diff options
| author | Ben Lindstrom <mouring@eviladmin.org> | 2001-04-04 02:00:54 +0000 |
|---|---|---|
| committer | Ben Lindstrom <mouring@eviladmin.org> | 2001-04-04 02:00:54 +0000 |
| commit | 2d90e003098834de493a797017f8704b2f383f67 (patch) | |
| tree | 9465422eab9f2925c7a9ed6cb99a923173fde9fe | |
| parent | 9323d964791a8627c7733e64951d32e7d4b19f9c (diff) | |
- markus@cvs.openbsd.org 2001/04/03 23:32:12
[kex.c kex.h packet.c sshconnect2.c sshd.c]
undo parts of recent my changes: main part of keyexchange does not
need dispatch-callbacks, since application data is delayed until
the keyexchange completes (if i understand the drafts correctly).
add some infrastructure for re-keying.
| -rw-r--r-- | ChangeLog | 8 | ||||
| -rw-r--r-- | kex.c | 85 | ||||
| -rw-r--r-- | kex.h | 75 | ||||
| -rw-r--r-- | packet.c | 108 | ||||
| -rw-r--r-- | sshconnect2.c | 5 | ||||
| -rw-r--r-- | sshd.c | 5 |
6 files changed, 156 insertions, 130 deletions
| @@ -13,6 +13,12 @@ | |||
| 13 | - todd@cvs.openbsd.org 2001/04/03 21:19:38 | 13 | - todd@cvs.openbsd.org 2001/04/03 21:19:38 |
| 14 | [ssh_config] | 14 | [ssh_config] |
| 15 | id_rsa1/2 -> id_rsa; ok markus@ | 15 | id_rsa1/2 -> id_rsa; ok markus@ |
| 16 | - markus@cvs.openbsd.org 2001/04/03 23:32:12 | ||
| 17 | [kex.c kex.h packet.c sshconnect2.c sshd.c] | ||
| 18 | undo parts of recent my changes: main part of keyexchange does not | ||
| 19 | need dispatch-callbacks, since application data is delayed until | ||
| 20 | the keyexchange completes (if i understand the drafts correctly). | ||
| 21 | add some infrastructure for re-keying. | ||
| 16 | 22 | ||
| 17 | 20010403 | 23 | 20010403 |
| 18 | - OpenBSD CVS Sync | 24 | - OpenBSD CVS Sync |
| @@ -4823,4 +4829,4 @@ | |||
| 4823 | - Wrote replacements for strlcpy and mkdtemp | 4829 | - Wrote replacements for strlcpy and mkdtemp |
| 4824 | - Released 1.0pre1 | 4830 | - Released 1.0pre1 |
| 4825 | 4831 | ||
| 4826 | $Id: ChangeLog,v 1.1051 2001/04/04 01:58:48 mouring Exp $ | 4832 | $Id: ChangeLog,v 1.1052 2001/04/04 02:00:54 mouring Exp $ |
| @@ -23,7 +23,7 @@ | |||
| 23 | */ | 23 | */ |
| 24 | 24 | ||
| 25 | #include "includes.h" | 25 | #include "includes.h" |
| 26 | RCSID("$OpenBSD: kex.c,v 1.26 2001/04/03 19:53:29 markus Exp $"); | 26 | RCSID("$OpenBSD: kex.c,v 1.27 2001/04/03 23:32:11 markus Exp $"); |
| 27 | 27 | ||
| 28 | #include <openssl/crypto.h> | 28 | #include <openssl/crypto.h> |
| 29 | 29 | ||
| @@ -131,7 +131,7 @@ kex_input_newkeys(int type, int plen, void *ctxt) | |||
| 131 | for (i = 30; i <= 49; i++) | 131 | for (i = 30; i <= 49; i++) |
| 132 | dispatch_set(i, &kex_protocol_error); | 132 | dispatch_set(i, &kex_protocol_error); |
| 133 | buffer_clear(&kex->peer); | 133 | buffer_clear(&kex->peer); |
| 134 | buffer_clear(&kex->my); | 134 | /* buffer_clear(&kex->my); */ |
| 135 | kex->flags &= ~KEX_INIT_SENT; | 135 | kex->flags &= ~KEX_INIT_SENT; |
| 136 | } | 136 | } |
| 137 | 137 | ||
| @@ -152,7 +152,6 @@ kex_input_kexinit(int type, int plen, void *ctxt) | |||
| 152 | int dlen; | 152 | int dlen; |
