 29.5k| return rc; 904| 29.5k| } 905| 29.5k| } while(1); /* loop */ ------------------ | Branch (905:13): [True: 32, Folded] ------------------ 906| | 907| 0| return LIBSSH2_ERROR_SOCKET_RECV; /* we never reach this point */ ------------------ | | 526| 0|#define LIBSSH2_ERROR_SOCKET_RECV (-43) ------------------ 908| 29.5k|} _libssh2_transport_send: 996| 632|{ 997| 632| int blocksize = 998| 632| (session->state & LIBSSH2_STATE_NEWKEYS) ? ------------------ | | 948| 632|#define LIBSSH2_STATE_NEWKEYS 0x00000004 ------------------ | Branch (998:9): [True: 0, False: 632] ------------------ 999| 632| session->local.crypt->blocksize : 8; 1000| 632| ssize_t padding_length; 1001| 632| size_t packet_length; 1002| 632| ssize_t total_length; 1003| |#ifdef LIBSSH2_RANDOM_PADDING 1004| | int rand_max; 1005| | int seed = data[0]; /* FIXME: make this random */ 1006| |#endif 1007| 632| struct transportpacket *p = &session->packet; 1008| 632| int encrypted; 1009| 632| int compressed; 1010| 632| int etm; 1011| 632| ssize_t ret; 1012| 632| int rc; 1013| 632| const unsigned char *orgdata = data; 1014| 632| const struct mac_method *local_mac = NULL; 1015| 632| unsigned int auth_len = 0; 1016| 632| size_t orgdata_len = data_len; 1017| 632| size_t crypt_offset, etm_crypt_offset; 1018| | 1019| | /* 1020| | * If the last read operation was interrupted in the middle of a key 1021| | * exchange, we must complete that key exchange before continuing to write 1022| | * further data. 1023| | * 1024| | * See the similar block in _libssh2_transport_read for more details. 1025| | */ 1026| 632| if(session->state & LIBSSH2_STATE_EXCHANGING_KEYS && ------------------ | | 947| 1.26k|#define LIBSSH2_STATE_EXCHANGING_KEYS 0x00000002 ------------------ | Branch (1026:8): [True: 319, False: 313] ------------------ 1027| 319| !(session->state & LIBSSH2_STATE_KEX_ACTIVE)) { ------------------ | | 950| 319|#define LIBSSH2_STATE_KEX_ACTIVE 0x00000010 ------------------ | Branch (1027:8): [True: 0, False: 319] ------------------ 1028| | /* Don't write any new packets if we're still in the middle of a key 1029| | * exchange. */ 1030| 0| _libssh2_debug((session, LIBSSH2_TRACE_TRANS, "Redirecting into the" ------------------ | | 1090| 0|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 1031| 0| " key re-exchange from _libssh2_transport_send")); 1032| 0| rc = _libssh2_kex_exchange(session, 1, &session->startup_key_state); 1033| 0| if(rc) ------------------ | Branch (1033:12): [True: 0, False: 0] ------------------ 1034| 0| return rc; 1035| 0| } 1036| | 1037| 632| debugdump(session, "libssh2_transport_write plain", data, data_len); 1038| 632| if(data2) ------------------ | Branch (1038:8): [True: 3, False: 629] ------------------ 1039| 3| debugdump(session, "libssh2_transport_write plain2", data2, data2_len); 1040| | 1041| | /* FIRST, check if we have a pending write to complete. send_existing 1042| | only sanity-check data and data_len and not data2 and data2_len! */ 1043| 632| rc = send_existing(session, data, data_len, &ret); 1044| 632| if(rc) ------------------ | Branch (1044:8): [True: 0, False: 632] ------------------ 1045| 0| return rc; 1046| | 1047| 632| session->socket_block_directions &= ~LIBSSH2_SESSION_BLOCK_OUTBOUND; ------------------ | | 440| 632|#define LIBSSH2_SESSION_BLOCK_OUTBOUND 0x0002 ------------------ 1048| | 1049| 632| if(ret) ------------------ | Branch (1049:8): [True: 0, False: 632] ------------------ 1050| | /* set by send_existing if data was sent */ 1051| 0| return rc; 1052| | 1053| 632| encrypted = (session->state & LIBSSH2_STATE_NEWKEYS) ? 1 : 0; ------------------ | | 948| 632|#define LIBSSH2_STATE_NEWKEYS 0x00000004 ------------------ | Branch (1053:17): [True: 0, False: 632] ------------------ 1054| | 1055| 632| if(encrypted && session->local.crypt && ------------------ | Branch (1055:8): [True: 0, False: 632] | Branch (1055:21): [True: 0, False: 0] ------------------ 1056| 0| CRYPT_FLAG_L(session, REQUIRES_FULL_PACKET)) { ------------------ | | 1050| 0| ((session)->local.crypt && \ | | ------------------ | | | Branch (1050:6): [True: 0, False: 0] | | ------------------ | | 1051| 0| ((session)->local.crypt->flags & LIBSSH2_CRYPT_FLAG_##flag)) | | ------------------ | | | | 1045| 0|#define LIBSSH2_CRYPT_FLAG_REQUIRES_FULL_PACKET 4 | | ------------------ | | | Branch (1051:6): [True: 0, False: 0] | | ------------------ ------------------ 1057| 0| auth_len = session->local.crypt->auth_len; 1058| 0| } 1059| 632| else { 1060| 632| local_mac = session->local.mac; 1061| 632| } 1062| | 1063| 632| etm = encrypted && local_mac ? local_mac->etm : 0; ------------------ | Branch (1063:11): [True: 0, False: 632] | Branch (1063:24): [True: 0, False: 0] ------------------ 1064| | 1065| 632| compressed = session->local.comp && ------------------ | Branch (1065:18): [True: 485, False: 147] ------------------ 1066| 485| session->local.comp->compress && ------------------ | Branch (1066:18): [True: 0, False: 485] ------------------ 1067| 0| ((session->state & LIBSSH2_STATE_AUTHENTICATED) || ------------------ | | 949| 0|#define LIBSSH2_STATE_AUTHENTICATED 0x00000008 ------------------ | Branch (1067:19): [True: 0, False: 0] ------------------ 1068| 0| session->local.comp->use_in_auth); ------------------ | Branch (1068:19): [True: 0, False: 0] ------------------ 1069| | 1070| 632| if(encrypted && compressed && session->local.comp_abstract) { ------------------ | Branch (1070:8): [True: 0, False: 632] | Branch (1070:21): [True: 0, False: 0] | Branch (1070:35): [True: 0, False: 0] ------------------ 1071| | /* the idea here is that these function must fail if the output gets 1072| | larger than what fits in the assigned buffer so thus they don't 1073| | check the input size as we don't know how much it compresses */ 1074| 0| size_t dest_len = MAX_SSH_PACKET_LEN - 5 - 256; ------------------ | | 228| 0|#define MAX_SSH_PACKET_LEN 35000 ------------------ 1075| 0| size_t dest2_len = dest_len; 1076| | 1077| | /* compress directly to the target buffer */ 1078| 0| rc = session->local.comp->comp(session, 1079| 0| &p->outbuf[5], &dest_len, 1080| 0| data, data_len, 1081| 0| &session->local.comp_abstract); 1082| 0| if(rc) ------------------ | Branch (1082:12): [True: 0, False: 0] ------------------ 1083| 0| return rc; /* compression failure */ 1084| | 1085| 0| if(data2 && data2_len) { ------------------ | Branch (1085:12): [True: 0, False: 0] | Branch (1085:21): [True: 0, False: 0] ------------------ 1086| | /* compress directly to the target buffer right after where the 1087| | previous call put data */ 1088| 0| dest2_len -= dest_len; 1089| | 1090| 0| rc = session->local.comp->comp(session, 1091| 0| &p->outbuf[5 + dest_len], 1092| 0| &dest2_len, 1093| 0| data2, data2_len, 1094| 0| &session->local.comp_abstract); 1095| 0| } 1096| 0| else 1097| 0| dest2_len = 0; 1098| 0| if(rc) ------------------ | Branch (1098:12): [True: 0, False: 0] ------------------ 1099| 0| return rc; /* compression failure */ 1100| | 1101| 0| data_len = dest_len + dest2_len; /* use the combined length */ 1102| 0| } 1103| 632| else { 1104| 632| if((data_len + data2_len) >= (MAX_SSH_PACKET_LEN - 0x100)) ------------------ | | 228| 632|#define MAX_SSH_PACKET_LEN 35000 ------------------ | Branch (1104:12): [True: 0, False: 632] ------------------ 1105| | /* too large packet, return error for this until we make this 1106| | function split it up and send multiple SSH packets */ 1107| 0| return LIBSSH2_ERROR_INVAL; ------------------ | | 517| 0|#define LIBSSH2_ERROR_INVAL (-34) ------------------ 1108| | 1109| | /* copy the payload data */ 1110| 632| memcpy(&p->outbuf[5], data, data_len); 1111| 632| if(data2 && data2_len) ------------------ | Branch (1111:12): [True: 3, False: 629] | Branch (1111:21): [True: 0, False: 3] ------------------ 1112| 0| memcpy(&p->outbuf[5 + data_len], data2, data2_len); 1113| 632| data_len += data2_len; /* use the combined length */ 1114| 632| } 1115| | 1116| | /* RFC4253 says: Note that the length of the concatenation of 1117| | 'packet_length', 'padding_length', 'payload', and 'random padding' 1118| | MUST be a multiple of the cipher block size or 8, whichever is 1119| | larger. */ 1120| | 1121| | /* Plain math: (4 + 1 + packet_length + padding_length) % blocksize == 0 */ 1122| | 1123| 632| packet_length = data_len + 1 + 4; /* 1 is for padding_length field 1124| | 4 for the packet_length field */ 1125| | /* subtract 4 bytes of the packet_length field when padding AES-GCM 1126| | or with ETM */ 1127| 632| crypt_offset = (etm || auth_len || ------------------ | Branch (1127:21): [True: 0, False: 632] | Branch (1127:28): [True: 0, False: 632] ------------------ 1128| 632| (encrypted && CRYPT_FLAG_L(session, PKTLEN_AAD))) ------------------ | | 1050| 0| ((session)->local.crypt && \ | | ------------------ | | | Branch (1050:6): [True: 0, False: 0] | | ------------------ | | 1051| 0| ((session)->local.crypt->flags & LIBSSH2_CRYPT_FLAG_##flag)) | | ------------------ | | | | 1043| 0|#define LIBSSH2_CRYPT_FLAG_PKTLEN_AAD 2 | | ------------------ | | | Branch (1051:6): [True: 0, False: 0] | | ------------------ ------------------ | Branch (1128:22): [True: 0, False: 632] ------------------ 1129| 632| ? 4 : 0; 1130| 632| etm_crypt_offset = etm ? 4 : 0; ------------------ | Branch (1130:24): [True: 0, False: 632] ------------------ 1131| | 1132| | /* at this point we have it all except the padding */ 1133| | 1134| | /* first figure out our minimum padding amount to make it an even 1135| | block size */ 1136| 632| padding_length = blocksize - ((packet_length - crypt_offset) % blocksize); 1137| | 1138| | /* if the padding becomes too small we add another blocksize worth 1139| | of it (taken from the original libssh2 where it didn't have any 1140| | real explanation) */ 1141| 632| if(padding_length < 4) { ------------------ | Branch (1141:8): [True: 329, False: 303] ------------------ 1142| 329| padding_length += blocksize; 1143| 329| } 1144| |#ifdef LIBSSH2_RANDOM_PADDING 1145| | /* FIXME: we can add padding here, but that also makes the packets 1146| | bigger etc */ 1147| | 1148| | /* now we can add 'blocksize' to the padding_length N number of times 1149| | (to "help thwart traffic analysis") but it must be less than 255 in 1150| | total */ 1151| | rand_max = (255 - padding_length) / blocksize + 1; 1152| | padding_length += blocksize * (seed % rand_max); 1153| |#endif 1154| | 1155| 632| packet_length += padding_length; 1156| | 1157| | /* append the MAC length to the total_length size */ 1158| 632| total_length = 1159| 632| packet_length + (encrypted && local_mac ? local_mac->mac_len : 0); ------------------ | Branch (1159:26): [True: 0, False: 632] | Branch (1159:39): [True: 0, False: 0] ------------------ 1160| | 1161| 632| total_length += auth_len; 1162| | 1163| | /* store packet_length, which is the size of the