diff options
author | Ben Lindstrom <mouring@eviladmin.org> | 2001-04-04 02:00:54 +0000 |
---|---|---|
committer | Ben Lindstrom <mouring@eviladmin.org> | 2001-04-04 02:00:54 +0000 |
commit | 2d90e003098834de493a797017f8704b2f383f67 (patch) | |
tree | 9465422eab9f2925c7a9ed6cb99a923173fde9fe | |
parent | 9323d964791a8627c7733e64951d32e7d4b19f9c (diff) |
- markus@cvs.openbsd.org 2001/04/03 23:32:12
[kex.c kex.h packet.c sshconnect2.c sshd.c]
undo parts of recent my changes: main part of keyexchange does not
need dispatch-callbacks, since application data is delayed until
the keyexchange completes (if i understand the drafts correctly).
add some infrastructure for re-keying.
-rw-r--r-- | ChangeLog | 8 | ||||
-rw-r--r-- | kex.c | 85 | ||||
-rw-r--r-- | kex.h | 75 | ||||
-rw-r--r-- | packet.c | 108 | ||||
-rw-r--r-- | sshconnect2.c | 5 | ||||
-rw-r--r-- | sshd.c | 5 |
6 files changed, 156 insertions, 130 deletions
@@ -13,6 +13,12 @@ | |||
13 | - todd@cvs.openbsd.org 2001/04/03 21:19:38 | 13 | - todd@cvs.openbsd.org 2001/04/03 21:19:38 |
14 | [ssh_config] | 14 | [ssh_config] |
15 | id_rsa1/2 -> id_rsa; ok markus@ | 15 | id_rsa1/2 -> id_rsa; ok markus@ |
16 | - markus@cvs.openbsd.org 2001/04/03 23:32:12 | ||
17 | [kex.c kex.h packet.c sshconnect2.c sshd.c] | ||
18 | undo parts of recent my changes: main part of keyexchange does not | ||
19 | need dispatch-callbacks, since application data is delayed until | ||
20 | the keyexchange completes (if i understand the drafts correctly). | ||
21 | add some infrastructure for re-keying. | ||
16 | 22 | ||
17 | 20010403 | 23 | 20010403 |
18 | - OpenBSD CVS Sync | 24 | - OpenBSD CVS Sync |
@@ -4823,4 +4829,4 @@ | |||
4823 | - Wrote replacements for strlcpy and mkdtemp | 4829 | - Wrote replacements for strlcpy and mkdtemp |
4824 | - Released 1.0pre1 | 4830 | - Released 1.0pre1 |
4825 | 4831 | ||
4826 | $Id: ChangeLog,v 1.1051 2001/04/04 01:58:48 mouring Exp $ | 4832 | $Id: ChangeLog,v 1.1052 2001/04/04 02:00:54 mouring Exp $ |
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: kex.c,v 1.26 2001/04/03 19:53:29 markus Exp $"); | 26 | RCSID("$OpenBSD: kex.c,v 1.27 2001/04/03 23:32:11 markus Exp $"); |
27 | 27 | ||
28 | #include <openssl/crypto.h> | 28 | #include <openssl/crypto.h> |
29 | 29 | ||
@@ -131,7 +131,7 @@ kex_input_newkeys(int type, int plen, void *ctxt) | |||
131 | for (i = 30; i <= 49; i++) | 131 | for (i = 30; i <= 49; i++) |
132 | dispatch_set(i, &kex_protocol_error); | 132 | dispatch_set(i, &kex_protocol_error); |
133 | buffer_clear(&kex->peer); | 133 | buffer_clear(&kex->peer); |
134 | buffer_clear(&kex->my); | 134 | /* buffer_clear(&kex->my); */ |
135 | kex->flags &= ~KEX_INIT_SENT; | 135 | kex->flags &= ~KEX_INIT_SENT; |
136 | } | 136 | } |
137 | 137 | ||
@@ -152,7 +152,6 @@ kex_input_kexinit(int type, int plen, void *ctxt) | |||
152 | int dlen; | 152 | int dlen; |
153 | Kex *kex = (Kex *)ctxt; | 153 | Kex *kex = (Kex *)ctxt; |
154 | 154 | ||
155 | dispatch_set(SSH2_MSG_KEXINIT, &kex_protocol_error); | ||
156 | debug("SSH2_MSG_KEXINIT received"); | 155 | debug("SSH2_MSG_KEXINIT received"); |
157 | 156 | ||
158 | ptr = packet_get_raw(&dlen); | 157 | ptr = packet_get_raw(&dlen); |