| 153 | Kex *kex = (Kex *)ctxt; | 153 | Kex *kex = (Kex *)ctxt; |
| 154 | 154 | ||
| 155 | dispatch_set(SSH2_MSG_KEXINIT, &kex_protocol_error); | ||
| 156 | debug("SSH2_MSG_KEXINIT received"); | 155 | debug("SSH2_MSG_KEXINIT received"); |
| 157 | 156 | ||
| 158 | ptr = packet_get_raw(&dlen); | 157 | ptr = packet_get_raw(&dlen); |
| @@ -274,18 +273,20 @@ choose_hostkeyalg(Kex *k, char *client, char *server) | |||
| 274 | } | 273 | } |
| 275 | 274 | ||
| 276 | void | 275 | void |
| 277 | kex_choose_conf(Kex *k) | 276 | kex_choose_conf(Kex *kex) |
| 278 | { | 277 | { |
| 278 | Newkeys *newkeys; | ||
| 279 | char **my, **peer; | 279 | char **my, **peer; |
| 280 | char **cprop, **sprop; | 280 | char **cprop, **sprop; |
| 281 | int nenc, nmac, ncomp; | ||
| 281 | int mode; | 282 | int mode; |
| 282 | int ctos; /* direction: if true client-to-server */ | 283 | int ctos; /* direction: if true client-to-server */ |
| 283 | int need; | 284 | int need; |
| 284 | 285 | ||
| 285 | my = kex_buf2prop(&k->my); | 286 | my = kex_buf2prop(&kex->my); |
| 286 | peer = kex_buf2prop(&k->peer); | 287 | peer = kex_buf2prop(&kex->peer); |
| 287 | 288 | ||
| 288 | if (k->server) { | 289 | if (kex->server) { |
| 289 | cprop=peer; | 290 | cprop=peer; |
| 290 | sprop=my; | 291 | sprop=my; |
| 291 | } else { | 292 | } else { |
| @@ -294,42 +295,44 @@ kex_choose_conf(Kex *k) | |||
| 294 | } | 295 | } |
| 295 | 296 | ||
| 296 | for (mode = 0; mode < MODE_MAX; mode++) { | 297 | for (mode = 0; mode < MODE_MAX; mode++) { |
| 297 | int nenc, nmac, ncomp; | 298 | newkeys = xmalloc(sizeof(*newkeys)); |
| 298 | ctos = (!k->server && mode == MODE_OUT) || (k->server && mode == MODE_IN); | 299 | memset(newkeys, 0, sizeof(*newkeys)); |
| 300 | kex->keys[mode] = newkeys; | ||
| 301 | ctos = (!kex->server && mode == MODE_OUT) || (kex->server && mode == MODE_IN); | ||
| 299 | nenc = ctos ? PROPOSAL_ENC_ALGS_CTOS : PROPOSAL_ENC_ALGS_STOC; | 302 | nenc = ctos ? PROPOSAL_ENC_ALGS_CTOS : PROPOSAL_ENC_ALGS_STOC; |
| 300 | nmac = ctos ? PROPOSAL_MAC_ALGS_CTOS : PROPOSAL_MAC_ALGS_STOC; | 303 | nmac = ctos ? PROPOSAL_MAC_ALGS_CTOS : PROPOSAL_MAC_ALGS_STOC; |
| 301 | ncomp = ctos ? PROPOSAL_COMP_ALGS_CTOS : PROPOSAL_COMP_ALGS_STOC; | 304 | ncomp = ctos ? PROPOSAL_COMP_ALGS_CTOS : PROPOSAL_COMP_ALGS_STOC; |
| 302 | choose_enc (&k->enc [mode], cprop[nenc], sprop[nenc]); | 305 | choose_enc (&newkeys->enc, cprop[nenc], sprop[nenc]); |
| 303 | choose_mac (&k->mac [mode], cprop[nmac], sprop[nmac]); | 306 | choose_mac (&newkeys->mac, cprop[nmac], sprop[nmac]); |
| 304 | choose_comp(&k->comp[mode], cprop[ncomp], sprop[ncomp]); | 307 | choose_comp(&newkeys->comp, cprop[ncomp], sprop[ncomp]); |
| 305 | debug("kex: %s %s %s %s", | 308 | debug("kex: %s %s %s %s", |
| 306 | ctos ? "client->server" : "server->client", | 309 | ctos ? "client->server" : "server->client", |
| 307 | k->enc[mode].name, | 310 | newkeys->enc.name, |
| 308 | k->mac[mode].name, | 311 | newkeys->mac.name, |
| 309 | k->comp[mode].name); | 312 | newkeys->comp.name); |
| 310 | } | 313 | } |
