diff --git a/include/libssh/libssh.h b/include/libssh/libssh.h index a166d054..c82a0860 100644 --- a/include/libssh/libssh.h +++ b/include/libssh/libssh.h @@ -342,6 +342,8 @@ enum ssh_options_e { SSH_OPTIONS_GSSAPI_SERVER_IDENTITY, SSH_OPTIONS_GSSAPI_CLIENT_IDENTITY, SSH_OPTIONS_GSSAPI_DELEGATE_CREDENTIALS, + SSH_OPTIONS_HMAC_C_S, + SSH_OPTIONS_HMAC_S_C, }; enum { @@ -657,6 +659,8 @@ LIBSSH_API const char* ssh_get_clientbanner(ssh_session session); LIBSSH_API const char* ssh_get_serverbanner(ssh_session session); LIBSSH_API const char* ssh_get_cipher_in(ssh_session session); LIBSSH_API const char* ssh_get_cipher_out(ssh_session session); +LIBSSH_API const char* ssh_get_hmac_in(ssh_session session); +LIBSSH_API const char* ssh_get_hmac_out(ssh_session session); #ifndef LIBSSH_LEGACY_0_4 #include "libssh/legacy.h" diff --git a/include/libssh/wrapper.h b/include/libssh/wrapper.h index f2a98bde..d19d097c 100644 --- a/include/libssh/wrapper.h +++ b/include/libssh/wrapper.h @@ -97,5 +97,6 @@ void crypto_free(struct ssh_crypto_struct *crypto); void ssh_reseed(void); struct ssh_hmac_struct *ssh_get_hmactab(void); +const char *ssh_hmac_type_to_string(enum ssh_hmac_e hmac_type); #endif /* WRAPPER_H_ */ diff --git a/src/options.c b/src/options.c index 25442e3a..f7f24553 100644 --- a/src/options.c +++ b/src/options.c @@ -716,6 +716,26 @@ int ssh_options_set(ssh_session session, enum ssh_options_e type, return -1; } break; + case SSH_OPTIONS_HMAC_C_S: + v = value; + if (v == NULL || v[0] == '\0') { + ssh_set_error_invalid(session); + return -1; + } else { + if (ssh_options_set_algo(session, SSH_MAC_C_S, v) < 0) + return -1; + } + break; + case SSH_OPTIONS_HMAC_S_C: + v = value; + if (v == NULL || v[0] == '\0') { + ssh_set_error_invalid(session); + return -1; + } else { + if (ssh_options_set_algo(session, SSH_MAC_S_C, v) < 0) + return -1; + } + break; case SSH_OPTIONS_COMPRESSION_C_S: v = value; if (v == NULL || v[0] == '\0') { diff --git a/src/session.c b/src/session.c index 204adad6..3a0a90d4 100644 --- a/src/session.c +++ b/src/session.c @@ -311,7 +311,7 @@ const char* ssh_get_serverbanner(ssh_session session) { } /** - * @brief get the name of the input for the given session. + * @brief get the name of the input cipher for the given session. * * @param[in] session The SSH session. * @@ -342,6 +342,36 @@ const char* ssh_get_cipher_out(ssh_session session) { return NULL; } +/** + * @brief get the name of the input HMAC algorithm for the given session. + * + * @param[in] session The SSH session. + * + * @return Returns HMAC algorithm name or NULL if unknown. + */ +const char* ssh_get_hmac_in(ssh_session session) { + if ((session != NULL) && + (session->current_crypto != NULL)) { + return ssh_hmac_type_to_string(session->current_crypto->in_hmac); + } + return NULL; +} + +/** + * @brief get the name of the output HMAC algorithm for the given session. + * + * @param[in] session The SSH session. + * + * @return Returns HMAC algorithm name or NULL if unknown. + */ +const char* ssh_get_hmac_out(ssh_session session) { + if ((session != NULL) && + (session->current_crypto != NULL)) { + return ssh_hmac_type_to_string(session->current_crypto->out_hmac); + } + return NULL; +} + /** * @brief Disconnect impolitely from a remote host by closing the socket. * diff --git a/src/wrapper.c b/src/wrapper.c index c8dab5a8..f2f0b6ad 100644 --- a/src/wrapper.c +++ b/src/wrapper.c @@ -78,6 +78,16 @@ size_t hmac_digest_len(enum ssh_hmac_e type) { } } +const char *ssh_hmac_type_to_string(enum ssh_hmac_e hmac_type) +{ + int i = 0; + struct ssh_hmac_struct *ssh_hmactab = ssh_get_hmactab(); + while (ssh_hmactab[i].name && (ssh_hmactab[i].hmac_type != hmac_type)) { + i++; + } + return ssh_hmactab[i].name; +} + /* it allocates a new cipher structure based on its offset into the global table */ static struct ssh_cipher_struct *cipher_new(int offset) { struct ssh_cipher_struct *cipher = NULL;