=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/kex.c,v retrieving revision 1.33.2.3 retrieving revision 1.34 diff -u -r1.33.2.3 -r1.34 --- src/usr.bin/ssh/kex.c 2002/06/02 22:56:10 1.33.2.3 +++ src/usr.bin/ssh/kex.c 2001/04/30 15:50:46 1.34 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. + * Copyright (c) 2000 Markus Friedl. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: kex.c,v 1.33.2.3 2002/06/02 22:56:10 miod Exp $"); +RCSID("$OpenBSD: kex.c,v 1.34 2001/04/30 15:50:46 markus Exp $"); #include @@ -40,32 +40,26 @@ #include "mac.h" #include "match.h" #include "dispatch.h" -#include "monitor.h" #define KEX_COOKIE_LEN 16 -/* Use privilege separation for sshd */ -int use_privsep; -struct monitor *pmonitor; +void kex_kexinit_finish(Kex *kex); +void kex_choose_conf(Kex *k); - -/* prototype */ -static void kex_kexinit_finish(Kex *); -static void kex_choose_conf(Kex *); - /* put algorithm proposal into buffer */ -static void +void kex_prop2buf(Buffer *b, char *proposal[PROPOSAL_MAX]) { + u_int32_t rand = 0; int i; buffer_clear(b); - /* - * add a dummy cookie, the cookie will be overwritten by - * kex_send_kexinit(), each time a kexinit is set - */ - for (i = 0; i < KEX_COOKIE_LEN; i++) - buffer_put_char(b, 0); + for (i = 0; i < KEX_COOKIE_LEN; i++) { + if (i % 4 == 0) + rand = arc4random(); + buffer_put_char(b, rand & 0xff); + rand >>= 8; + } for (i = 0; i < PROPOSAL_MAX; i++) buffer_put_cstring(b, proposal[i]); buffer_put_char(b, 0); /* first_kex_packet_follows */ @@ -73,7 +67,7 @@ } /* parse buffer and return algorithm proposal */ -static char ** +char ** kex_buf2prop(Buffer *raw) { Buffer b; @@ -101,7 +95,7 @@ return proposal; } -static void +void kex_prop_free(char **proposal) { int i; @@ -111,33 +105,36 @@ xfree(proposal); } -static void -kex_protocol_error(int type, u_int32_t seq, void *ctxt) +void +kex_protocol_error(int type, int plen, void *ctxt) { - error("Hm, kex protocol error: type %d seq %u", type, seq); + error("Hm, kex protocol error: type %d plen %d", type, plen); } -static void -kex_reset_dispatch(void) +void +kex_clear_dispatch(void) { - dispatch_range(SSH2_MSG_TRANSPORT_MIN, - SSH2_MSG_TRANSPORT_MAX, &kex_protocol_error); - dispatch_set(SSH2_MSG_KEXINIT, &kex_input_kexinit); + int i; + + /* Numbers 30-49 are used for kex packets */ + for (i = 30; i <= 49; i++) + dispatch_set(i, &kex_protocol_error); } void kex_finish(Kex *kex) { - kex_reset_dispatch(); + int plen; + kex_clear_dispatch(); + packet_start(SSH2_MSG_NEWKEYS); packet_send(); /* packet_write_wait(); */ debug("SSH2_MSG_NEWKEYS sent"); debug("waiting for SSH2_MSG_NEWKEYS"); - packet_read_expect(SSH2_MSG_NEWKEYS); - packet_check_eom(); + packet_read_expect(&plen, SSH2_MSG_NEWKEYS); debug("SSH2_MSG_NEWKEYS received"); kex->done = 1; @@ -151,10 +148,6 @@ void kex_send_kexinit(Kex *kex) { - u_int32_t rand = 0; - u_char *cookie; - int i; - if (kex == NULL) { error("kex_send_kexinit: no kex, cannot rekey"); return; @@ -164,17 +157,6 @@ return; } kex->done = 0; - - /* generate a random cookie */ - if (buffer_len(&kex->my) < KEX_COOKIE_LEN) - fatal("kex_send_kexinit: kex proposal too short"); - cookie = buffer_ptr(&kex->my); - for (i = 0; i < KEX_COOKIE_LEN; i++) { - if (i % 4 == 0) - rand = arc4random(); - cookie[i] = rand; - rand >>= 8; - } packet_start(SSH2_MSG_KEXINIT); packet_put_raw(buffer_ptr(&kex->my), buffer_len(&kex->my)); packet_send(); @@ -183,7 +165,7 @@ } void -kex_input_kexinit(int type, u_int32_t seq, void *ctxt) +kex_input_kexinit(int type, int plen, void *ctxt) { char *ptr; int dlen; @@ -204,7 +186,7 @@ xfree(packet_get_string(NULL)); packet_get_char(); packet_get_int(); - packet_check_eom(); + packet_done(); kex_kexinit_finish(kex); } @@ -222,12 +204,13 @@ kex->done = 0; kex_send_kexinit(kex); /* we start */ - kex_reset_dispatch(); + kex_clear_dispatch(); + dispatch_set(SSH2_MSG_KEXINIT, &kex_input_kexinit); return kex; } -static void +void kex_kexinit_finish(Kex *kex) { if (!(kex->flags & KEX_INIT_SENT)) @@ -235,7 +218,7 @@ kex_choose_conf(kex); - switch (kex->kex_type) { + switch(kex->kex_type) { case DH_GRP1_SHA1: kexdh(kex); break; @@ -247,22 +230,21 @@ } } -static void +void choose_enc(Enc *enc, char *client, char *server) { char *name = match_list(client, server, NULL); if (name == NULL) fatal("no matching cipher found: client %s server %s", client, server); - if ((enc->cipher = cipher_by_name(name)) == NULL) + enc->cipher = cipher_by_name(name); + if (enc->cipher == NULL) fatal("matching cipher is not supported: %s", name); enc->name = name; enc->enabled = 0; enc->iv = NULL; enc->key = NULL; - enc->key_len = cipher_keylen(enc->cipher); - enc->block_size = cipher_blocksize(enc->cipher); } -static void +void choose_mac(Mac *mac, char *client, char *server) { char *name = match_list(client, server, NULL); @@ -277,7 +259,7 @@ mac->key = NULL; mac->enabled = 0; } -static void +void choose_comp(Comp *comp, char *client, char *server) { char *name = match_list(client, server, NULL); @@ -292,7 +274,7 @@ } comp->name = name; } -static void +void choose_kex(Kex *k, char *client, char *server) { k->name = match_list(client, server, NULL); @@ -305,7 +287,7 @@ } else fatal("bad kex alg %s", k->name); } -static void +void choose_hostkeyalg(Kex *k, char *client, char *server) { char *hostkeyalg = match_list(client, server, NULL); @@ -317,7 +299,7 @@ xfree(hostkeyalg); } -static void +void kex_choose_conf(Kex *kex) { Newkeys *newkeys; @@ -363,10 +345,10 @@ need = 0; for (mode = 0; mode < MODE_MAX; mode++) { newkeys = kex->newkeys[mode]; - if (need < newkeys->enc.key_len) - need = newkeys->enc.key_len; - if (need < newkeys->enc.block_size) - need = newkeys->enc.block_size; + if (need < newkeys->enc.cipher->key_len) + need = newkeys->enc.cipher->key_len; + if (need < newkeys->enc.cipher->block_size) + need = newkeys->enc.cipher->block_size; if (need < newkeys->mac.key_len) need = newkeys->mac.key_len; } @@ -377,15 +359,15 @@ kex_prop_free(peer); } -static u_char * +u_char * derive_key(Kex *kex, int id, int need, u_char *hash, BIGNUM *shared_secret) { Buffer b; - const EVP_MD *evp_md = EVP_sha1(); + EVP_MD *evp_md = EVP_sha1(); EVP_MD_CTX md; char c = id; int have; - int mdsz = EVP_MD_size(evp_md); + int mdsz = evp_md->md_size; u_char *digest = xmalloc(roundup(need, mdsz)); buffer_init(&b); @@ -461,7 +443,7 @@ int i; fprintf(stderr, "%s\n", msg); - for (i = 0; i< len; i++) { + for (i = 0; i< len; i++){ fprintf(stderr, "%02x", digest[i]); if (i%32 == 31) fprintf(stderr, "\n");