options for disabling "normal" DH

author: Matt Johnston <matt@ucc.asn.au> 2016-05-02 23:48:16 +0200
committer: Matt Johnston <matt@ucc.asn.au> 2016-05-02 23:48:16 +0200
commit: d6daad29fcfc20295473bf7e6a96f3016282e9e6 (patch)
tree: 5ac3e533fca2a1141509e16de6f73e2905e45e23 /svr-kex.c
parent: 4664ce2c35e69ff79949eff178be1720bf288ddc (diff)
1 files changed, 13 insertions, 5 deletions
diff --git a/svr-kex.c b/svr-kex.c
index f3828aa..dae0212 100644
--- a/svr-kex.c
+++ b/svr-kex.c
@@ -54,18 +54,24 @@ void recv_msg_kexdh_init() {
 	}
 
 	switch (ses.newkeys->algo_kex->mode) {
+#if DROPBEAR_NORMAL_DH
 		case DROPBEAR_KEX_NORMAL_DH:
 			m_mp_init(&dh_e);
 			if (buf_getmpint(ses.payload, &dh_e) != DROPBEAR_SUCCESS) {
 				dropbear_exit("Bad kex value");
 			}
 			break;
+#endif
+#ifdef DROPBEAR_ECDH
 		case DROPBEAR_KEX_ECDH:
+#endif
+#ifdef DROPBEAR_CURVE25519
 		case DROPBEAR_KEX_CURVE25519:
+#endif
 #if defined(DROPBEAR_ECDH) || defined(DROPBEAR_CURVE25519)
 			ecdh_qs = buf_getstringbuf(ses.payload);
-#endif
 			break;
+#endif
 	}
 	if (ses.payload->pos != ses.payload->len) {
 		dropbear_exit("Bad kex value");
@@ -221,6 +227,7 @@ static void send_msg_kexdh_reply(mp_int *dh_e, buffer *ecdh_qs) {
 			ses.newkeys->algo_hostkey);
 
 	switch (ses.newkeys->algo_kex->mode) {
+#ifdef DROPBEAR_NORMAL_DH
 		case DROPBEAR_KEX_NORMAL_DH:
 			{
 			struct kex_dh_param * dh_param = gen_kexdh_param();
@@ -231,8 +238,9 @@ static void send_msg_kexdh_reply(mp_int *dh_e, buffer *ecdh_qs) {
 			free_kexdh_param(dh_param);
 			}
 			break;
-		case DROPBEAR_KEX_ECDH:
+#endif
 #ifdef DROPBEAR_ECDH
+		case DROPBEAR_KEX_ECDH:
 			{
 			struct kex_ecdh_param *ecdh_param = gen_kexecdh_param();
 			kexecdh_comb_key(ecdh_param, ecdh_qs, svr_opts.hostkey);
@@ -240,18 +248,18 @@ static void send_msg_kexdh_reply(mp_int *dh_e, buffer *ecdh_qs) {
 			buf_put_ecc_raw_pubkey_string(ses.writepayload, &ecdh_param->key);
 			free_kexecdh_param(ecdh_param);
 			}
-#endif
 			break;
-		case DROPBEAR_KEX_CURVE25519:
+#endif
 #ifdef DROPBEAR_CURVE25519
+		case DROPBEAR_KEX_CURVE25519:
 			{
 			struct kex_curve25519_param *param = gen_kexcurve25519_param();
 			kexcurve25519_comb_key(param, ecdh_qs, svr_opts.hostkey);
 			buf_putstring(ses.writepayload, (const char*)param->pub, CURVE25519_LEN);
 			free_kexcurve25519_param(param);
 			}
-#endif
 			break;
+#endif
 	}
 
 	/* calc the signature */
author	Matt Johnston <matt@ucc.asn.au>	2016-05-02 23:48:16 +0200
committer	Matt Johnston <matt@ucc.asn.au>	2016-05-02 23:48:16 +0200
commit	d6daad29fcfc20295473bf7e6a96f3016282e9e6 (patch)
tree	5ac3e533fca2a1141509e16de6f73e2905e45e23 /svr-kex.c
parent	4664ce2c35e69ff79949eff178be1720bf288ddc (diff)