feat: add gssapi key exchange

feat: add generic functions for importing name and initializing ctx feat: add suffix to gsskex algs dynamically feat: move gssapi key exchange to another file feat: add gssapi key exchange for server refactor: remove unnecessary fields in gssapi struct refactor: add some documentation and improve logging fix: remove gss_dh callbacks feat: add a check to see if GSSAPI is configured correctly fix: memory leaks feat: add client side "gssapi-keyex" auth feat: add gssapi_key_exchange_algs for server fix: some memory issues feat: add gssapi kex options to config feat: add check to see if GSSAPI key exchange was performed feat: add more tests for gssapi key exchange fix: add valgrind supp Signed-off-by: Gauravsingh Sisodia <xaerru@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2026-02-10 10:26:47 +09:00 · 2024-07-17 05:49:24 +00:00
parent 701a2155a7
commit bc5211d055
39 changed files with 2100 additions and 154 deletions
--- a/tests/unittests/torture_config.c
+++ b/tests/unittests/torture_config.c
@@ -93,7 +93,8 @@ extern LIBSSH_THREAD int ssh_log_level;
    "\tGSSAPIServerIdentity example.com\n" \
    "\tGSSAPIClientIdentity home.sweet\n" \
    "\tUserKnownHostsFile "USER_KNOWN_HOSTS"\n" \
-    "\tRequiredRSASize 2233\n"
+    "\tRequiredRSASize 2233\n" \
+    "\tGSSAPIKexAlgorithms gss-group14-sha256-\n"

 /* authentication methods */
 #define LIBSSH_TESTCONFIG_STRING8 \
@@ -648,6 +649,9 @@ static void torture_config_new(void ** state,
    assert_int_equal(session->opts.gss_delegate_creds, 1);
    assert_string_equal(session->opts.gss_server_identity, "example.com");
    assert_string_equal(session->opts.gss_client_identity, "home.sweet");
+#ifdef WITH_GSSAPI
+    assert_string_equal(session->opts.gssapi_key_exchange_algs, "gss-group14-sha256-");
+#endif /* WITH_GSSAPI */

    assert_int_equal(ssh_get_log_level(), SSH_LOG_TRACE);
    assert_int_equal(session->common.log_verbosity, SSH_LOG_TRACE);