whole packet except 1164| | the MAC and the packet_length field itself */ 1165| 632| _libssh2_htonu32(p->outbuf, (uint32_t)(packet_length - 4)); 1166| | /* store padding_length */ 1167| 632| p->outbuf[4] = (unsigned char)padding_length; 1168| | 1169| | /* fill the padding area with random junk */ 1170| 632| if(_libssh2_random(p->outbuf + 5 + data_len, padding_length)) { ------------------ | | 228| 632|#define _libssh2_random(buf, len) _libssh2_openssl_random(buf, len) | | ------------------ | | | Branch (228:36): [True: 0, False: 632] | | ------------------ ------------------ 1171| 0| return _libssh2_error(session, LIBSSH2_ERROR_RANDGEN, ------------------ | | 532| 0|#define LIBSSH2_ERROR_RANDGEN (-49) ------------------ 1172| 0| "Unable to get random bytes for packet padding"); 1173| 0| } 1174| | 1175| 632| if(encrypted) { ------------------ | Branch (1175:8): [True: 0, False: 632] ------------------ 1176| 0| size_t i; 1177| | 1178| | /* Calculate MAC hash. Put the output at index packet_length, 1179| | since that size includes the whole packet. The MAC is 1180| | calculated on the entire unencrypted packet, including all 1181| | fields except the MAC field itself. This is skipped in the 1182| | INTEGRATED_MAC case, where the crypto algorithm also does its 1183| | own hash. */ 1184| 0| if(!etm && local_mac && !CRYPT_FLAG_L(session, INTEGRATED_MAC)) { ------------------ | | 1050| 0| ((session)->local.crypt && \ | | ------------------ | | | Branch (1050:6): [True: 0, False: 0] | | ------------------ | | 1051| 0| ((session)->local.crypt->flags & LIBSSH2_CRYPT_FLAG_##flag)) | | ------------------ | | | | 1041| 0|#define LIBSSH2_CRYPT_FLAG_INTEGRATED_MAC 1 | | ------------------ | | | Branch (1051:6): [True: 0, False: 0] | | ------------------ ------------------ | Branch (1184:12): [True: 0, False: 0] | Branch (1184:20): [True: 0, False: 0] ------------------ 1185| 0| if(local_mac->hash(session, p->outbuf + packet_length, ------------------ | Branch (1185:16): [True: 0, False: 0] ------------------ 1186| 0| session->local.seqno, p->outbuf, 1187| 0| packet_length, NULL, 0, 1188| 0| &session->local.mac_abstract)) 1189| 0| return _libssh2_error(session, LIBSSH2_ERROR_MAC_FAILURE, ------------------ | | 535| 0|#define LIBSSH2_ERROR_MAC_FAILURE (-52) ------------------ 1190| 0| "Failed to calculate MAC"); 1191| 0| } 1192| | 1193| 0| if(CRYPT_FLAG_L(session, REQUIRES_FULL_PACKET)) { ------------------ | | 1050| 0| ((session)->local.crypt && \ | | ------------------ | | | Branch (1050:6): [True: 0, False: 0] | | ------------------ | | 1051| 0| ((session)->local.crypt->flags & LIBSSH2_CRYPT_FLAG_##flag)) | | ------------------ | | | | 1045| 0|#define LIBSSH2_CRYPT_FLAG_REQUIRES_FULL_PACKET 4 | | ------------------ | | | Branch (1051:6): [True: 0, False: 0] | | ------------------ ------------------ 1194| 0| if(session->local.crypt->crypt(session, ------------------ | Branch (1194:16): [True: 0, False: 0] ------------------ 1195| 0| session->local.seqno, 1196| 0| p->outbuf, 1197| 0| packet_length, 1198| 0| &session->local.crypt_abstract, 1199| 0| 0)) { 1200| 0| return LIBSSH2_ERROR_ENCRYPT; ------------------ | | 527| 0|#define LIBSSH2_ERROR_ENCRYPT (-44) ------------------ 1201| 0| } 1202| 0| } 1203| 0| else { 1204| | /* Encrypt the whole packet data, one block size at a time. 1205| | The MAC field is not encrypted unless INTEGRATED_MAC. */ 1206| | /* Some crypto back-ends could handle a single crypt() call for 1207| | encryption, but (presumably) others cannot, so break it up 1208| | into blocksize-sized chunks to satisfy them all. */ 1209| 0| for(i = etm_crypt_offset; i < packet_length; ------------------ | Branch (1209:39): [True: 0, False: 0] ------------------ 1210| 0| i += session->local.crypt->blocksize) { 1211| 0| unsigned char *ptr = &p->outbuf[i]; 1212| 0| size_t bsize = LIBSSH2_MIN(session->local.crypt->blocksize, ------------------ | | 216| 0|#define LIBSSH2_MIN(x, y) ((x) < (y) ? (x) : (y)) | | ------------------ | | | Branch (216:29): [True: 0, False: 0] | | ------------------ ------------------ 1213| 0| (int)(packet_length - i)); 1214| | /* The INTEGRATED_MAC case always has an extra call below, so 1215| | it will never be LAST_BLOCK up here. */ 1216| 0| int firstlast = i == 0 ? FIRST_BLOCK : ------------------ | | 1058| 0|#define FIRST_BLOCK 1 ------------------ | Branch (1216:33): [True: 0, False: 0] ------------------ 1217| 0| (!CRYPT_FLAG_L(session, INTEGRATED_MAC) && ------------------ | | 1050| 0| ((session)->local.crypt && \ | | ------------------ | | | Branch (1050:6): [True: 0, False: 0] | | ------------------ | | 1051| 0| ((session)->local.crypt->flags & LIBSSH2_CRYPT_FLAG_##flag)) | | ------------------ | | | | 1041| 0|#define LIBSSH2_CRYPT_FLAG_INTEGRATED_MAC 1 | | ------------------ | | | Branch (1051:6): [True: 0, False: 0] | | ------------------ ------------------ 1218| 0| (i == packet_length - session->local.crypt->blocksize) ------------------ | Branch (1218:18): [True: 0, False: 0] ------------------ 1219| 0| ? LAST_BLOCK : MIDDLE_BLOCK); ------------------ | | 1060| 0|#define LAST_BLOCK 2 ------------------ ? LAST_BLOCK : MIDDLE_BLOCK); ------------------ | | 1059| 0|#define MIDDLE_BLOCK 0 ------------------ 1220| | /* In the AAD case, the last block would be only 4 bytes 1221| | because everything is offset by 4 since the initial 1222| | packet_length isn't encrypted. In this case, combine that 1223| | last