1 /*
2 * ProFTPD - mod_sftp session
3 * Copyright (c) 2008-2016 TJ Saunders
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin Street, Suite 500, Boston, MA 02110-1335, USA.
18 *
19 * As a special exemption, TJ Saunders and other respective copyright holders
20 * give permission to link this program with OpenSSL, and distribute the
21 * resulting executable, without including the source code for OpenSSL in the
22 * source distribution.
23 */
24
25 #include "mod_sftp.h"
26 #include "session.h"
27
28 static unsigned char *session_id = NULL;
29 static uint32_t session_idlen = 0;
30
sftp_session_get_id(const unsigned char ** buf)31 uint32_t sftp_session_get_id(const unsigned char **buf) {
32 if (session_id) {
33 *buf = session_id;
34 return session_idlen;
35 }
36
37 return 0;
38 }
39
sftp_session_set_id(const unsigned char * hash,uint32_t hashlen)40 int sftp_session_set_id(const unsigned char *hash, uint32_t hashlen) {
41 /* The session ID is only set once, regardless of how many times
42 * (re)keying occurs during the course of a session.
43 */
44
45 if (session_id == NULL) {
46 session_id = palloc(sftp_pool, hashlen);
47 memcpy(session_id, hash, hashlen);
48 session_idlen = hashlen;
49
50 #if OPENSSL_VERSION_NUMBER >= 0x000905000L
51 /* Since the session ID contains unknown information from the client,
52 * it can be used as a source of additional entropy. The amount
53 * of entropy is a rough guess.
54 */
55 RAND_add(hash, hashlen, hashlen * 0.5);
56 #endif
57
58 return 0;
59 }
60
61 return -1;
62 }
63