packet: Prepare counters to handle rekeying limits

Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Daiki Ueno <dueno@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2026-02-07 18:50:27 +09:00 · 2018-11-07 14:49:43 +01:00
parent 92e978f2f3
commit a61368a06a
4 changed files with 59 additions and 1 deletions
--- a/include/libssh/crypto.h
+++ b/include/libssh/crypto.h
@@ -164,6 +164,11 @@ struct ssh_cipher_struct {
    struct chacha20_poly1305_keysched *chacha20_schedule;
    unsigned int keysize; /* bytes of key used. != keylen */
    size_t tag_size; /* overhead required for tag */
+    /* Counters for rekeying initialization */
+    uint32_t packets;
+    uint64_t blocks;
+    /* Rekeying limit for the cipher or manually enforced */
+    uint64_t max_blocks;
    /* sets the new key for immediate use */
    int (*set_encrypt_key)(struct ssh_cipher_struct *cipher, void *key, void *IV);
    int (*set_decrypt_key)(struct ssh_cipher_struct *cipher, void *key, void *IV);
--- a/include/libssh/session.h
+++ b/include/libssh/session.h
@@ -30,6 +30,7 @@
 #include "libssh/channels.h"
 #include "libssh/poll.h"
 #include "libssh/config.h"
+#include "libssh/misc.h"

 /* These are the different states a SSH session can be into its life */
 enum ssh_session_state_e {
@@ -113,6 +114,7 @@ struct ssh_session_struct {
    int openssh;
    uint32_t send_seq;
    uint32_t recv_seq;
+    struct ssh_timestamp last_rekey_time;

    int connected;
    /* !=0 when the user got a session handle */