From d6daad29fcfc20295473bf7e6a96f3016282e9e6 Mon Sep 17 00:00:00 2001
From: Matt Johnston <matt@ucc.asn.au>
Date: Mon, 2 May 2016 23:48:16 +0200
Subject: options for disabling "normal" DH

---
 svr-kex.c | 18 +++++++++++++-----
 1 file changed, 13 insertions(+), 5 deletions(-)

(limited to 'svr-kex.c')

diff --git a/svr-kex.c b/svr-kex.c
index f3828aa..dae0212 100644
--- a/svr-kex.c
+++ b/svr-kex.c
@@ -54,18 +54,24 @@ void recv_msg_kexdh_init() {
 	}
 
 	switch (ses.newkeys->algo_kex->mode) {
+#if DROPBEAR_NORMAL_DH
 		case DROPBEAR_KEX_NORMAL_DH:
 			m_mp_init(&dh_e);
 			if (buf_getmpint(ses.payload, &dh_e) != DROPBEAR_SUCCESS) {
 				dropbear_exit("Bad kex value");
 			}
 			break;
+#endif
+#ifdef DROPBEAR_ECDH
 		case DROPBEAR_KEX_ECDH:
+#endif
+#ifdef DROPBEAR_CURVE25519
 		case DROPBEAR_KEX_CURVE25519:
+#endif
 #if defined(DROPBEAR_ECDH) || defined(DROPBEAR_CURVE25519)
 			ecdh_qs = buf_getstringbuf(ses.payload);
-#endif
 			break;
+#endif
 	}
 	if (ses.payload->pos != ses.payload->len) {
 		dropbear_exit("Bad kex value");
@@ -221,6 +227,7 @@ static void send_msg_kexdh_reply(mp_int *dh_e, buffer *ecdh_qs) {
 			ses.newkeys->algo_hostkey);
 
 	switch (ses.newkeys->algo_kex->mode) {
+#ifdef DROPBEAR_NORMAL_DH
 		case DROPBEAR_KEX_NORMAL_DH:
 			{
 			struct kex_dh_param * dh_param = gen_kexdh_param();
@@ -231,8 +238,9 @@ static void send_msg_kexdh_reply(mp_int *dh_e, buffer *ecdh_qs) {
 			free_kexdh_param(dh_param);
 			}
 			break;
-		case DROPBEAR_KEX_ECDH:
+#endif
 #ifdef DROPBEAR_ECDH
+		case DROPBEAR_KEX_ECDH:
 			{
 			struct kex_ecdh_param *ecdh_param = gen_kexecdh_param();
 			kexecdh_comb_key(ecdh_param, ecdh_qs, svr_opts.hostkey);
@@ -240,18 +248,18 @@ static void send_msg_kexdh_reply(mp_int *dh_e, buffer *ecdh_qs) {
 			buf_put_ecc_raw_pubkey_string(ses.writepayload, &ecdh_param->key);
 			free_kexecdh_param(ecdh_param);
 			}
-#endif
 			break;
-		case DROPBEAR_KEX_CURVE25519:
+#endif
 #ifdef DROPBEAR_CURVE25519
+		case DROPBEAR_KEX_CURVE25519:
 			{
 			struct kex_curve25519_param *param = gen_kexcurve25519_param();
 			kexcurve25519_comb_key(param, ecdh_qs, svr_opts.hostkey);
 			buf_putstring(ses.writepayload, (const char*)param->pub, CURVE25519_LEN);
 			free_kexcurve25519_param(param);
 			}
-#endif
 			break;
+#endif
 	}
 
 	/* calc the signature */
-- 
cgit v1.2.3