=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/kex.c,v retrieving revision 1.12.2.4 retrieving revision 1.12.2.5 diff -u -r1.12.2.4 -r1.12.2.5 --- src/usr.bin/ssh/kex.c 2001/05/07 21:09:30 1.12.2.4 +++ src/usr.bin/ssh/kex.c 2001/09/27 00:15:42 1.12.2.5 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000 Markus Friedl. All rights reserved. + * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: kex.c,v 1.12.2.4 2001/05/07 21:09:30 jason Exp $"); +RCSID("$OpenBSD: kex.c,v 1.12.2.5 2001/09/27 00:15:42 miod Exp $"); #include @@ -43,11 +43,12 @@ #define KEX_COOKIE_LEN 16 -void kex_kexinit_finish(Kex *kex); -void kex_choose_conf(Kex *k); +/* prototype */ +static void kex_kexinit_finish(Kex *); +static void kex_choose_conf(Kex *); /* put algorithm proposal into buffer */ -void +static void kex_prop2buf(Buffer *b, char *proposal[PROPOSAL_MAX]) { u_int32_t rand = 0; @@ -67,7 +68,7 @@ } /* parse buffer and return algorithm proposal */ -char ** +static char ** kex_buf2prop(Buffer *raw) { Buffer b; @@ -95,7 +96,7 @@ return proposal; } -void +static void kex_prop_free(char **proposal) { int i; @@ -105,13 +106,13 @@ xfree(proposal); } -void +static void kex_protocol_error(int type, int plen, void *ctxt) { error("Hm, kex protocol error: type %d plen %d", type, plen); } -void +static void kex_clear_dispatch(void) { int i; @@ -210,7 +211,7 @@ return kex; } -void +static void kex_kexinit_finish(Kex *kex) { if (!(kex->flags & KEX_INIT_SENT)) @@ -230,7 +231,7 @@ } } -void +static void choose_enc(Enc *enc, char *client, char *server) { char *name = match_list(client, server, NULL); @@ -244,7 +245,7 @@ enc->iv = NULL; enc->key = NULL; } -void +static void choose_mac(Mac *mac, char *client, char *server) { char *name = match_list(client, server, NULL); @@ -259,7 +260,7 @@ mac->key = NULL; mac->enabled = 0; } -void +static void choose_comp(Comp *comp, char *client, char *server) { char *name = match_list(client, server, NULL); @@ -274,7 +275,7 @@ } comp->name = name; } -void +static void choose_kex(Kex *k, char *client, char *server) { k->name = match_list(client, server, NULL); @@ -287,7 +288,7 @@ } else fatal("bad kex alg %s", k->name); } -void +static void choose_hostkeyalg(Kex *k, char *client, char *server) { char *hostkeyalg = match_list(client, server, NULL); @@ -299,7 +300,7 @@ xfree(hostkeyalg); } -void +static void kex_choose_conf(Kex *kex) { Newkeys *newkeys; @@ -359,7 +360,7 @@ kex_prop_free(peer); } -u_char * +static u_char * derive_key(Kex *kex, int id, int need, u_char *hash, BIGNUM *shared_secret) { Buffer b; @@ -375,7 +376,8 @@ /* K1 = HASH(K || H || "A" || session_id) */ EVP_DigestInit(&md, evp_md); - EVP_DigestUpdate(&md, buffer_ptr(&b), buffer_len(&b)); + if (!(datafellows & SSH_BUG_DERIVEKEY)) + EVP_DigestUpdate(&md, buffer_ptr(&b), buffer_len(&b)); EVP_DigestUpdate(&md, hash, mdsz); EVP_DigestUpdate(&md, &c, 1); EVP_DigestUpdate(&md, kex->session_id, kex->session_id_len); @@ -388,7 +390,8 @@ */ for (have = mdsz; need > have; have += mdsz) { EVP_DigestInit(&md, evp_md); - EVP_DigestUpdate(&md, buffer_ptr(&b), buffer_len(&b)); + if (!(datafellows & SSH_BUG_DERIVEKEY)) + EVP_DigestUpdate(&md, buffer_ptr(&b), buffer_len(&b)); EVP_DigestUpdate(&md, hash, mdsz); EVP_DigestUpdate(&md, digest, have); EVP_DigestFinal(&md, digest + have, NULL);