| 311 | choose_kex(k, cprop[PROPOSAL_KEX_ALGS], sprop[PROPOSAL_KEX_ALGS]); | 314 | choose_kex(kex, cprop[PROPOSAL_KEX_ALGS], sprop[PROPOSAL_KEX_ALGS]); |
| 312 | choose_hostkeyalg(k, cprop[PROPOSAL_SERVER_HOST_KEY_ALGS], | 315 | choose_hostkeyalg(kex, cprop[PROPOSAL_SERVER_HOST_KEY_ALGS], |
| 313 | sprop[PROPOSAL_SERVER_HOST_KEY_ALGS]); | 316 | sprop[PROPOSAL_SERVER_HOST_KEY_ALGS]); |
| 314 | need = 0; | 317 | need = 0; |
| 315 | for (mode = 0; mode < MODE_MAX; mode++) { | 318 | for (mode = 0; mode < MODE_MAX; mode++) { |
| 316 | if (need < k->enc[mode].cipher->key_len) | 319 | newkeys = kex->keys[mode]; |
| 317 | need = k->enc[mode].cipher->key_len; | 320 | if (need < newkeys->enc.cipher->key_len) |
| 318 | if (need < k->enc[mode].cipher->block_size) | 321 | need = newkeys->enc.cipher->key_len; |
| 319 | need = k->enc[mode].cipher->block_size; | 322 | if (need < newkeys->enc.cipher->block_size) |
| 320 | if (need < k->mac[mode].key_len) | 323 | need = newkeys->enc.cipher->block_size; |
| 321 | need = k->mac[mode].key_len; | 324 | if (need < newkeys->mac.key_len) |
| 325 | need = newkeys->mac.key_len; | ||
| 322 | } | 326 | } |
| 323 | /* XXX need runden? */ | 327 | /* XXX need runden? */ |
| 324 | k->we_need = need; | 328 | kex->we_need = need; |
| 325 | 329 | ||
| 326 | kex_prop_free(my); | 330 | kex_prop_free(my); |
| 327 | kex_prop_free(peer); | 331 | kex_prop_free(peer); |
| 328 | |||
| 329 | } | 332 | } |
| 330 | 333 | ||
| 331 | u_char * | 334 | u_char * |
| 332 | derive_key(int id, int need, u_char *hash, BIGNUM *shared_secret) | 335 | derive_key(Kex *kex, int id, int need, u_char *hash, BIGNUM *shared_secret) |
| 333 | { | 336 | { |
| 334 | Buffer b; | 337 | Buffer b; |
| 335 | EVP_MD *evp_md = EVP_sha1(); | 338 | EVP_MD *evp_md = EVP_sha1(); |
| @@ -346,7 +349,7 @@ derive_key(int id, int need, u_char *hash, BIGNUM *shared_secret) | |||
| 346 | EVP_DigestUpdate(&md, buffer_ptr(&b), buffer_len(&b)); /* shared_secret K */ | 349 | EVP_DigestUpdate(&md, buffer_ptr(&b), buffer_len(&b)); /* shared_secret K */ |
| 347 | EVP_DigestUpdate(&md, hash, mdsz); /* transport-06 */ | 350 | EVP_DigestUpdate(&md, hash, mdsz); /* transport-06 */ |
| 348 | EVP_DigestUpdate(&md, &c, 1); /* key id */ | 351 | EVP_DigestUpdate(&md, &c, 1); /* key id */ |
| 349 | EVP_DigestUpdate(&md, hash, mdsz); /* session id */ | 352 | EVP_DigestUpdate(&md, kex->session_id, kex->session_id_len); |
| 350 | EVP_DigestFinal(&md, digest, NULL); | 353 | EVP_DigestFinal(&md, digest, NULL); |
| 351 | 354 | ||
| 352 | /* expand */ | 355 | /* expand */ |
| @@ -365,26 +368,36 @@ derive_key(int id, int need, u_char *hash, BIGNUM *shared_secret) | |||
| 365 | return digest; | 368 | return digest; |
| 366 | } | 369 | } |
| 367 | 370 | ||
| 371 | Newkeys *x_newkeys[MODE_MAX]; | ||
| 372 | |||
| 368 | #define NKEYS 6 | 373 | #define NKEYS 6 |
| 369 | void | 374 | void |
| 370 | kex_derive_keys(Kex *k, u_char *hash, BIGNUM *shared_secret) | 375 | kex_derive_keys(Kex *kex, u_char *hash, BIGNUM *shared_secret) |
| 371 | { | 376 | { |
