add -M hmac option

2026-02-14 00:54:43 +08:00 · 2022-12-02 21:13:13 +09:00
parent d646fc1f89
commit 03b857b51a
3 changed files with 22 additions and 5 deletions
--- a/src/main.c
+++ b/src/main.c
@@ -82,7 +82,7 @@ void usage(bool print_help) {
 	       "            [-b sftp_buf_sz] [-B io_buf_sz] \n"
 #endif
 	       "            [-l login_name] [-p port] [-i identity_file]\n"
-	       "            [-c cipher_spec] source ... target\n"
+	       "            [-c cipher_spec] [-M hmac_spec] source ... target\n"
 	       "\n");

 	if (!print_help)
@@ -109,7 +109,8 @@ void usage(bool print_help) {
 	       "    -l LOGIN_NAME      login name\n"
 	       "    -p PORT            port number\n"
 	       "    -i IDENTITY        identity file for public key authentication\n"
-	       "    -c CIPHER          cipher spec, see `ssh -Q cipher`\n"
+	       "    -c CIPHER          cipher spec\n"
+	       "    -M HMAC            hmac spec\n"
 	       "    -C                 enable compression on libssh\n"
 	       "    -H                 disable hostkey check\n"
 	       "    -d                 increment ssh debug output level\n"
@@ -242,7 +243,7 @@ int main(int argc, char **argv)
 	m.nr_threads = (int)(nr_cpus() / 2);
 	m.nr_threads = m.nr_threads == 0 ? 1 : m.nr_threads;

-	while ((ch = getopt(argc, argv, "n:m:s:S:b:B:a:vqDl:p:i:c:CHdh")) != -1) {
+	while ((ch = getopt(argc, argv, "n:m:s:S:b:B:a:vqDl:p:i:c:M:CHdh")) != -1) {
 		switch (ch) {
 		case 'n':
 			m.nr_threads = atoi(optarg);
@@ -326,6 +327,9 @@ int main(int argc, char **argv)
 		case 'c':
 			opts.cipher = optarg;
 			break;
+		case 'M':
+			opts.hmac = optarg;
+			break;
 		case 'C':
 			opts.compress++;
 			break;
--- a/src/ssh.c
+++ b/src/ssh.c
@@ -32,11 +32,23 @@ static int ssh_set_opts(ssh_session ssh, struct ssh_opts *opts)

 	if (opts->cipher) {
 		if (ssh_options_set(ssh, SSH_OPTIONS_CIPHERS_C_S, opts->cipher) < 0) {
-			pr_err("failed to set cipher client to server\n");
+			pr_err("failed to set cipher for client to server\n");
 			return -1;
 		}
 		if (ssh_options_set(ssh, SSH_OPTIONS_CIPHERS_S_C, opts->cipher) < 0) {
-			pr_err("failed to set cipher client to server\n");
+			pr_err("failed to set cipher for server to client\n");
+			return -1;
+		}
+	}
+
+	if (opts->hmac) {
+		pr_warn("%s\n", opts->hmac);
+		if (ssh_options_set(ssh, SSH_OPTIONS_HMAC_C_S, opts->hmac) < 0) {
+			pr_err("failed to set hmac for client to server\n");
+			return -1;
+		}
+		if (ssh_options_set(ssh, SSH_OPTIONS_HMAC_S_C, opts->hmac) < 0) {
+			pr_err("failed to set hmac for server to client\n");
 			return -1;
 		}
 	}
--- a/src/ssh.h
+++ b/src/ssh.h
@@ -11,6 +11,7 @@ struct ssh_opts {
 	char    *port;			/* -p */
 	char    *identity;		/* -i */
 	char    *cipher;		/* -c */
+	char	*hmac;			/* -M */
 	int     compress;		/* -C */
 	int     debuglevel;		/* -v */
 	bool	no_hostkey_check;	/* -H */