short packet with the previous one since AES-GCM 1224| | crypt() assumes that the entire MAC is available in that 1225| | packet so it can set that to the authentication tag. */ 1226| 0| if(!CRYPT_FLAG_L(session, INTEGRATED_MAC)) ------------------ | | 1050| 0| ((session)->local.crypt && \ | | ------------------ | | | Branch (1050:6): [True: 0, False: 0] | | ------------------ | | 1051| 0| ((session)->local.crypt->flags & LIBSSH2_CRYPT_FLAG_##flag)) | | ------------------ | | | | 1041| 0|#define LIBSSH2_CRYPT_FLAG_INTEGRATED_MAC 1 | | ------------------ | | | Branch (1051:6): [True: 0, False: 0] | | ------------------ ------------------ 1227| 0| if(i > packet_length - 2 * bsize) { ------------------ | Branch (1227:24): [True: 0, False: 0] ------------------ 1228| | /* increase the final block size */ 1229| 0| bsize = packet_length - i; 1230| | /* advance the loop counter by the extra amount */ 1231| 0| i += bsize - session->local.crypt->blocksize; 1232| 0| } 1233| 0| _libssh2_debug((session, LIBSSH2_TRACE_SOCKET, ------------------ | | 1090| 0|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 1234| 0| "crypting bytes %lu-%lu", (unsigned long)i, 1235| 0| (unsigned long)(i + bsize - 1))); 1236| 0| if(session->local.crypt->crypt(session, 0, ptr, ------------------ | Branch (1236:20): [True: 0, False: 0] ------------------ 1237| 0| bsize, 1238| 0| &session->local.crypt_abstract, 1239| 0| firstlast)) 1240| 0| return LIBSSH2_ERROR_ENCRYPT; /* encryption failure */ ------------------ | | 527| 0|#define LIBSSH2_ERROR_ENCRYPT (-44) ------------------ 1241| 0| } 1242| | 1243| | /* Call crypt() one last time so it can be filled in with the 1244| | MAC */ 1245| 0| if(CRYPT_FLAG_L(session, INTEGRATED_MAC)) { ------------------ | | 1050| 0| ((session)->local.crypt && \ | | ------------------ | | | Branch (1050:6): [True: 0, False: 0] | | ------------------ | | 1051| 0| ((session)->local.crypt->flags & LIBSSH2_CRYPT_FLAG_##flag)) | | ------------------ | | | | 1041| 0|#define LIBSSH2_CRYPT_FLAG_INTEGRATED_MAC 1 | | ------------------ | | | Branch (1051:6): [True: 0, False: 0] | | ------------------ ------------------ 1246| 0| int authlen = local_mac ? local_mac->mac_len : 0; ------------------ | Branch (1246:31): [True: 0, False: 0] ------------------ 1247| 0| assert((size_t)total_length <= ------------------ | Branch (1247:17): [True: 0, False: 0] | Branch (1247:17): [True: 0, False: 0] ------------------ 1248| 0| packet_length + session->local.crypt->blocksize); 1249| 0| if(session->local.crypt->crypt(session, ------------------ | Branch (1249:20): [True: 0, False: 0] ------------------ 1250| 0| 0, 1251| 0| &p->outbuf[packet_length], 1252| 0| authlen, 1253| 0| &session->local.crypt_abstract, 1254| 0| LAST_BLOCK)) ------------------ | | 1060| 0|#define LAST_BLOCK 2 ------------------ 1255| 0| return LIBSSH2_ERROR_ENCRYPT; /* encryption failure */ ------------------ | | 527| 0|#define LIBSSH2_ERROR_ENCRYPT (-44) ------------------ 1256| 0| } 1257| 0| } 1258| | 1259| 0| if(etm) { ------------------ | Branch (1259:12): [True: 0, False: 0] ------------------ 1260| | /* Calculate MAC hash. Put the output at index packet_length, 1261| | since that size includes the whole packet. The MAC is 1262| | calculated on the entire packet (length plain the rest 1263| | encrypted), including all fields except the MAC field 1264| | itself. */ 1265| 0| if(local_mac->hash(session, p->outbuf + packet_length, ------------------ | Branch (1265:16): [True: 0, False: 0] ------------------ 1266| 0| session->local.seqno, p->outbuf, 1267| 0| packet_length, NULL, 0, 1268| 0| &session->local.mac_abstract)) 1269| 0| return _libssh2_error(session, LIBSSH2_ERROR_MAC_FAILURE, ------------------ | | 535| 0|#define LIBSSH2_ERROR_MAC_FAILURE (-52) ------------------ 1270| 0| "Failed to calculate MAC"); 1271| 0| } 1272| 0| } 1273| | 1274| 632| session->local.seqno++; 1275| | 1276| 632| if(session->kex_strict && data[0] == SSH_MSG_NEWKEYS) { ------------------ | | 1122| 481|#define SSH_MSG_NEWKEYS 21 ------------------ | Branch (1276:8): [True: 481, False: 151] | Branch (1276:31): [True: 0, False: 481] ------------------ 1277| 0| session->local.seqno = 0; 1278| 0| } 1279| | 1280| 632| ret = LIBSSH2_SEND(session, p->outbuf, total_length, ------------------ | | 286| 632| LIBSSH2_SEND_FD(session, (session)->socket_fd, buffer, length, flags) | | ------------------ | | | | 281| 1.26k| ((session)->send)(fd, buffer, length, flags, &(session)->abstract) | | | | ------------------ | | | | | Branch (281:43): [True: 0, False: 632] | | | | ------------------ | | ------------------ ------------------ 1281| 632| LIBSSH2_SOCKET_SEND_FLAGS(session)); 1282| 632| if(ret < 0) ------------------ | Branch (1282:8): [True: 0, False: 632] ------------------ 1283| 0| _libssh2_debug((session, LIBSSH2_TRACE_SOCKET, ------------------ | | 1090| 0|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 1284| 632| "Error sending %ld bytes: %ld", 1285| 632| (long)total_length, (long)-ret)); 1286| 632| else { 1287| 632| _libssh2_debug((session, LIBSSH2_TRACE_SOCKET, ------------------ | | 1090| 632|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 1288| 632| "Sent %ld/%ld bytes at %p", 1289| 632| (long)ret, (long)total_length, (void *)p->outbuf)); 1290| 632| debugdump(session, "libssh2_transport_write send()", p->outbuf, ret); 1291| 632| } 1292| | 1293| 632| if(ret != total_length) { ------------------ | Branch (1293:8): [True: 0, False: 632] ------------------ 1294| 0| if(ret >= 0 || ret == -EAGAIN) { ------------------ | Branch (1294:12): [True: 0, False: 0] | Branch (1294:24): [True: 0, False: 0] ------------------ 1295| | /* the whole packet could not be sent, save the rest */ 1296| 0| session->socket_block_directions |= LIBSSH2_SESSION_BLOCK_OUTBOUND; ------------------ | | 440| 0|#define LIBSSH2_SESSION_BLOCK_OUTBOUND 0x0002 ------------------ 1297| 0| p->odata = orgdata; 1298| 0| p->olen = orgdata_len; 1299| 0| p->osent = ret <= 0 ? 