@@ -274,18 +273,20 @@ choose_hostkeyalg(Kex *k, char *client, char *server) | |||
274 | } | 273 | } |
275 | 274 | ||
276 | void | 275 | void |
277 | kex_choose_conf(Kex *k) | 276 | kex_choose_conf(Kex *kex) |
278 | { | 277 | { |
278 | Newkeys *newkeys; | ||
279 | char **my, **peer; | 279 | char **my, **peer; |
280 | char **cprop, **sprop; | 280 | char **cprop, **sprop; |
281 | int nenc, nmac, ncomp; | ||
281 | int mode; | 282 | int mode; |
282 | int ctos; /* direction: if true client-to-server */ | 283 | int ctos; /* direction: if true client-to-server */ |
283 | int need; | 284 | int need; |
284 | 285 | ||
285 | my = kex_buf2prop(&k->my); | 286 | my = kex_buf2prop(&kex->my); |
286 | peer = kex_buf2prop(&k->peer); | 287 | peer = kex_buf2prop(&kex->peer); |
287 | 288 | ||
288 | if (k->server) { | 289 | if (kex->server) { |
289 | cprop=peer; | 290 | cprop=peer; |
290 | sprop=my; | 291 | sprop=my; |
291 | } else { | 292 | } else { |
@@ -294,42 +295,44 @@ kex_choose_conf(Kex *k) | |||
294 | } | 295 | } |
295 | 296 | ||
296 | for (mode = 0; mode < MODE_MAX; mode++) { | 297 | for (mode = 0; mode < MODE_MAX; mode++) { |
297 | int nenc, nmac, ncomp; | 298 | newkeys = xmalloc(sizeof(*newkeys)); |
298 | ctos = (!k->server && mode == MODE_OUT) || (k->server && mode == MODE_IN); | 299 | memset(newkeys, 0, sizeof(*newkeys)); |
300 | kex->keys[mode] = newkeys; | ||
301 | ctos = (!kex->server && mode == MODE_OUT) || (kex->server && mode == MODE_IN); | ||
299 | nenc = ctos ? PROPOSAL_ENC_ALGS_CTOS : PROPOSAL_ENC_ALGS_STOC; | 302 | nenc = ctos ? PROPOSAL_ENC_ALGS_CTOS : PROPOSAL_ENC_ALGS_STOC; |
300 | nmac = ctos ? PROPOSAL_MAC_ALGS_CTOS : PROPOSAL_MAC_ALGS_STOC; | 303 | nmac = ctos ? PROPOSAL_MAC_ALGS_CTOS : PROPOSAL_MAC_ALGS_STOC; |
301 | ncomp = ctos ? PROPOSAL_COMP_ALGS_CTOS : PROPOSAL_COMP_ALGS_STOC; | 304 | ncomp = ctos ? PROPOSAL_COMP_ALGS_CTOS : PROPOSAL_COMP_ALGS_STOC; |
302 | choose_enc (&k->enc [mode], cprop[nenc], sprop[nenc]); | 305 | choose_enc (&newkeys->enc, cprop[nenc], sprop[nenc]); |
303 | choose_mac (&k->mac [mode], cprop[nmac], sprop[nmac]); | 306 | choose_mac (&newkeys->mac, cprop[nmac], sprop[nmac]); |
304 | choose_comp(&k->comp[mode], cprop[ncomp], sprop[ncomp]); | 307 | choose_comp(&newkeys->comp, cprop[ncomp], sprop[ncomp]); |
305 | debug("kex: %s %s %s %s", | 308 | debug("kex: %s %s %s %s", |
306 | ctos ? "client->server" : "server->client", | 309 | ctos ? "client->server" : "server->client", |
307 | k->enc[mode].name, | 310 | newkeys->enc.name, |
308 | k->mac[mode].name, | 311 | newkeys->mac.name, |
309 | k->comp[mode].name); | 312 | newkeys->comp.name); |
310 | } | 313 | } |
311 | choose_kex(k, cprop[PROPOSAL_KEX_ALGS], sprop[PROPOSAL_KEX_ALGS]); | 314 | choose_kex(kex, cprop[PROPOSAL_KEX_ALGS], sprop[PROPOSAL_KEX_ALGS]); |
312 | choose_hostkeyalg(k, cprop[PROPOSAL_SERVER_HOST_KEY_ALGS], | 315 | choose_hostkeyalg(kex, cprop[PROPOSAL_SERVER_HOST_KEY_ALGS], |
313 | sprop[PROPOSAL_SERVER_HOST_KEY_ALGS]); | 316 | sprop[PROPOSAL_SERVER_HOST_KEY_ALGS]); |
314 | need = 0; | 317 | need = 0; |
315 | for (mode = 0; mode < MODE_MAX; mode++) { | 318 | for (mode = 0; mode < MODE_MAX; mode++) { |
