version 1.33.2.2, 2002/03/09 00:20:44 |
version 1.33.2.3, 2002/06/02 22:56:10 |
|
|
#include "mac.h" |
#include "mac.h" |
#include "match.h" |
#include "match.h" |
#include "dispatch.h" |
#include "dispatch.h" |
|
#include "monitor.h" |
|
|
#define KEX_COOKIE_LEN 16 |
#define KEX_COOKIE_LEN 16 |
|
|
|
/* Use privilege separation for sshd */ |
|
int use_privsep; |
|
struct monitor *pmonitor; |
|
|
|
|
/* prototype */ |
/* prototype */ |
static void kex_kexinit_finish(Kex *); |
static void kex_kexinit_finish(Kex *); |
static void kex_choose_conf(Kex *); |
static void kex_choose_conf(Kex *); |
|
|
static void |
static void |
kex_prop2buf(Buffer *b, char *proposal[PROPOSAL_MAX]) |
kex_prop2buf(Buffer *b, char *proposal[PROPOSAL_MAX]) |
{ |
{ |
u_int32_t rand = 0; |
|
int i; |
int i; |
|
|
buffer_clear(b); |
buffer_clear(b); |
for (i = 0; i < KEX_COOKIE_LEN; i++) { |
/* |
if (i % 4 == 0) |
* add a dummy cookie, the cookie will be overwritten by |
rand = arc4random(); |
* kex_send_kexinit(), each time a kexinit is set |
buffer_put_char(b, rand & 0xff); |
*/ |
rand >>= 8; |
for (i = 0; i < KEX_COOKIE_LEN; i++) |
} |
buffer_put_char(b, 0); |
for (i = 0; i < PROPOSAL_MAX; i++) |
for (i = 0; i < PROPOSAL_MAX; i++) |
buffer_put_cstring(b, proposal[i]); |
buffer_put_cstring(b, proposal[i]); |
buffer_put_char(b, 0); /* first_kex_packet_follows */ |
buffer_put_char(b, 0); /* first_kex_packet_follows */ |
|
|
void |
void |
kex_send_kexinit(Kex *kex) |
kex_send_kexinit(Kex *kex) |
{ |
{ |
|
u_int32_t rand = 0; |
|
u_char *cookie; |
|
int i; |
|
|
if (kex == NULL) { |
if (kex == NULL) { |
error("kex_send_kexinit: no kex, cannot rekey"); |
error("kex_send_kexinit: no kex, cannot rekey"); |
return; |
return; |
|
|
return; |
return; |
} |
} |
kex->done = 0; |
kex->done = 0; |
|
|
|
/* generate a random cookie */ |
|
if (buffer_len(&kex->my) < KEX_COOKIE_LEN) |
|
fatal("kex_send_kexinit: kex proposal too short"); |
|
cookie = buffer_ptr(&kex->my); |
|
for (i = 0; i < KEX_COOKIE_LEN; i++) { |
|
if (i % 4 == 0) |
|
rand = arc4random(); |
|
cookie[i] = rand; |
|
rand >>= 8; |
|
} |
packet_start(SSH2_MSG_KEXINIT); |
packet_start(SSH2_MSG_KEXINIT); |
packet_put_raw(buffer_ptr(&kex->my), buffer_len(&kex->my)); |
packet_put_raw(buffer_ptr(&kex->my), buffer_len(&kex->my)); |
packet_send(); |
packet_send(); |