| 372 | int i; | 377 | Newkeys *newkeys; |
| 373 | int mode; | ||
| 374 | int ctos; | ||
| 375 | u_char *keys[NKEYS]; | 378 | u_char *keys[NKEYS]; |
| 379 | int i, mode, ctos; | ||
| 376 | 380 | ||
| 377 | for (i = 0; i < NKEYS; i++) | 381 | for (i = 0; i < NKEYS; i++) |
| 378 | keys[i] = derive_key('A'+i, k->we_need, hash, shared_secret); | 382 | keys[i] = derive_key(kex, 'A'+i, kex->we_need, hash, shared_secret); |
| 379 | 383 | ||
| 384 | debug("kex_derive_keys"); | ||
| 380 | for (mode = 0; mode < MODE_MAX; mode++) { | 385 | for (mode = 0; mode < MODE_MAX; mode++) { |
| 381 | ctos = (!k->server && mode == MODE_OUT) || (k->server && mode == MODE_IN); | 386 | newkeys = kex->keys[mode]; |
| 382 | k->enc[mode].iv = keys[ctos ? 0 : 1]; | 387 | ctos = (!kex->server && mode == MODE_OUT) || (kex->server && mode == MODE_IN); |
| 383 | k->enc[mode].key = keys[ctos ? 2 : 3]; | 388 | newkeys->enc.iv = keys[ctos ? 0 : 1]; |
| 384 | k->mac[mode].key = keys[ctos ? 4 : 5]; | 389 | newkeys->enc.key = keys[ctos ? 2 : 3]; |
| 390 | newkeys->mac.key = keys[ctos ? 4 : 5]; | ||
| 391 | x_newkeys[mode] = newkeys; | ||
| 385 | } | 392 | } |
| 386 | } | 393 | } |
| 387 | 394 | ||
| 395 | Newkeys * | ||
| 396 | kex_get_newkeys(int mode) | ||
| 397 | { | ||
| 398 | return x_newkeys[mode]; | ||
| 399 | } | ||
| 400 | |||
| 388 | #if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) | 401 | #if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) |
| 389 | void | 402 | void |
| 390 | dump_digest(char *msg, u_char *digest, int len) | 403 | dump_digest(char *msg, u_char *digest, int len) |
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: kex.h,v 1.18 2001/04/03 19:53:29 markus Exp $ */ | 1 | /* $OpenBSD: kex.h,v 1.19 2001/04/03 23:32:12 markus Exp $ */ |
| 2 | 2 | ||
| 3 | /* | 3 | /* |
| 4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
| @@ -59,64 +59,69 @@ enum kex_exchange { | |||
| 59 | DH_GEX_SHA1 | 59 | DH_GEX_SHA1 |
| 60 | }; | 60 | }; |
| 61 | 61 | ||
| 62 | #define KEX_INIT_SENT 0x0001 | ||
| 63 | |||
| 62 | typedef struct Kex Kex; | 64 | typedef struct Kex Kex; |
| 63 | typedef struct Mac Mac; | 65 | typedef struct Mac Mac; |
| 64 | typedef struct Comp Comp; | 66 | typedef struct Comp Comp; |
| 65 | typedef struct Enc Enc; | 67 | typedef struct Enc Enc; |
| 68 | typedef struct Newkeys Newkeys; | ||
| 66 | 69 | ||
| 67 | struct Enc { | 70 | struct Enc { |
| 68 | char *name; | 71 | char *name; |
| 69 | Cipher *cipher; | 72 | Cipher *cipher; |
| 70 | int enabled; | 73 | int enabled; |
| 71 | u_char *key; | 74 | u_char *key; |
| 72 | u_char *iv; | 75 | u_char *iv; |
| 73 | }; | 76 | }; |
| 74 | struct Mac { | 77 | struct Mac { |
| 75 | char *name; | 78 | char *name; |
| 76 | int enabled; | 79 | int enabled; |
| 77 | EVP_MD *md; | 80 | EVP_MD *md; |
| 78 | int mac_len; | 81 | int mac_len; |
| 79 | u_char *key; | 82 | u_char *key; |
| 80 | int key_len; | 83 | int key_len; |
| 81 | }; | 84 | }; |
| 82 | struct Comp { | 85 | struct Comp { |
| 83 | int type; | 86 | int type; |
| 84 | int enabled; | 87 | int enabled; |
