version 1.56, 2001/03/26 08:07:09 |
version 1.57, 2001/03/27 17:46:49 |
|
|
#include "sshconnect.h" |
#include "sshconnect.h" |
#include "authfile.h" |
#include "authfile.h" |
#include "cli.h" |
#include "cli.h" |
|
#include "dh.h" |
#include "dispatch.h" |
#include "dispatch.h" |
#include "authfd.h" |
#include "authfd.h" |
#include "log.h" |
#include "log.h" |
|
|
int plen, dlen; |
int plen, dlen; |
u_int klen, kout; |
u_int klen, kout; |
char *signature = NULL; |
char *signature = NULL; |
u_int slen, nbits; |
u_int slen, nbits, min, max; |
char *server_host_key_blob = NULL; |
char *server_host_key_blob = NULL; |
Key *server_host_key; |
Key *server_host_key; |
u_int sbloblen; |
u_int sbloblen; |
|
|
|
|
nbits = dh_estimate(kex->we_need * 8); |
nbits = dh_estimate(kex->we_need * 8); |
|
|
debug("Sending SSH2_MSG_KEX_DH_GEX_REQUEST."); |
if (datafellows & SSH_OLD_DHGEX) { |
packet_start(SSH2_MSG_KEX_DH_GEX_REQUEST); |
debug("Sending SSH2_MSG_KEX_DH_GEX_REQUEST_OLD."); |
packet_put_int(nbits); |
|
|
/* Old GEX request */ |
|
packet_start(SSH2_MSG_KEX_DH_GEX_REQUEST_OLD); |
|
packet_put_int(nbits); |
|
min = DH_GRP_MIN; |
|
max = DH_GRP_MAX; |
|
} else { |
|
debug("Sending SSH2_MSG_KEX_DH_GEX_REQUEST."); |
|
|
|
/* New GEX request */ |
|
min = DH_GRP_MIN; |
|
max = MIN(DH_GRP_MAX, nbits * 1.25); |
|
|
|
packet_start(SSH2_MSG_KEX_DH_GEX_REQUEST); |
|
packet_put_int(min); |
|
packet_put_int(nbits); |
|
packet_put_int(max); |
|
} |
packet_send(); |
packet_send(); |
packet_write_wait(); |
packet_write_wait(); |
|
|
#ifdef DEBUG_KEXDH |
#ifdef DEBUG_KEXDH |
fprintf(stderr, "\nnbits = %d", nbits); |
fprintf(stderr, "\nmin = %d, nbits = %d, max = %d", min, nbits, max); |
#endif |
#endif |
|
|
debug("Wait SSH2_MSG_KEX_DH_GEX_GROUP."); |
debug("Wait SSH2_MSG_KEX_DH_GEX_GROUP."); |
|
|
if ((g = BN_new()) == NULL) |
if ((g = BN_new()) == NULL) |
fatal("BN_new"); |
fatal("BN_new"); |
packet_get_bignum2(g, &dlen); |
packet_get_bignum2(g, &dlen); |
|
|
|
if (BN_num_bits(p) < min || BN_num_bits(p) > max) |
|
fatal("DH_GEX group out of range: %d !< %d !< %d", |
|
min, BN_num_bits(p), max); |
|
|
dh = dh_new_group(g, p); |
dh = dh_new_group(g, p); |
|
|
dh_gen_key(dh, kex->we_need * 8); |
dh_gen_key(dh, kex->we_need * 8); |