version 1.7, 2021/04/03 06:18:40 |
version 1.8, 2021/12/19 22:08:06 |
|
|
kex->hostkey_alg, ssh->compat, NULL)) != 0) |
kex->hostkey_alg, ssh->compat, NULL)) != 0) |
goto out; |
goto out; |
|
|
if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0) |
if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) != 0 || |
r = kex_send_newkeys(ssh); |
(r = kex_send_newkeys(ssh)) != 0) |
|
goto out; |
|
|
|
/* save initial signature and hostkey */ |
|
if ((kex->flags & KEX_INITIAL) != 0) { |
|
if (kex->initial_hostkey != NULL || kex->initial_sig != NULL) { |
|
r = SSH_ERR_INTERNAL_ERROR; |
|
goto out; |
|
} |
|
if ((kex->initial_sig = sshbuf_new()) == NULL) { |
|
r = SSH_ERR_ALLOC_FAIL; |
|
goto out; |
|
} |
|
if ((r = sshbuf_put(kex->initial_sig, signature, slen)) != 0) |
|
goto out; |
|
kex->initial_hostkey = server_host_key; |
|
server_host_key = NULL; |
|
} |
|
/* success */ |
out: |
out: |
explicit_bzero(hash, sizeof(hash)); |
explicit_bzero(hash, sizeof(hash)); |
explicit_bzero(kex->c25519_client_key, sizeof(kex->c25519_client_key)); |
explicit_bzero(kex->c25519_client_key, sizeof(kex->c25519_client_key)); |
|
|
(r = sshpkt_send(ssh)) != 0) |
(r = sshpkt_send(ssh)) != 0) |
goto out; |
goto out; |
|
|
if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) == 0) |
if ((r = kex_derive_keys(ssh, hash, hashlen, shared_secret)) != 0 || |
r = kex_send_newkeys(ssh); |
(r = kex_send_newkeys(ssh)) != 0) |
|
goto out; |
|
/* retain copy of hostkey used at initial KEX */ |
|
if (kex->initial_hostkey == NULL && |
|
(r = sshkey_from_private(server_host_public, |
|
&kex->initial_hostkey)) != 0) |
|
goto out; |
|
/* success */ |
out: |
out: |
explicit_bzero(hash, sizeof(hash)); |
explicit_bzero(hash, sizeof(hash)); |
sshbuf_free(server_host_key_blob); |
sshbuf_free(server_host_key_blob); |