| 85 | char *name; | 88 | char *name; |
| 89 | }; | ||
| 90 | struct Newkeys { | ||
| 91 | Enc enc; | ||
| 92 | Mac mac; | ||
| 93 | Comp comp; | ||
| 86 | }; | 94 | }; |
| 87 | #define KEX_INIT_SENT 0x0001 | ||
| 88 | struct Kex { | 95 | struct Kex { |
| 89 | Enc enc [MODE_MAX]; | 96 | u_char *session_id; |
| 90 | Mac mac [MODE_MAX]; | 97 | int session_id_len; |
| 91 | Comp comp[MODE_MAX]; | 98 | Newkeys *keys[MODE_MAX]; |
| 92 | int we_need; | 99 | int we_need; |
| 93 | int server; | 100 | int server; |
| 94 | char *name; | 101 | char *name; |
| 95 | int hostkey_type; | 102 | int hostkey_type; |
| 96 | int kex_type; | 103 | int kex_type; |
| 97 | 104 | Buffer my; | |
| 98 | /* used during kex */ | 105 | Buffer peer; |
| 99 | Buffer my; | 106 | int newkeys; |
| 100 | Buffer peer; | 107 | int flags; |
| 101 | int newkeys; | 108 | char *client_version_string; |
| 102 | int flags; | 109 | char *server_version_string; |
| 103 | void *state; | 110 | int (*check_host_key)(Key *hostkey); |
| 104 | char *client_version_string; | 111 | Key *(*load_host_key)(int type); |
| 105 | char *server_version_string; | ||
| 106 | |||
| 107 | int (*check_host_key)(Key *hostkey); | ||
| 108 | Key *(*load_host_key)(int type); | ||
| 109 | }; | 112 | }; |
| 110 | 113 | ||
| 111 | void kex_derive_keys(Kex *k, u_char *hash, BIGNUM *shared_secret); | ||
| 112 | void packet_set_kex(Kex *k); | ||
| 113 | Kex *kex_start(char *proposal[PROPOSAL_MAX]); | 114 | Kex *kex_start(char *proposal[PROPOSAL_MAX]); |
| 114 | void kex_send_newkeys(void); | 115 | void kex_send_newkeys(void); |
| 116 | void kex_send_kexinit(Kex *kex); | ||
| 115 | void kex_protocol_error(int type, int plen, void *ctxt); | 117 | void kex_protocol_error(int type, int plen, void *ctxt); |
| 118 | void kex_derive_keys(Kex *k, u_char *hash, BIGNUM *shared_secret); | ||
| 116 | 119 | ||
| 117 | void kexdh(Kex *); | 120 | void kexdh(Kex *); |
| 118 | void kexgex(Kex *); | 121 | void kexgex(Kex *); |
| 119 | 122 | ||
| 123 | Newkeys *kex_get_newkeys(int mode); | ||
| 124 | |||
| 120 | #if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) | 125 | #if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) |
| 121 | void dump_digest(char *msg, u_char *digest, int len); | 126 | void dump_digest(char *msg, u_char *digest, int len); |
| 122 | #endif | 127 | #endif |
| @@ -37,7 +37,7 @@ | |||
| 37 | */ | 37 | */ |
| 38 | 38 | ||
| 39 | #include "includes.h" | 39 | #include "includes.h" |
| 40 | RCSID("$OpenBSD: packet.c,v 1.56 2001/03/03 21:41:07 millert Exp $"); | 40 | RCSID("$OpenBSD: packet.c,v 1.57 2001/04/03 23:32:12 markus Exp $"); |
| 41 | 41 | ||
| 42 | #include "xmalloc.h" | 42 | #include "xmalloc.h" |
| 43 | #include "buffer.h" | 43 | #include "buffer.h" |
| @@ -121,21 +121,9 @@ static int interactive_mode = 0; | |||
| 121 | int use_ssh2_packet_format = 0; | 121 | int use_ssh2_packet_format = 0; |
| 122 | 122 | ||
| 123 | /* Session key information for Encryption and MAC */ | 123 | /* Session key information for Encryption and MAC */ |
