summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authordjm@openbsd.org <djm@openbsd.org>2019-01-21 10:05:09 +0000
committerDamien Miller <djm@mindrot.org>2019-01-21 21:47:28 +1100
commitbb39bafb6dc520cc097780f4611a52da7f19c3e2 (patch)
treeb5721488b62d4e8cc1ffa322ae659e5265a0c707
parentdec5e9d33891e3bc3f1395d7db0e56fdc7f86dfc (diff)
upstream: factor out kex_load_hostkey() - this is duplicated in
both the client and server implementations for most KEX methods. from markus@ ok djm@ OpenBSD-Commit-ID: 8232fa7c21fbfbcaf838313b0c166dc6c8762f3c
Diffstat
-rw-r--r--kex.c20
-rw-r--r--kex.h3
-rw-r--r--kexc25519s.c17
-rw-r--r--kexdhs.c16
-rw-r--r--kexecdhs.c16
-rw-r--r--kexgexs.c16
6 files changed, 33 insertions, 55 deletions
diff --git a/kex.c b/kex.c
index 0d5618ecc..a0d13a880 100644
--- a/kex.c
+++ b/kex.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: kex.c,v 1.144 2019/01/21 09:55:52 djm Exp $ */ 1/* $OpenBSD: kex.c,v 1.145 2019/01/21 10:05:09 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
4 * 4 *
@@ -1052,6 +1052,24 @@ kex_derive_keys_bn(struct ssh *ssh, u_char *hash, u_int hashlen,
1052} 1052}
1053#endif 1053#endif
1054 1054
1055int
1056kex_load_hostkey(struct ssh *ssh, struct sshkey **pubp, struct sshkey **prvp)
1057{
1058 struct kex *kex = ssh->kex;
1059
1060 *pubp = NULL;
1061 *prvp = NULL;
1062 if (kex->load_host_public_key == NULL ||
1063 kex->load_host_private_key == NULL)
1064 return SSH_ERR_INVALID_ARGUMENT;
1065 *pubp = kex->load_host_public_key(kex->hostkey_type,
1066 kex->hostkey_nid, ssh);
1067 *prvp = kex->load_host_private_key(kex->hostkey_type,
1068 kex->hostkey_nid, ssh);
1069 if (*pubp == NULL)
1070 return SSH_ERR_NO_HOSTKEY_LOADED;
1071 return 0;
1072}
1055 1073
1056#if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) || defined(DEBUG_KEXECDH) 1074#if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) || defined(DEBUG_KEXECDH)
1057void 1075void
diff --git a/kex.h b/kex.h
index a11bd5ae6..fa65b8657 100644
--- a/kex.h
+++ b/kex.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: kex.h,v 1.96 2019/01/21 10:03:37 djm Exp $ */ 1/* $OpenBSD: kex.h,v 1.97 2019/01/21 10:05:09 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
@@ -184,6 +184,7 @@ void kex_free(struct kex *);
184int kex_buf2prop(struct sshbuf *, int *, char ***); 184int kex_buf2prop(struct sshbuf *, int *, char ***);
185int kex_prop2buf(struct sshbuf *, char *proposal[PROPOSAL_MAX]); 185int kex_prop2buf(struct sshbuf *, char *proposal[PROPOSAL_MAX]);
186void kex_prop_free(char **); 186void kex_prop_free(char **);
187int kex_load_hostkey(struct ssh *, struct sshkey **, struct sshkey **);
187 188
188int kex_send_kexinit(struct ssh *); 189int kex_send_kexinit(struct ssh *);
189int kex_input_kexinit(int, u_int32_t, struct ssh *); 190int kex_input_kexinit(int, u_int32_t, struct ssh *);
diff --git a/kexc25519s.c b/kexc25519s.c
index 65df18c4b..d7cc70fee 100644
--- a/kexc25519s.c
+++ b/kexc25519s.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: kexc25519s.c,v 1.14 2019/01/21 09:55:52 djm Exp $ */ 1/* $OpenBSD: kexc25519s.c,v 1.15 2019/01/21 10:05:09 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2001 Markus Friedl. All rights reserved.
4 * Copyright (c) 2010 Damien Miller. All rights reserved. 4 * Copyright (c) 2010 Damien Miller. All rights reserved.
@@ -70,20 +70,9 @@ input_kex_c25519_init(int type, u_int32_t seq, struct ssh *ssh)
70#ifdef DEBUG_KEXECDH 70#ifdef DEBUG_KEXECDH
71 dump_digest("server private key:", server_key, sizeof(server_key)); 71 dump_digest("server private key:", server_key, sizeof(server_key));
72#endif 72#endif
73 if (kex->load_host_public_key == NULL || 73 if ((r = kex_load_hostkey(ssh, &server_host_private,
74 kex->load_host_private_key == NULL) { 74 &server_host_public)) != 0)
75 r = SSH_ERR_INVALID_ARGUMENT;
76 goto out; 75 goto out;
77 }
78 server_host_public = kex->load_host_public_key(kex->hostkey_type,
79 kex->hostkey_nid, ssh);
80 server_host_private = kex->load_host_private_key(kex->hostkey_type,
81 kex->hostkey_nid, ssh);
82 if (server_host_public == NULL) {
83 r = SSH_ERR_NO_HOSTKEY_LOADED;
84 goto out;
85 }
86
87 if ((r = sshpkt_get_string(ssh, &client_pubkey, &pklen)) != 0 || 76 if ((r = sshpkt_get_string(ssh, &client_pubkey, &pklen)) != 0 ||
88 (r = sshpkt_get_end(ssh)) != 0) 77 (r = sshpkt_get_end(ssh)) != 0)
89 goto out; 78 goto out;
diff --git a/kexdhs.c b/kexdhs.c
index 0f028aaeb..e33901bbf 100644
--- a/kexdhs.c
+++ b/kexdhs.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: kexdhs.c,v 1.34 2019/01/21 10:03:37 djm Exp $ */ 1/* $OpenBSD: kexdhs.c,v 1.35 2019/01/21 10:05:09 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2001 Markus Friedl. All rights reserved.