316 | if (need < k->enc[mode].cipher->key_len) | 319 | newkeys = kex->keys[mode]; |
317 | need = k->enc[mode].cipher->key_len; | 320 | if (need < newkeys->enc.cipher->key_len) |
318 | if (need < k->enc[mode].cipher->block_size) | 321 | need = newkeys->enc.cipher->key_len; |
319 | need = k->enc[mode].cipher->block_size; | 322 | if (need < newkeys->enc.cipher->block_size) |
320 | if (need < k->mac[mode].key_len) | 323 | need = newkeys->enc.cipher->block_size; |
321 | need = k->mac[mode].key_len; | 324 | if (need < newkeys->mac.key_len) |
325 | need = newkeys->mac.key_len; | ||
322 | } | 326 | } |
323 | /* XXX need runden? */ | 327 | /* XXX need runden? */ |
324 | k->we_need = need; | 328 | kex->we_need = need; |
325 | 329 | ||
326 | kex_prop_free(my); | 330 | kex_prop_free(my); |
327 | kex_prop_free(peer); | 331 | kex_prop_free(peer); |
328 | |||
329 | } | 332 | } |
330 | 333 | ||
331 | u_char * | 334 | u_char * |
332 | derive_key(int id, int need, u_char *hash, BIGNUM *shared_secret) | 335 | derive_key(Kex *kex, int id, int need, u_char *hash, BIGNUM *shared_secret) |
333 | { | 336 | { |
334 | Buffer b; | 337 | Buffer b; |
335 | EVP_MD *evp_md = EVP_sha1(); | 338 | EVP_MD *evp_md = EVP_sha1(); |
@@ -346,7 +349,7 @@ derive_key(int id, int need, u_char *hash, BIGNUM *shared_secret) | |||
346 | EVP_DigestUpdate(&md, buffer_ptr(&b), buffer_len(&b)); /* shared_secret K */ | 349 | EVP_DigestUpdate(&md, buffer_ptr(&b), buffer_len(&b)); /* shared_secret K */ |
347 | EVP_DigestUpdate(&md, hash, mdsz); /* transport-06 */ | 350 | EVP_DigestUpdate(&md, hash, mdsz); /* transport-06 */ |
348 | EVP_DigestUpdate(&md, &c, 1); /* key id */ | 351 | EVP_DigestUpdate(&md, &c, 1); /* key id */ |
349 | EVP_DigestUpdate(&md, hash, mdsz); /* session id */ | 352 | EVP_DigestUpdate(&md, kex->session_id, kex->session_id_len); |
350 | EVP_DigestFinal(&md, digest, NULL); | 353 | EVP_DigestFinal(&md, digest, NULL); |
351 | 354 | ||
352 | /* expand */ | 355 | /* expand */ |
@@ -365,26 +368,36 @@ derive_key(int id, int need, u_char *hash, BIGNUM *shared_secret) | |||
365 | return digest; | 368 | return digest; |
366 | } | 369 | } |
367 | 370 | ||
371 | Newkeys *x_newkeys[MODE_MAX]; | ||
372 | |||
368 | #define NKEYS 6 | 373 | #define NKEYS 6 |
369 | void | 374 | void |
370 | kex_derive_keys(Kex *k, u_char *hash, BIGNUM *shared_secret) | 375 | kex_derive_keys(Kex *kex, u_char *hash, BIGNUM *shared_secret) |
371 | { | 376 | { |
372 | int i; | 377 | Newkeys *newkeys; |
373 | int mode; | ||
374 | int ctos; | ||
375 | u_char *keys[NKEYS]; | 378 | u_char *keys[NKEYS]; |
379 | int i, mode, ctos; | ||
376 | 380 | ||
377 | for (i = 0; i < NKEYS; i++) | 381 | for (i = 0; i < NKEYS; i++) |
378 | keys[i] = derive_key('A'+i, k->we_need, hash, shared_secret); | 382 | keys[i] = derive_key(kex, 'A'+i, kex->we_need, hash, shared_secret); |
379 | 383 | ||
384 | debug("kex_derive_keys"); | ||
380 | for (mode = 0; mode < MODE_MAX; mode++) { | 385 | for (mode = 0; mode < MODE_MAX; mode++) { |
381 | ctos = (!k->server && mode == MODE_OUT) || (k->server && mode == MODE_IN); | 386 | newkeys = kex->keys[mode]; |