0 : ret; ------------------ | Branch (1299:24): [True: 0, False: 0] ------------------ 1300| 0| p->ototal_num = total_length; 1301| 0| return LIBSSH2_ERROR_EAGAIN; ------------------ | | 520| 0|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ 1302| 0| } 1303| 0| return LIBSSH2_ERROR_SOCKET_SEND; ------------------ | | 488| 0|#define LIBSSH2_ERROR_SOCKET_SEND (-7) ------------------ 1304| 0| } 1305| | 1306| | /* the whole thing got sent away */ 1307| 632| p->odata = NULL; 1308| 632| p->olen = 0; 1309| | 1310| 632| return LIBSSH2_ERROR_NONE; /* all is good */ ------------------ | | 474| 632|#define LIBSSH2_ERROR_NONE 0 ------------------ 1311| 632|} transport.c:debugdump: 58| 30.9k|{ 59| 30.9k| size_t i; 60| 30.9k| size_t c; 61| 30.9k| unsigned int width = 0x10; 62| 30.9k| char buffer[256]; /* Must be enough for width*4 + about 30 or so */ 63| 30.9k| size_t used; 64| 30.9k| static const char *hex_chars = "0123456789ABCDEF"; 65| | 66| 30.9k| if(!(session->showmask & LIBSSH2_TRACE_TRANS)) { ------------------ | | 1441| 30.9k|#define LIBSSH2_TRACE_TRANS (1<<1) ------------------ | Branch (66:8): [True: 30.9k, False: 0] ------------------ 67| | /* not asked for, bail out */ 68| 30.9k| return; 69| 30.9k| } 70| | 71| 0| used = snprintf(buffer, sizeof(buffer), "=> %s (%lu bytes)\n", 72| 0| desc, (unsigned long)size); 73| 0| if(session->tracehandler) ------------------ | Branch (73:8): [True: 0, False: 0] ------------------ 74| 0| (session->tracehandler)(session, session->tracehandler_context, 75| 0| buffer, used); 76| 0| else 77| 0| fprintf(stderr, "%s", buffer); 78| | 79| 0| for(i = 0; i < size; i += width) { ------------------ | Branch (79:16): [True: 0, False: 0] ------------------ 80| | 81| 0| used = snprintf(buffer, sizeof(buffer), "%04lx: ", (long)i); 82| | 83| | /* hex not disabled, show it */ 84| 0| for(c = 0; c < width; c++) { ------------------ | Branch (84:20): [True: 0, False: 0] ------------------ 85| 0| if(i + c < size) { ------------------ | Branch (85:16): [True: 0, False: 0] ------------------ 86| 0| buffer[used++] = hex_chars[(ptr[i + c] >> 4) & 0xF]; 87| 0| buffer[used++] = hex_chars[ptr[i + c] & 0xF]; 88| 0| } 89| 0| else { 90| 0| buffer[used++] = ' '; 91| 0| buffer[used++] = ' '; 92| 0| } 93| | 94| 0| buffer[used++] = ' '; 95| 0| if((width / 2) - 1 == c) ------------------ | Branch (95:16): [True: 0, False: 0] ------------------ 96| 0| buffer[used++] = ' '; 97| 0| } 98| | 99| 0| buffer[used++] = ':'; 100| 0| buffer[used++] = ' '; 101| | 102| 0| for(c = 0; (c < width) && (i + c < size); c++) { ------------------ | Branch (102:20): [True: 0, False: 0] | Branch (102:35): [True: 0, False: 0] ------------------ 103| 0| buffer[used++] = isprint(ptr[i + c]) ? ------------------ | Branch (103:30): [True: 0, False: 0] ------------------ 104| 0| ptr[i + c] : UNPRINTABLE_CHAR; ------------------ | | 55| 0|#define UNPRINTABLE_CHAR '.' ------------------ 105| 0| } 106| 0| buffer[used] = 0; 107| | 108| 0| if(session->tracehandler) ------------------ | Branch (108:12): [True: 0, False: 0] ------------------ 109| 0| (session->tracehandler)(session, session->tracehandler_context, 110| 0| buffer, used); 111| 0| else 112| 0| fprintf(stderr, "%s\n", buffer); 113| 0| } 114| 0|} transport.c:fullpacket: 179| 29.5k|{ 180| 29.5k| unsigned char macbuf[MAX_MACSIZE]; 181| 29.5k| struct transportpacket *p = &session->packet; 182| 29.5k| int rc; 183| 29.5k| int compressed; 184| 29.5k| const struct mac_method *remote_mac = NULL; 185| 29.5k| uint32_t seq = session->remote.seqno; 186| | 187| 29.5k| memset(macbuf, '\0', sizeof(macbuf)); 188| | 189| 29.5k| if(!encrypted || (!CRYPT_FLAG_R(session, REQUIRES_FULL_PACKET) && ------------------ | | 1054| 0| ((session)->remote.crypt && \ | | ------------------ | | | Branch (1054:6): [True: 0, False: 0] | | ------------------ | | 1055| 0| ((session)->remote.crypt->flags & LIBSSH2_CRYPT_FLAG_##flag)) | | ------------------ | | | | 1045| 0|#define LIBSSH2_CRYPT_FLAG_REQUIRES_FULL_PACKET 4 | | ------------------ | | | Branch (1055:6): [True: 0, False: 0] | | ------------------ ------------------ | Branch (189:8): [True: 29.5k, False: 0] ------------------ 190| 29.5k| !CRYPT_FLAG_R(session, INTEGRATED_MAC))) { ------------------ | | 1054| 0| ((session)->remote.crypt && \ | | ------------------ | | | Branch (1054:6): [True: 0, False: 0] | | ------------------ | | 1055| 0| ((session)->remote.crypt->flags & LIBSSH2_CRYPT_FLAG_##flag)) | | ------------------ | | | | 1041| 0|#define LIBSSH2_CRYPT_FLAG_INTEGRATED_MAC 1 | | ------------------ | | | Branch (1055:6): [True: 0, False: 0] | | ------------------ ------------------ 191| 29.5k| remote_mac = session->remote.mac; 192| 29.5k| } 193| | 194| 29.5k| if(session->fullpacket_state == libssh2_NB_state_idle) { ------------------ | Branch (194:8): [True: 29.5k, False: 0] ------------------ 195| 29.5k| session->fullpacket_macstate = LIBSSH2_MAC_CONFIRMED; ------------------ | | 1103| 29.5k|#define LIBSSH2_MAC_CONFIRMED 0 ------------------ 196| 29.5k| session->fullpacket_payload_len = p->packet_length - 1; 197| | 198| 29.5k| if(encrypted && remote_mac) { ------------------ | Branch (198:12): [True: 0, False: 29.5k] | Branch (198:25): [True: 0, False: 0] ------------------ 199| | 200| | /* Calculate MAC hash */ 201| 0| int etm = remote_mac->etm; 202| 0| size_t mac_len = remote_mac->mac_len; 203| 0| if(etm) { ------------------ | Branch (203:16): [True: 0, False: 0] ------------------ 204| | /* store hash here */ 205| 0| remote_mac->hash(session, macbuf, 206| 0| session->remote.seqno, 207| 0| p->payload, p->total_num - mac_len, 208| 0| NULL, 0, 209| 0| &session->remote.mac_abstract); 210| 0| } 211| 0| else { 212| | /* store hash here */ 213| 0| remote_mac->hash(session, macbuf, 214| 0| session->remote.seqno, 215| 0| p->init, 5, 216| 0| p->payload, 217| 0| session->fullpacket_payload_len, 218| 0| &session->remote.mac_abstract); 219| 0| } 220| | 221| | /* Compare the calculated hash with the MAC we just read from 222| | * the network. The read one is at the very end of the payload 223| | * buffer. Note that 'payload_len' here is the packet_length 224| | * field which includes the padding but not the MAC. 225| | */ 226| 0| if(_libssh2_timingsafe_bcmp(macbuf, ------------------ | Branch (226:16): [True: 0, False: 0] ------------------ 227| 0| p->payload + p->total_num - mac_len, 228| 0| mac_len)) { 229| 0| _libssh2_debug((session, LIBSSH2_TRACE_SOCKET, ------------------ | | 1090| 0|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 230| 0| "Failed MAC check")); 231| 0| session->fullpacket_macstate = LIBSSH2_MAC_INVALID; ------------------ | | 1105| 0|#define LIBSSH2_MAC_INVALID (-1) ------------------ 232| 0| } 233| 0| else if(etm) { ------------------ | Branch (233:21): [True: 0, False: 0] ------------------ 234| | /* MAC was ok and we start by decrypting the first block that 235| | contains padding length since this allows us to decrypt 236| | all other blocks to the right location in memory 237| | avoiding moving a larger block of memory one byte. */ 238| 0| unsigned char first_block[MAX_BLOCKSIZE]; 239| 0| ssize_t decrypt_size; 240| 0| unsigned char *decrypt_buffer; 241| 0| int blocksize = session->remote.crypt->blocksize; 242| | 243| 0| first_block[0] = 0; 244| | 245| 0| rc = decrypt(session, p->payload + 4, 246| 0| first_block, blocksize, FIRST_BLOCK); ------------------ | | 1058| 0|#define FIRST_BLOCK 1 ------------------ 247| 0| if(rc) { ------------------ | Branch (247:20): [True: 0, False: 0] ------------------ 248| 0| return rc; 249| 0| } 250| | 251| | /* we need buffer for decrypt */ 252| 0| decrypt_size = p->total_num - mac_len - 4; 253| 0| decrypt_buffer = LIBSSH2_ALLOC(session, decrypt_size); ------------------ | | 232| 0| session->alloc(count, &(session)->abstract) ------------------ 254| 0| if(!decrypt_buffer) { ------------------ | Branch (254:20): [True: 0, False: 0] ------------------ 255| 0| return LIBSSH2_ERROR_ALLOC; ------------------ | | 487| 0|#define LIBSSH2_ERROR_ALLOC (-6) ------------------ 256| 0| } 257| | 258| | /* grab padding length and copy anything else 259| | into target buffer */ 260| 0| p->padding_length = first_block[0]; 261| | 262| 0| if(p->padding_length > p->packet_length - 1) { ------------------ | Branch (262:20): [True: 0, False: 0] ------------------ 263| 0| LIBSSH2_FREE(session, decrypt_buffer); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 264| 0| return LIBSSH2_ERROR_PROTO; ------------------ | | 495| 0|#define LIBSSH2_ERROR_PROTO (-14) ------------------ 265| 0| } 266| | 267| 0| if(blocksize > 1) { ------------------ | Branch (267:20): [True: 0, False: 0] ------------------ 268| 0| memcpy(decrypt_buffer, first_block + 1, blocksize - 1); 269| 0| } 270| | 271| | /* decrypt all other blocks packet */ 272| 0| if(blocksize < decrypt_size) { ------------------ | Branch (272:20): [True: 0, False: 0] ------------------ 273| 0| rc = decrypt(session, p->payload + blocksize + 4, 274| 0| decrypt_buffer + blocksize - 1, 275| 0| decrypt_size - blocksize, LAST_BLOCK); ------------------ | | 1060| 0|#define LAST_BLOCK 2 ------------------ 276| 0| if(rc) { ------------------ | Branch (276:24): [True: 0, False: 0] ------------------ 277| 0| LIBSSH2_FREE(session, decrypt_buffer); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 278| 0| return rc; 279| 0| } 280| 0| } 281| | 282| | /* replace encrypted payload with plain text payload */ 283| 0| LIBSSH2_FREE(session, p->payload); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 284| 0| p->payload = decrypt_buffer; 285| 0| } 286| 0| } 287| 29.5k| else if(encrypted && CRYPT_FLAG_R(session, REQUIRES_FULL_PACKET)) { ------------------ | | 1054| 0| ((session)->remote.crypt && \ | | ------------------ | | | Branch (1054:6): [True: 0, False: 0] | | ------------------ | | 1055| 0| ((session)->remote.crypt->flags & LIBSSH2_CRYPT_FLAG_##flag)) | | ------------------ | | | | 1045| 0|#define LIBSSH2_CRYPT_FLAG_REQUIRES_FULL_PACKET 4 | | ------------------ | | | Branch (1055:6): [True: 0, False: 0] | | ------------------ ------------------ | Branch (287:17): [True: 0, False: 29.5k] ------------------ 288| | /* etm trim off padding byte from payload */ 289| 0| memmove(p->payload, &p->payload[1], p->packet_length - 1); 290| 0| } 291| | 292| 29.5k| session->remote.seqno++; 293| | 294| | /* ignore