version 1.414, 2014/01/09 23:26:48 |
version 1.415, 2014/01/27 19:18:54 |
|
|
|
|
#include <openssl/dh.h> |
#include <openssl/dh.h> |
#include <openssl/bn.h> |
#include <openssl/bn.h> |
#include <openssl/md5.h> |
|
#include <openssl/rand.h> |
#include <openssl/rand.h> |
|
|
#include "xmalloc.h" |
#include "xmalloc.h" |
|
|
#include "uidswap.h" |
#include "uidswap.h" |
#include "compat.h" |
#include "compat.h" |
#include "cipher.h" |
#include "cipher.h" |
|
#include "digest.h" |
#include "key.h" |
#include "key.h" |
#include "kex.h" |
#include "kex.h" |
#include "dh.h" |
#include "dh.h" |
|
|
if (rsafail) { |
if (rsafail) { |
int bytes = BN_num_bytes(session_key_int); |
int bytes = BN_num_bytes(session_key_int); |
u_char *buf = xmalloc(bytes); |
u_char *buf = xmalloc(bytes); |
MD5_CTX md; |
struct ssh_digest_ctx *md; |
|
|
logit("do_connection: generating a fake encryption key"); |
logit("do_connection: generating a fake encryption key"); |
BN_bn2bin(session_key_int, buf); |
BN_bn2bin(session_key_int, buf); |
MD5_Init(&md); |
if ((md = ssh_digest_start(SSH_DIGEST_MD5)) == NULL || |
MD5_Update(&md, buf, bytes); |
ssh_digest_update(md, buf, bytes) < 0 || |
MD5_Update(&md, sensitive_data.ssh1_cookie, SSH_SESSION_KEY_LENGTH); |
ssh_digest_update(md, sensitive_data.ssh1_cookie, |
MD5_Final(session_key, &md); |
SSH_SESSION_KEY_LENGTH) < 0 || |
MD5_Init(&md); |
ssh_digest_final(md, session_key, sizeof(session_key)) < 0) |
MD5_Update(&md, session_key, 16); |
fatal("%s: md5 failed", __func__); |
MD5_Update(&md, buf, bytes); |
ssh_digest_free(md); |
MD5_Update(&md, sensitive_data.ssh1_cookie, SSH_SESSION_KEY_LENGTH); |
if ((md = ssh_digest_start(SSH_DIGEST_MD5)) == NULL || |
MD5_Final(session_key + 16, &md); |
ssh_digest_update(md, session_key, 16) < 0 || |
|
ssh_digest_update(md, sensitive_data.ssh1_cookie, |
|
SSH_SESSION_KEY_LENGTH) < 0 || |
|
ssh_digest_final(md, session_key + 16, |
|
sizeof(session_key) - 16) < 0) |
|
fatal("%s: md5 failed", __func__); |
|
ssh_digest_free(md); |
memset(buf, 0, bytes); |
memset(buf, 0, bytes); |
free(buf); |
free(buf); |
for (i = 0; i < 16; i++) |
for (i = 0; i < 16; i++) |