4 * 4 *
@@ -81,19 +81,9 @@ input_kex_dh_init(int type, u_int32_t seq, struct ssh *ssh)
81 size_t hashlen; 81 size_t hashlen;
82 int r; 82 int r;
83 83
84 if (kex->load_host_public_key == NULL || 84 if ((r = kex_load_hostkey(ssh, &server_host_private,
85 kex->load_host_private_key == NULL) { 85 &server_host_public)) != 0)
86 r = SSH_ERR_INVALID_ARGUMENT;
87 goto out; 86 goto out;
88 }
89 server_host_public = kex->load_host_public_key(kex->hostkey_type,
90 kex->hostkey_nid, ssh);
91 server_host_private = kex->load_host_private_key(kex->hostkey_type,
92 kex->hostkey_nid, ssh);
93 if (server_host_public == NULL) {
94 r = SSH_ERR_NO_HOSTKEY_LOADED;
95 goto out;
96 }
97 87
98 /* key, cert */ 88 /* key, cert */
99 if ((r = sshpkt_get_bignum2(ssh, &dh_client_pub)) != 0 || 89 if ((r = sshpkt_get_bignum2(ssh, &dh_client_pub)) != 0 ||
diff --git a/kexecdhs.c b/kexecdhs.c
index 4ba2072df..b9254eed7 100644
--- a/kexecdhs.c
+++ b/kexecdhs.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: kexecdhs.c,v 1.20 2019/01/21 09:55:52 djm Exp $ */ 1/* $OpenBSD: kexecdhs.c,v 1.21 2019/01/21 10:05:09 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2001 Markus Friedl. All rights reserved.
4 * Copyright (c) 2010 Damien Miller. All rights reserved. 4 * Copyright (c) 2010 Damien Miller. All rights reserved.
@@ -89,19 +89,9 @@ input_kex_ecdh_init(int type, u_int32_t seq, struct ssh *ssh)
89 sshkey_dump_ec_key(server_key); 89 sshkey_dump_ec_key(server_key);
90#endif 90#endif
91 91
92 if (kex->load_host_public_key == NULL || 92 if ((r = kex_load_hostkey(ssh, &server_host_private,
93 kex->load_host_private_key == NULL) { 93 &server_host_public)) != 0)
94 r = SSH_ERR_INVALID_ARGUMENT;
95 goto out; 94 goto out;
96 }
97 server_host_public = kex->load_host_public_key(kex->hostkey_type,
98 kex->hostkey_nid, ssh);
99 server_host_private = kex->load_host_private_key(kex->hostkey_type,
100 kex->hostkey_nid, ssh);
101 if (server_host_public == NULL) {
102 r = SSH_ERR_NO_HOSTKEY_LOADED;
103 goto out;
104 }
105 if ((client_public = EC_POINT_new(group)) == NULL) { 95 if ((client_public = EC_POINT_new(group)) == NULL) {
106 r = SSH_ERR_ALLOC_FAIL; 96 r = SSH_ERR_ALLOC_FAIL;
107 goto out; 97 goto out;
diff --git a/kexgexs.c b/kexgexs.c
index f8eb36545..a617d4453 100644
--- a/kexgexs.c
+++ b/kexgexs.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: kexgexs.c,v 1.40 2019/01/21 10:03:37 djm Exp $ */ 1/* $OpenBSD: kexgexs.c,v 1.41 2019/01/21 10:05:09 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Niels Provos. All rights reserved. 3 * Copyright (c) 2000 Niels Provos. All rights reserved.
4 * Copyright (c) 2001 Markus Friedl. All rights reserved. 4 * Copyright (c) 2001 Markus Friedl. All rights reserved.
@@ -136,19 +136,9 @@ input_kex_dh_gex_init(int type, u_int32_t seq, struct ssh *ssh)
136 size_t hashlen; 136 size_t hashlen;
137 int r; 137 int r;
138 138
139 if (kex->load_host_public_key == NULL || 139 if ((r = kex_load_hostkey(ssh, &server_host_private,
140 kex->load_host_private_key == NULL) { 140 &server_host_public)) != 0)
141 r = SSH_ERR_INVALID_ARGUMENT;
142 goto out; 141 goto out;
143 }
144 server_host_public = kex->load_host_public_key(kex->hostkey_type,
145 kex->hostkey_nid, ssh);
146 server_host_private = kex->load_host_private_key(kex->hostkey_type,
147 kex->hostkey_nid, ssh);
148 if (server_host_public == NULL) {
149 r = SSH_ERR_NO_HOSTKEY_LOADED;
150 goto out;
151 }
152 142
153 /* key, cert */ 143 /* key, cert */
154 if ((r = sshpkt_get_bignum2(ssh, &dh_client_pub)) != 0 || 144 if ((r = sshpkt_get_bignum2(ssh, &dh_client_pub)) != 0 ||
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-26 18:00:33 +0000