the padding */ 295| 29.5k| session->fullpacket_payload_len -= p->padding_length; 296| | 297| | /* Check for and deal with decompression */ 298| 29.5k| compressed = session->local.comp && ------------------ | Branch (298:22): [True: 3.60k, False: 25.9k] ------------------ 299| 3.60k| session->local.comp->compress && ------------------ | Branch (299:22): [True: 0, False: 3.60k] ------------------ 300| 0| ((session->state & LIBSSH2_STATE_AUTHENTICATED) || ------------------ | | 949| 0|#define LIBSSH2_STATE_AUTHENTICATED 0x00000008 ------------------ | Branch (300:23): [True: 0, False: 0] ------------------ 301| 0| session->local.comp->use_in_auth); ------------------ | Branch (301:23): [True: 0, False: 0] ------------------ 302| | 303| 29.5k| if(compressed && session->remote.comp_abstract) { ------------------ | Branch (303:12): [True: 0, False: 29.5k] | Branch (303:26): [True: 0, False: 0] ------------------ 304| | /* 305| | * The buffer for the decompression (remote.comp_abstract) is 306| | * initialised in time when it is needed so as long it is NULL we 307| | * cannot decompress. 308| | */ 309| | 310| 0| unsigned char *data = NULL; 311| 0| size_t data_len = 0; 312| 0| rc = session->remote.comp->decomp(session, 313| 0| &data, &data_len, 314| 0| LIBSSH2_PACKET_MAXDECOMP, ------------------ | | 212| 0|#define LIBSSH2_PACKET_MAXDECOMP 40000 ------------------ 315| 0| p->payload, 316| 0| session->fullpacket_payload_len, 317| 0| &session->remote.comp_abstract); 318| 0| LIBSSH2_FREE(session, p->payload); ------------------ | | 238| 0| session->free(ptr, &(session)->abstract) ------------------ 319| 0| p->payload = NULL; 320| 0| if(rc) ------------------ | Branch (320:16): [True: 0, False: 0] ------------------ 321| 0| return rc; 322| | 323| 0| p->payload = data; 324| 0| session->fullpacket_payload_len = data_len; 325| 0| } 326| | 327| 29.5k| session->fullpacket_packet_type = p->payload[0]; 328| | 329| 29.5k| debugdump(session, "libssh2_transport_read() plain", 330| 29.5k| p->payload, session->fullpacket_payload_len); 331| | 332| 29.5k| session->fullpacket_state = libssh2_NB_state_created; 333| 29.5k| } 334| | 335| 29.5k| if(session->fullpacket_state == libssh2_NB_state_created) { ------------------ | Branch (335:8): [True: 29.5k, False: 0] ------------------ 336| 29.5k| rc = _libssh2_packet_add(session, p->payload, 337| 29.5k| session->fullpacket_payload_len, 338| 29.5k| session->fullpacket_macstate, seq); 339| 29.5k| if(rc == LIBSSH2_ERROR_EAGAIN) ------------------ | | 520| 29.5k|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ | Branch (339:12): [True: 0, False: 29.5k] ------------------ 340| 0| return rc; 341| 29.5k| if(rc) { ------------------ | Branch (341:12): [True: 7, False: 29.5k] ------------------ 342| 7| session->fullpacket_state = libssh2_NB_state_idle; 343| 7| return rc; 344| 7| } 345| 29.5k| } 346| | 347| 29.5k| session->fullpacket_state = libssh2_NB_state_idle; 348| | 349| 29.5k| if(session->kex_strict && ------------------ | Branch (349:8): [True: 865, False: 28.6k] ------------------ 350| 865| session->fullpacket_packet_type == SSH_MSG_NEWKEYS) { ------------------ | | 1122| 865|#define SSH_MSG_NEWKEYS 21 ------------------ | Branch (350:8): [True: 0, False: 865] ------------------ 351| 0| session->remote.seqno = 0; 352| 0| } 353| | 354| 29.5k| return session->fullpacket_packet_type; 355| 29.5k|} transport.c:send_existing: 912| 632|{ 913| 632| ssize_t rc; 914| 632| ssize_t length; 915| 632| struct transportpacket *p = &session->packet; 916| | 917| 632| if(!p->olen) { ------------------ | Branch (917:8): [True: 632, False: 0] ------------------ 918| 632| *ret = 0; 919| 632| return LIBSSH2_ERROR_NONE; ------------------ | | 474| 632|#define LIBSSH2_ERROR_NONE 0 ------------------ 920| 632| } 921| | 922| | /* send as much as possible of the existing packet */ 923| 0| if((data != p->odata) || (data_len != p->olen)) { ------------------ | Branch (923:8): [True: 0, False: 0] | Branch (923:30): [True: 0, False: 0] ------------------ 924| | /* When we are about to complete the sending of a packet, it is vital 925| | that the caller doesn't try to send a new/different packet since 926| | we don't add this one up until the previous one has been sent. To 927| | make the caller really notice his/hers flaw, we return error for 928| | this case */ 929| 0| _libssh2_debug((session, LIBSSH2_TRACE_SOCKET, ------------------ | | 1090| 0|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 930| 0| "Address is different, returning EAGAIN")); 931| 0| return LIBSSH2_ERROR_EAGAIN; ------------------ | | 520| 0|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ 932| 0| } 933| | 934| 0| *ret = 1; /* set to make our parent return */ 935| | 936| | /* number of bytes left to send */ 937| 0| length = p->ototal_num - p->osent; 938| | 939| 0| rc = LIBSSH2_SEND(session, &p->outbuf[p->osent], length, ------------------ | | 286| 0| LIBSSH2_SEND_FD(session, (session)->socket_fd, buffer, length, flags) | | ------------------ | | | | 281| 0| ((session)->send)(fd, buffer, length, flags, &(session)->abstract) | | | | ------------------ | | | | | Branch (281:43): [True: 0, False: 0] | | | | ------------------ | | ------------------ ------------------ 940| 0| LIBSSH2_SOCKET_SEND_FLAGS(session)); 941| 0| if(rc < 0) ------------------ | Branch (941:8): [True: 0, False: 0] ------------------ 942| 0| _libssh2_debug((session, LIBSSH2_TRACE_SOCKET, ------------------ | | 1090| 0|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 943| 0| "Error sending %ld bytes: %ld", 944| 0| (long)length, (long)-rc)); 945| 0| else { 946| 0| _libssh2_debug((session, LIBSSH2_TRACE_SOCKET, ------------------ | | 1090| 0|#define _libssh2_debug(x) _libssh2_debug_low x ------------------ 947| 0| "Sent %ld/%ld bytes at %p+%lu", (long)rc, (long)length, 948| 0| (void *)p->outbuf, (unsigned long)p->osent)); 949| 0| debugdump(session, "libssh2_transport_write send()", 950| 0| &p->outbuf[p->osent], rc); 951| 0| } 952| | 953| 0| if(rc == length) { ------------------ | Branch (953:8): [True: 0, False: 0] ------------------ 954| | /* the remainder of the package was sent */ 955| 0| p->ototal_num = 0; 956| 0| p->olen = 0; 957| | /* we leave *ret set so that the parent returns as we MUST return back 958| | a send success now, so that we don't risk sending EAGAIN later 959| | which then would confuse the parent function */ 960| 0| return LIBSSH2_ERROR_NONE; ------------------ | | 474| 0|#define LIBSSH2_ERROR_NONE 0 ------------------ 961| 0| } 962| 0| else if(rc < 0) { ------------------ | Branch (962:13): [True: 0, False: 0] ------------------ 963| | /* nothing was sent */ 964| 0| if(rc != -EAGAIN) ------------------ | Branch (964:12): [True: 0, False: 0] ------------------ 965| | /* send failure! */ 966| 0| return LIBSSH2_ERROR_SOCKET_SEND; ------------------ | | 488| 0|#define LIBSSH2_ERROR_SOCKET_SEND (-7) ------------------ 967| | 968| 0| session->socket_block_directions |= LIBSSH2_SESSION_BLOCK_OUTBOUND; ------------------ | | 440| 0|#define LIBSSH2_SESSION_BLOCK_OUTBOUND 0x0002 ------------------ 969| 0| return LIBSSH2_ERROR_EAGAIN; ------------------ | | 520| 0|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ 970| 0| } 971| | 972| 0| p->osent += rc; /* we sent away this much data */ 973| | 974| 0| return rc < length ? LIBSSH2_ERROR_EAGAIN : LIBSSH2_ERROR_NONE; ------------------ | | 520| 0|#define LIBSSH2_ERROR_EAGAIN (-37) ------------------ return rc < length ? LIBSSH2_ERROR_EAGAIN : LIBSSH2_ERROR_NONE; ------------------ | | 474| 0|#define LIBSSH2_ERROR_NONE 0 ------------------ | Branch (974:12): [True: 0, False: 0] ------------------ 975| 0|} LLVMFuzzerTestOneInput: 26| 152|{ 27| 152| int socket_fds[2] = { -1, -1 }; 28| 152| ssize_t written; 29| 152| int rc; 30| 152| LIBSSH2_SESSION *session = NULL; 31| 152| int handshake_completed = 0; 32| | 33| 152| rc = libssh2_init(0); 34| | 35| 152| if(rc) { ------------------ | Branch (35:8): [True: 0, False: 152] ------------------ 36| 0| fprintf(stderr, "libssh2 initialization failed (%d)\n", rc); 37| 0| goto EXIT_LABEL; 38| 0| } 39| | 40| | /* Create a socket pair so data can be sent in. */ 41| 152| rc = socketpair(AF_UNIX, SOCK_STREAM, 0, socket_fds); 42| 152| FUZZ_ASSERT(rc == 0); ------------------ | | 17| 152| do { \ | | 18| 152| if(!(COND)) { \ | | ------------------ | | | Branch (18:12): [True: 0, False: 152] | | ------------------ | | 19| 0| fprintf(stderr, "Assertion failed: " #COND "\n%s", \ | | 20| 0| strerror(errno)); \ | | 21| 0| goto EXIT_LABEL; \ | | 22| 0| } \ | | 23| 152| } while(0) | | ------------------ | | | Branch (23:13): [Folded, False: 152] | | ------------------ ------------------ 43| | 44| 152| written = send(socket_fds[1], data, size, 0); 45| | 46| 152| if(written != (ssize_t)size) { ------------------ | Branch (46:8): [True: 11, False: 141] ------------------ 47| | /* Handle whatever error case we're in. */ 48| 11| fprintf(stderr, "send() of %zu bytes returned %zu (%d)\n", 49| 11| size, 50| 11| written, 51| 11| errno); 52| 11| goto EXIT_LABEL; 53| 11| } 54| | 55| 141| rc = shutdown(socket_fds[1], SHUT_WR); 56| 141| if(rc) { ------------------ | Branch (56:8): [True: 0, False: 141] ------------------ 57| 0| fprintf(stderr, "socket shutdown failed (%d)\n", rc); 58| 0| goto EXIT_LABEL; 59| 0| } 60| | 61| | /* Create a session and start the handshake using the fuzz data 62| | passed in. */ 63| 141| session = libssh2_session_init(); ------------------ | | 595| 141|#define libssh2_session_init() libssh2_session_init_ex(NULL, NULL, NULL, NULL) ------------------ 64| 141| if(session) { ------------------ | Branch (64:8): [True: 141, False: 0] ------------------ 65| 141| libssh2_session_set_blocking(session, 1); 66| 141| } 67| 0| else { 68| 0| goto EXIT_LABEL; 69| 0| } 70| | 71| 141| if(libssh2_session_handshake(session, socket_fds[0])) { ------------------ | Branch (71:8): [True: 141, False: 0] ------------------ 72| 141| goto EXIT_LABEL; 73| 141| } 74| | 75| | /* If we get here the handshake actually completed. */ 76| 0| handshake_completed = 1; 77| | 78| 152|EXIT_LABEL: 79| | 80| 152| if(session) { ------------------ | Branch (80:8): [True: 141, False: 11] ------------------ 81| 141| if(handshake_completed) { ------------------ | Branch (81:12): [True: 0, False: 141] ------------------ 82| 0| libssh2_session_disconnect(session, ------------------ | | 625| 0| libssh2_session_disconnect_ex(session, SSH_DISCONNECT_BY_APPLICATION, \ | | ------------------ | | | | 467| 0|#define SSH_DISCONNECT_BY_APPLICATION 11 | | ------------------ | | 626| 0| description, "") ------------------ 83| 0| "Normal Shutdown, " 84| 0| "Thank you for playing"); 85| 0| } 86| | 87| 141| libssh2_session_free(session); 88| 141| } 89| | 90| 152| libssh2_exit(); 91| | 92| 152| close(socket_fds[0]); 93| 152| close(socket_fds[1]); 94| | 95| 152| return 0; 96| 0|}