| version 1.33.2.1, 2001/09/27 19:03:54 |
version 1.33.2.2, 2002/03/09 00:20:44 |
|
|
| } |
} |
| |
|
| static void |
static void |
| kex_protocol_error(int type, int plen, void *ctxt) |
kex_protocol_error(int type, u_int32_t seq, void *ctxt) |
| { |
{ |
| error("Hm, kex protocol error: type %d plen %d", type, plen); |
error("Hm, kex protocol error: type %d seq %u", type, seq); |
| } |
} |
| |
|
| static void |
static void |
| kex_clear_dispatch(void) |
kex_reset_dispatch(void) |
| { |
{ |
| int i; |
dispatch_range(SSH2_MSG_TRANSPORT_MIN, |
| |
SSH2_MSG_TRANSPORT_MAX, &kex_protocol_error); |
| /* Numbers 30-49 are used for kex packets */ |
dispatch_set(SSH2_MSG_KEXINIT, &kex_input_kexinit); |
| for (i = 30; i <= 49; i++) |
|
| dispatch_set(i, &kex_protocol_error); |
|
| } |
} |
| |
|
| void |
void |
| kex_finish(Kex *kex) |
kex_finish(Kex *kex) |
| { |
{ |
| int plen; |
kex_reset_dispatch(); |
| |
|
| kex_clear_dispatch(); |
|
| |
|
| packet_start(SSH2_MSG_NEWKEYS); |
packet_start(SSH2_MSG_NEWKEYS); |
| packet_send(); |
packet_send(); |
| /* packet_write_wait(); */ |
/* packet_write_wait(); */ |
| debug("SSH2_MSG_NEWKEYS sent"); |
debug("SSH2_MSG_NEWKEYS sent"); |
| |
|
| debug("waiting for SSH2_MSG_NEWKEYS"); |
debug("waiting for SSH2_MSG_NEWKEYS"); |
| packet_read_expect(&plen, SSH2_MSG_NEWKEYS); |
packet_read_expect(SSH2_MSG_NEWKEYS); |
| |
packet_check_eom(); |
| debug("SSH2_MSG_NEWKEYS received"); |
debug("SSH2_MSG_NEWKEYS received"); |
| |
|
| kex->done = 1; |
kex->done = 1; |
|
|
| } |
} |
| |
|
| void |
void |
| kex_input_kexinit(int type, int plen, void *ctxt) |
kex_input_kexinit(int type, u_int32_t seq, void *ctxt) |
| { |
{ |
| char *ptr; |
char *ptr; |
| int dlen; |
int dlen; |
|
|
| xfree(packet_get_string(NULL)); |
xfree(packet_get_string(NULL)); |
| packet_get_char(); |
packet_get_char(); |
| packet_get_int(); |
packet_get_int(); |
| packet_done(); |
packet_check_eom(); |
| |
|
| kex_kexinit_finish(kex); |
kex_kexinit_finish(kex); |
| } |
} |
|
|
| kex->done = 0; |
kex->done = 0; |
| |
|
| kex_send_kexinit(kex); /* we start */ |
kex_send_kexinit(kex); /* we start */ |
| kex_clear_dispatch(); |
kex_reset_dispatch(); |
| dispatch_set(SSH2_MSG_KEXINIT, &kex_input_kexinit); |
|
| |
|
| return kex; |
return kex; |
| } |
} |
|
|
| |
|
| kex_choose_conf(kex); |
kex_choose_conf(kex); |
| |
|
| switch(kex->kex_type) { |
switch (kex->kex_type) { |
| case DH_GRP1_SHA1: |
case DH_GRP1_SHA1: |
| kexdh(kex); |
kexdh(kex); |
| break; |
break; |
|
|
| char *name = match_list(client, server, NULL); |
char *name = match_list(client, server, NULL); |
| if (name == NULL) |
if (name == NULL) |
| fatal("no matching cipher found: client %s server %s", client, server); |
fatal("no matching cipher found: client %s server %s", client, server); |
| enc->cipher = cipher_by_name(name); |
if ((enc->cipher = cipher_by_name(name)) == NULL) |
| if (enc->cipher == NULL) |
|
| fatal("matching cipher is not supported: %s", name); |
fatal("matching cipher is not supported: %s", name); |
| enc->name = name; |
enc->name = name; |
| enc->enabled = 0; |
enc->enabled = 0; |
| enc->iv = NULL; |
enc->iv = NULL; |
| enc->key = NULL; |
enc->key = NULL; |
| |
enc->key_len = cipher_keylen(enc->cipher); |
| |
enc->block_size = cipher_blocksize(enc->cipher); |
| } |
} |
| static void |
static void |
| choose_mac(Mac *mac, char *client, char *server) |
choose_mac(Mac *mac, char *client, char *server) |
|
|
| need = 0; |
need = 0; |
| for (mode = 0; mode < MODE_MAX; mode++) { |
for (mode = 0; mode < MODE_MAX; mode++) { |
| newkeys = kex->newkeys[mode]; |
newkeys = kex->newkeys[mode]; |
| if (need < newkeys->enc.cipher->key_len) |
if (need < newkeys->enc.key_len) |
| need = newkeys->enc.cipher->key_len; |
need = newkeys->enc.key_len; |
| if (need < newkeys->enc.cipher->block_size) |
if (need < newkeys->enc.block_size) |
| need = newkeys->enc.cipher->block_size; |
need = newkeys->enc.block_size; |
| if (need < newkeys->mac.key_len) |
if (need < newkeys->mac.key_len) |
| need = newkeys->mac.key_len; |
need = newkeys->mac.key_len; |
| } |
} |
|
|
| derive_key(Kex *kex, int id, int need, u_char *hash, BIGNUM *shared_secret) |
derive_key(Kex *kex, int id, int need, u_char *hash, BIGNUM *shared_secret) |
| { |
{ |
| Buffer b; |
Buffer b; |
| EVP_MD *evp_md = EVP_sha1(); |
const EVP_MD *evp_md = EVP_sha1(); |
| EVP_MD_CTX md; |
EVP_MD_CTX md; |
| char c = id; |
char c = id; |
| int have; |
int have; |
| int mdsz = evp_md->md_size; |
int mdsz = EVP_MD_size(evp_md); |
| u_char *digest = xmalloc(roundup(need, mdsz)); |
u_char *digest = xmalloc(roundup(need, mdsz)); |
| |
|
| buffer_init(&b); |
buffer_init(&b); |
|
|
| int i; |
int i; |
| |
|
| fprintf(stderr, "%s\n", msg); |
fprintf(stderr, "%s\n", msg); |
| for (i = 0; i< len; i++){ |
for (i = 0; i< len; i++) { |
| fprintf(stderr, "%02x", digest[i]); |
fprintf(stderr, "%02x", digest[i]); |
| if (i%32 == 31) |
if (i%32 == 31) |
| fprintf(stderr, "\n"); |
fprintf(stderr, "\n"); |
![[BACK]](/icons/back.gif){kind=icon}
Return to kex.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh