version 1.65.2.1, 2006/09/30 04:06:50 |
version 1.66, 2006/03/07 09:07:40 |
|
|
/* $OpenBSD$ */ |
|
/* |
/* |
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
* |
* |
|
|
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
*/ |
*/ |
|
|
#include <sys/param.h> |
#include "includes.h" |
|
RCSID("$OpenBSD$"); |
|
|
#include <signal.h> |
|
#include <stdio.h> |
|
#include <stdlib.h> |
|
#include <string.h> |
|
|
|
#include <openssl/crypto.h> |
#include <openssl/crypto.h> |
|
|
#include "xmalloc.h" |
|
#include "ssh2.h" |
#include "ssh2.h" |
|
#include "xmalloc.h" |
#include "buffer.h" |
#include "buffer.h" |
|
#include "bufaux.h" |
#include "packet.h" |
#include "packet.h" |
#include "compat.h" |
#include "compat.h" |
#include "cipher.h" |
#include "cipher.h" |
#include "key.h" |
|
#include "kex.h" |
#include "kex.h" |
|
#include "key.h" |
#include "log.h" |
#include "log.h" |
#include "mac.h" |
#include "mac.h" |
#include "match.h" |
#include "match.h" |
|
|
int i; |
int i; |
char **proposal; |
char **proposal; |
|
|
proposal = xcalloc(PROPOSAL_MAX, sizeof(char *)); |
proposal = xmalloc(PROPOSAL_MAX * sizeof(char *)); |
|
|
buffer_init(&b); |
buffer_init(&b); |
buffer_append(&b, buffer_ptr(raw), buffer_len(raw)); |
buffer_append(&b, buffer_ptr(raw), buffer_len(raw)); |
|
|
{ |
{ |
Kex *kex; |
Kex *kex; |
|
|
kex = xcalloc(1, sizeof(*kex)); |
kex = xmalloc(sizeof(*kex)); |
|
memset(kex, 0, sizeof(*kex)); |
buffer_init(&kex->peer); |
buffer_init(&kex->peer); |
buffer_init(&kex->my); |
buffer_init(&kex->my); |
kex_prop2buf(&kex->my, proposal); |
kex_prop2buf(&kex->my, proposal); |
|
|
enc->key_len = cipher_keylen(enc->cipher); |
enc->key_len = cipher_keylen(enc->cipher); |
enc->block_size = cipher_blocksize(enc->cipher); |
enc->block_size = cipher_blocksize(enc->cipher); |
} |
} |
|
|
static void |
static void |
choose_mac(Mac *mac, char *client, char *server) |
choose_mac(Mac *mac, char *client, char *server) |
{ |
{ |
|
|
mac->key = NULL; |
mac->key = NULL; |
mac->enabled = 0; |
mac->enabled = 0; |
} |
} |
|
|
static void |
static void |
choose_comp(Comp *comp, char *client, char *server) |
choose_comp(Comp *comp, char *client, char *server) |
{ |
{ |
|
|
} |
} |
comp->name = name; |
comp->name = name; |
} |
} |
|
|
static void |
static void |
choose_kex(Kex *k, char *client, char *server) |
choose_kex(Kex *k, char *client, char *server) |
{ |
{ |
|
|
|
|
/* Algorithm Negotiation */ |
/* Algorithm Negotiation */ |
for (mode = 0; mode < MODE_MAX; mode++) { |
for (mode = 0; mode < MODE_MAX; mode++) { |
newkeys = xcalloc(1, sizeof(*newkeys)); |
newkeys = xmalloc(sizeof(*newkeys)); |
|
memset(newkeys, 0, sizeof(*newkeys)); |
kex->newkeys[mode] = newkeys; |
kex->newkeys[mode] = newkeys; |
ctos = (!kex->server && mode == MODE_OUT) || (kex->server && mode == MODE_IN); |
ctos = (!kex->server && mode == MODE_OUT) || (kex->server && mode == MODE_IN); |
nenc = ctos ? PROPOSAL_ENC_ALGS_CTOS : PROPOSAL_ENC_ALGS_STOC; |
nenc = ctos ? PROPOSAL_ENC_ALGS_CTOS : PROPOSAL_ENC_ALGS_STOC; |
|
|
|
|
if ((mdsz = EVP_MD_size(kex->evp_md)) <= 0) |
if ((mdsz = EVP_MD_size(kex->evp_md)) <= 0) |
fatal("bad kex md size %d", mdsz); |
fatal("bad kex md size %d", mdsz); |
digest = xmalloc(roundup(need, mdsz)); |
digest = xmalloc(roundup(need, mdsz)); |
|
|
buffer_init(&b); |
buffer_init(&b); |
buffer_put_bignum2(&b, shared_secret); |
buffer_put_bignum2(&b, shared_secret); |
|
|
for (mode = 0; mode < MODE_MAX; mode++) { |
for (mode = 0; mode < MODE_MAX; mode++) { |
current_keys[mode] = kex->newkeys[mode]; |
current_keys[mode] = kex->newkeys[mode]; |
kex->newkeys[mode] = NULL; |
kex->newkeys[mode] = NULL; |
ctos = (!kex->server && mode == MODE_OUT) || |
ctos = (!kex->server && mode == MODE_OUT) || (kex->server && mode == MODE_IN); |
(kex->server && mode == MODE_IN); |
|
current_keys[mode]->enc.iv = keys[ctos ? 0 : 1]; |
current_keys[mode]->enc.iv = keys[ctos ? 0 : 1]; |
current_keys[mode]->enc.key = keys[ctos ? 2 : 3]; |
current_keys[mode]->enc.key = keys[ctos ? 2 : 3]; |
current_keys[mode]->mac.key = keys[ctos ? 4 : 5]; |
current_keys[mode]->mac.key = keys[ctos ? 4 : 5]; |