| 124 | Kex *kex = NULL; | 124 | Newkeys *newkeys[MODE_MAX]; |
| 125 | 125 | ||
| 126 | void | 126 | void |
| 127 | packet_set_kex(Kex *k) | ||
| 128 | { | ||
| 129 | if( k->mac[MODE_IN ].key == NULL || | ||
| 130 | k->enc[MODE_IN ].key == NULL || | ||
| 131 | k->enc[MODE_IN ].iv == NULL || | ||
| 132 | k->mac[MODE_OUT].key == NULL || | ||
| 133 | k->enc[MODE_OUT].key == NULL || | ||
| 134 | k->enc[MODE_OUT].iv == NULL) | ||
| 135 | fatal("bad KEX"); | ||
| 136 | kex = k; | ||
| 137 | } | ||
| 138 | void | ||
| 139 | clear_enc_keys(Enc *enc, int len) | 127 | clear_enc_keys(Enc *enc, int len) |
| 140 | { | 128 | { |
| 141 | memset(enc->iv, 0, len); | 129 | memset(enc->iv, 0, len); |
| @@ -150,6 +138,7 @@ packet_set_ssh2_format(void) | |||
| 150 | { | 138 | { |
| 151 | DBG(debug("use_ssh2_packet_format")); | 139 | DBG(debug("use_ssh2_packet_format")); |
| 152 | use_ssh2_packet_format = 1; | 140 | use_ssh2_packet_format = 1; |
| 141 | newkeys[MODE_IN] = newkeys[MODE_OUT] = NULL; | ||
| 153 | } | 142 | } |
| 154 | 143 | ||
| 155 | /* | 144 | /* |
| @@ -522,6 +511,41 @@ packet_send1(void) | |||
| 522 | */ | 511 | */ |
| 523 | } | 512 | } |
| 524 | 513 | ||
| 514 | void | ||
| 515 | set_newkeys(int mode) | ||
| 516 | { | ||
| 517 | Enc *enc; | ||
| 518 | Mac *mac; | ||
| 519 | Comp *comp; | ||
| 520 | CipherContext *cc; | ||
| 521 | |||
| 522 | debug("newkeys: mode %d", mode); | ||
| 523 | |||
| 524 | cc = (mode == MODE_OUT) ? &send_context : &receive_context; | ||
| 525 | if (newkeys[mode] != NULL) { | ||
| 526 | debug("newkeys: rekeying"); | ||
| 527 | memset(cc, 0, sizeof(*cc)); | ||
| 528 | // free old keys, reset compression cipher-contexts; | ||
| 529 | } | ||
| 530 | newkeys[mode] = kex_get_newkeys(mode); | ||
| 531 | if (newkeys[mode] == NULL) | ||
| 532 | fatal("newkeys: no keys for mode %d", mode); | ||
| 533 | enc = &newkeys[mode]->enc; | ||
| 534 | mac = &newkeys[mode]->mac; | ||
| 535 | comp = &newkeys[mode]->comp; | ||
| 536 | if (mac->md != NULL) | ||
| 537 | mac->enabled = 1; | ||
| 538 | DBG(debug("cipher_init_context: %d", mode)); | ||
| 539 | cipher_init(cc, enc->cipher, enc->key, enc->cipher->key_len, | ||
| 540 | enc->iv, enc->cipher->block_size); | ||
| 541 | clear_enc_keys(enc, enc->cipher->key_len); | ||
| 542 | if (comp->type != 0 && comp->enabled == 0) { | ||
| 543 | comp->enabled = 1; | ||
| 544 | if (! packet_compression) | ||
| 545 | packet_start_compression(6); | ||
| 546 | } | ||
| 547 | } | ||
| 548 | |||
| 525 | /* | 549 | /* |
| 526 | * Finalize packet in SSH2 format (compress, mac, encrypt, enqueue) | 550 | * Finalize packet in SSH2 format (compress, mac, encrypt, enqueue) |
| 527 | */ | 551 | */ |
| @@ -540,10 +564,10 @@ packet_send2(void) | |||
| 540 | Comp *comp = NULL; | 564 | Comp *comp = NULL; |
| 541 | int block_size; | 565 | int block_size; |
| 542 | 566 | ||
| 543 | if (kex != NULL) { | 567 | if (newkeys[MODE_OUT] != NULL) { |
| 544 | enc = &kex->enc[MODE_OUT]; | 568 | enc = &newkeys[MODE_OUT]->enc; |
| 545 | mac = &kex->mac[MODE_OUT]; | 569 | mac = &newkeys[MODE_OUT]->mac; |
