version 1.222, 2021/01/27 09:26:54 |
version 1.223, 2021/01/27 10:05:28 |
|
|
/* Imports */ |
/* Imports */ |
extern ServerOptions options; |
extern ServerOptions options; |
extern u_int utmp_len; |
extern u_int utmp_len; |
extern u_char session_id[]; |
|
extern struct sshbuf *loginmsg; |
extern struct sshbuf *loginmsg; |
extern struct sshauthopt *auth_opts; /* XXX move to permanent ssh->authctxt? */ |
extern struct sshauthopt *auth_opts; /* XXX move to permanent ssh->authctxt? */ |
|
|
|
|
break; |
break; |
} |
} |
if (!valid_data) |
if (!valid_data) |
fatal_f("bad signature data blob"); |
fatal_f("bad %s signature data blob", |
|
key_blobtype == MM_USERKEY ? "userkey" : |
|
(key_blobtype == MM_HOSTKEY ? "hostkey" : "unknown")); |
|
|
if ((fp = sshkey_fingerprint(key, options.fingerprint_hash, |
if ((fp = sshkey_fingerprint(key, options.fingerprint_hash, |
SSH_FP_DEFAULT)) == NULL) |
SSH_FP_DEFAULT)) == NULL) |
|
|
fatal_fr(r, "packet_set_state"); |
fatal_fr(r, "packet_set_state"); |
sshbuf_free(child_state); |
sshbuf_free(child_state); |
child_state = NULL; |
child_state = NULL; |
|
if ((kex = ssh->kex) == NULL) |
if ((kex = ssh->kex) != NULL) { |
fatal_f("internal error: ssh->kex == NULL"); |
/* XXX set callbacks */ |
if (session_id2_len != sshbuf_len(ssh->kex->session_id)) { |
|
fatal_f("incorrect session id length %zu (expected %u)", |
|
sshbuf_len(ssh->kex->session_id), session_id2_len); |
|
} |
|
if (memcmp(sshbuf_ptr(ssh->kex->session_id), session_id2, |
|
session_id2_len) != 0) |
|
fatal_f("session ID mismatch"); |
|
/* XXX set callbacks */ |
#ifdef WITH_OPENSSL |
#ifdef WITH_OPENSSL |
kex->kex[KEX_DH_GRP1_SHA1] = kex_gen_server; |
kex->kex[KEX_DH_GRP1_SHA1] = kex_gen_server; |
kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_server; |
kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_server; |
kex->kex[KEX_DH_GRP14_SHA256] = kex_gen_server; |
kex->kex[KEX_DH_GRP14_SHA256] = kex_gen_server; |
kex->kex[KEX_DH_GRP16_SHA512] = kex_gen_server; |
kex->kex[KEX_DH_GRP16_SHA512] = kex_gen_server; |
kex->kex[KEX_DH_GRP18_SHA512] = kex_gen_server; |
kex->kex[KEX_DH_GRP18_SHA512] = kex_gen_server; |
kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; |
kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; |
kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; |
kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; |
kex->kex[KEX_ECDH_SHA2] = kex_gen_server; |
kex->kex[KEX_ECDH_SHA2] = kex_gen_server; |
#endif |
#endif |
kex->kex[KEX_C25519_SHA256] = kex_gen_server; |
kex->kex[KEX_C25519_SHA256] = kex_gen_server; |
kex->kex[KEX_KEM_SNTRUP761X25519_SHA512] = kex_gen_server; |
kex->kex[KEX_KEM_SNTRUP761X25519_SHA512] = kex_gen_server; |
kex->load_host_public_key=&get_hostkey_public_by_type; |
kex->load_host_public_key=&get_hostkey_public_by_type; |
kex->load_host_private_key=&get_hostkey_private_by_type; |
kex->load_host_private_key=&get_hostkey_private_by_type; |
kex->host_key_index=&get_hostkey_index; |
kex->host_key_index=&get_hostkey_index; |
kex->sign = sshd_hostkey_sign; |
kex->sign = sshd_hostkey_sign; |
} |
|
} |
} |
|
|
/* This function requires careful sanity checking */ |
/* This function requires careful sanity checking */ |