| 546 | comp = &kex->comp[MODE_OUT]; | 570 | comp = &newkeys[MODE_OUT]->comp; |
| 547 | } | 571 | } |
| 548 | block_size = enc ? enc->cipher->block_size : 8; | 572 | block_size = enc ? enc->cipher->block_size : 8; |
| 549 | 573 | ||
| @@ -622,22 +646,8 @@ packet_send2(void) | |||
| 622 | log("outgoing seqnr wraps around"); | 646 | log("outgoing seqnr wraps around"); |
| 623 | buffer_clear(&outgoing_packet); | 647 | buffer_clear(&outgoing_packet); |
| 624 | 648 | ||
| 625 | if (type == SSH2_MSG_NEWKEYS) { | 649 | if (type == SSH2_MSG_NEWKEYS) |
| 626 | if (kex==NULL || mac==NULL || enc==NULL || comp==NULL) | 650 | set_newkeys(MODE_OUT); |
| 627 | fatal("packet_send2: no KEX"); | ||
| 628 | if (mac->md != NULL) | ||
| 629 | mac->enabled = 1; | ||
| 630 | DBG(debug("cipher_init send_context")); | ||
| 631 | cipher_init(&send_context, enc->cipher, | ||
| 632 | enc->key, enc->cipher->key_len, | ||
| 633 | enc->iv, enc->cipher->block_size); | ||
| 634 | clear_enc_keys(enc, kex->we_need); | ||
| 635 | if (comp->type != 0 && comp->enabled == 0) { | ||
| 636 | comp->enabled = 1; | ||
| 637 | if (! packet_compression) | ||
| 638 | packet_start_compression(6); | ||
| 639 | } | ||
| 640 | } | ||
| 641 | } | 651 | } |
| 642 | 652 | ||
| 643 | void | 653 | void |
| @@ -833,10 +843,10 @@ packet_read_poll2(int *payload_len_ptr) | |||
| 833 | Mac *mac = NULL; | 843 | Mac *mac = NULL; |
| 834 | Comp *comp = NULL; | 844 | Comp *comp = NULL; |
| 835 | 845 | ||
| 836 | if (kex != NULL) { | 846 | if (newkeys[MODE_IN] != NULL) { |
| 837 | enc = &kex->enc[MODE_IN]; | 847 | enc = &newkeys[MODE_IN]->enc; |
| 838 | mac = &kex->mac[MODE_IN]; | 848 | mac = &newkeys[MODE_IN]->mac; |
| 839 | comp = &kex->comp[MODE_IN]; | 849 | comp = &newkeys[MODE_IN]->comp; |
| 840 | } | 850 | } |
| 841 | maclen = mac && mac->enabled ? mac->mac_len : 0; | 851 | maclen = mac && mac->enabled ? mac->mac_len : 0; |
| 842 | block_size = enc ? enc->cipher->block_size : 8; | 852 | block_size = enc ? enc->cipher->block_size : 8; |
| @@ -930,22 +940,8 @@ packet_read_poll2(int *payload_len_ptr) | |||
| 930 | /* extract packet type */ | 940 | /* extract packet type */ |
| 931 | type = (u_char)buf[0]; | 941 | type = (u_char)buf[0]; |
| 932 | 942 | ||
| 933 | if (type == SSH2_MSG_NEWKEYS) { | 943 | if (type == SSH2_MSG_NEWKEYS) |
| 934 | if (kex==NULL || mac==NULL || enc==NULL || comp==NULL) | 944 | set_newkeys(MODE_IN); |
| 935 | fatal("packet_read_poll2: no KEX"); | ||
| 936 | if (mac->md != NULL) | ||
| 937 | mac->enabled = 1; | ||
| 938 | DBG(debug("cipher_init receive_context")); | ||
| 939 | cipher_init(&receive_context, enc->cipher, | ||
| 940 | enc->key, enc->cipher->key_len, | ||
| 941 | enc->iv, enc->cipher->block_size); | ||
| 942 | clear_enc_keys(enc, kex->we_need); | ||
| 943 | if (comp->type != 0 && comp->enabled == 0) { | ||
| 944 | comp->enabled = 1; | ||
| 945 | if (! packet_compression) | ||
| 946 | packet_start_compression(6); | ||
| 947 | } | ||
| 948 | } | ||
| 949 | 945 | ||
| 950 | #ifdef PACKET_DEBUG | 946 | #ifdef PACKET_DEBUG |
| 951 | fprintf(stderr, "read/plain[%d]:\r\n", type); | 947 | fprintf(stderr, "read/plain[%d]:\r\n", type); |
| @@ -1339,8 +1335,8 @@ packet_inject_ignore(int sumlen) | |||
| 1339 | 1335 | ||
| 1340 | have = buffer_len(&outgoing_packet); | 1336 | have = buffer_len(&outgoing_packet); |
| 1341 | debug2("packet_inject_ignore: current %d", have); | 1337 | debug2("packet_inject_ignore: current %d", have); |
| 1342 | if (kex != NULL) | 1338 | if (newkeys[MODE_OUT] != NULL) |
| 1343 | enc = &kex->enc[MODE_OUT]; | 1339 | enc = &newkeys[MODE_OUT]->enc; |
| 1344 | blocksize = enc ? enc->cipher->block_size : 8; | 1340 | blocksize = enc ? enc->cipher->block_size : 8; |
| 1345 | padlen = blocksize - (have % blocksize); | 1341 | padlen = blocksize - (have % blocksize); |
| 1346 | if (padlen < 4) | 1342 | if (padlen < 4) |
diff --git a/sshconnect2.c b/sshconnect2.c index 4ed39a23e..dd3f36b57 100644 --- a/sshconnect2.c +++ b/sshconnect2.c | |||
| @@ -23,7 +23,7 @@ | |||
| 23 | */ | 23 | */ |
| 24 | 24 | ||
| 25 | #include "includes.h" | 25 | #include "includes.h" |
| 26 | RCSID("$OpenBSD: sshconnect2.c,v 1.61 2001/04/03 19:53:29 markus Exp $"); | 26 | RCSID("$OpenBSD: sshconnect2.c,v 1.62 2001/04/03 23:32:12 markus Exp $"); |
| 27 | 27 | ||
| 28 | #include <openssl/bn.h> | 28 | #include <openssl/bn.h> |
| 29 | #include <openssl/md5.h> | 29 | #include <openssl/md5.h> |
| @@ -117,6 +117,9 @@ ssh_kex2(char *host, struct sockaddr *hostaddr) | |||
| 117 | /* start key exchange */ | 117 | /* start key exchange */ |
| 118 | dispatch_run(DISPATCH_BLOCK, &kex->newkeys, kex); | 118 | dispatch_run(DISPATCH_BLOCK, &kex->newkeys, kex); |
| 119 | 119 | ||
| 120 | session_id2 = kex->session_id; | ||
| 121 | session_id2_len = kex->session_id_len; | ||
| 122 | |||
| 120 | #ifdef DEBUG_KEXDH | 123 | #ifdef DEBUG_KEXDH |
| 121 | /* send 1st encrypted/maced/compressed message */ | 124 | /* send 1st encrypted/maced/compressed message */ |
| 122 | packet_start(SSH2_MSG_IGNORE); | 125 | packet_start(SSH2_MSG_IGNORE); |
| @@ -40,7 +40,7 @@ | |||
| 40 | */ | 40 | */ |
| 41 | 41 | ||
| 42 | #include "includes.h" | 42 | #include "includes.h" |
| 43 | RCSID("$OpenBSD: sshd.c,v 1.186 2001/04/03 19:53:29 markus Exp $"); | 43 | RCSID("$OpenBSD: sshd.c,v 1.187 2001/04/03 23:32:12 markus Exp $"); |
| 44 | 44 | ||
| 45 | #include <openssl/dh.h> | 45 | #include <openssl/dh.h> |
| 46 | #include <openssl/bn.h> | 46 | #include <openssl/bn.h> |
| @@ -1434,6 +1434,9 @@ do_ssh2_kex(void) | |||
| 1434 | /* start key exchange */ | 1434 | /* start key exchange */ |
| 1435 | dispatch_run(DISPATCH_BLOCK, &kex->newkeys, kex); | 1435 | dispatch_run(DISPATCH_BLOCK, &kex->newkeys, kex); |
| 1436 | 1436 | ||
| 1437 | session_id2 = kex->session_id; | ||
| 1438 | session_id2_len = kex->session_id_len; | ||
| 1439 | |||
| 1437 | #ifdef DEBUG_KEXDH | 1440 | #ifdef DEBUG_KEXDH |
| 1438 | /* send 1st encrypted/maced/compressed message */ | 1441 | /* send 1st encrypted/maced/compressed message */ |
| 1439 | packet_start(SSH2_MSG_IGNORE); | 1442 | packet_start(SSH2_MSG_IGNORE); |