382 | k->enc[mode].iv = keys[ctos ? 0 : 1]; | 387 | ctos = (!kex->server && mode == MODE_OUT) || (kex->server && mode == MODE_IN); |
383 | k->enc[mode].key = keys[ctos ? 2 : 3]; | 388 | newkeys->enc.iv = keys[ctos ? 0 : 1]; |
384 | k->mac[mode].key = keys[ctos ? 4 : 5]; | 389 | newkeys->enc.key = keys[ctos ? 2 : 3]; |
390 | newkeys->mac.key = keys[ctos ? 4 : 5]; | ||
391 | x_newkeys[mode] = newkeys; | ||
385 | } | 392 | } |
386 | } | 393 | } |
387 | 394 | ||
395 | Newkeys * | ||
396 | kex_get_newkeys(int mode) | ||
397 | { | ||
398 | return x_newkeys[mode]; | ||
399 | } | ||
400 | |||
388 | #if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) | 401 | #if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) |
389 | void | 402 | void |
390 | dump_digest(char *msg, u_char *digest, int len) | 403 | dump_digest(char *msg, u_char *digest, int len) |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kex.h,v 1.18 2001/04/03 19:53:29 markus Exp $ */ | 1 | /* $OpenBSD: kex.h,v 1.19 2001/04/03 23:32:12 markus Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
@@ -59,64 +59,69 @@ enum kex_exchange { | |||
59 | DH_GEX_SHA1 | 59 | DH_GEX_SHA1 |
60 | }; | 60 | }; |
61 | 61 | ||
62 | #define KEX_INIT_SENT 0x0001 | ||
63 | |||
62 | typedef struct Kex Kex; | 64 | typedef struct Kex Kex; |
63 | typedef struct Mac Mac; | 65 | typedef struct Mac Mac; |
64 | typedef struct Comp Comp; | 66 | typedef struct Comp Comp; |
65 | typedef struct Enc Enc; | 67 | typedef struct Enc Enc; |
68 | typedef struct Newkeys Newkeys; | ||
66 | 69 | ||
67 | struct Enc { | 70 | struct Enc { |
68 | char *name; | 71 | char *name; |
69 | Cipher *cipher; | 72 | Cipher *cipher; |
70 | int enabled; | 73 | int enabled; |
71 | u_char *key; | 74 | u_char *key; |
72 | u_char *iv; | 75 | u_char *iv; |
73 | }; | 76 | }; |
74 | struct Mac { | 77 | struct Mac { |
75 | char *name; | 78 | char *name; |
76 | int enabled; | 79 | int enabled; |
77 | EVP_MD *md; | 80 | EVP_MD *md; |
78 | int mac_len; | 81 | int mac_len; |
79 | u_char *key; | 82 | u_char *key; |
80 | int key_len; | 83 | int key_len; |
81 | }; | 84 | }; |
82 | struct Comp { | 85 | struct Comp { |
83 | int type; | 86 | int type; |
84 | int enabled; | 87 | int enabled; |
85 | char *name; | 88 | char *name; |
89 | }; | ||
90 | struct Newkeys { | ||
91 | Enc enc; | ||
92 | Mac mac; | ||
93 | Comp comp; | ||
86 | }; | 94 | }; |
87 | #define KEX_INIT_SENT 0x0001 | ||
88 | struct Kex { | 95 | struct Kex { |
89 | Enc enc [MODE_MAX]; | 96 | u_char *session_id; |
90 | Mac mac [MODE_MAX]; | 97 | int session_id_len; |
91 | Comp comp[MODE_MAX]; | 98 | Newkeys *keys[MODE_MAX]; |
92 | int we_need; | 99 | int we_need; |
93 | int server; | 100 | int server; |
94 | char *name; | 101 | char *name; |
95 | int hostkey_type; | 102 | int hostkey_type; |
96 | int kex_type; | 103 | int kex_type; |
97 | 104 | Buffer my; | |
98 | /* used during kex */ | 105 | Buffer peer; |
99 | Buffer my; | 106 | int newkeys; |
100 | Buffer peer; | 107 | int flags; |
101 | int newkeys; | 108 | char *client_version_string; |
102 | int flags; | 109 | char *server_version_string; |
103 | void *state; | 110 | int (*check_host_key)(Key *hostkey); |
104 | char *client_version_string; | 111 | Key *(*load_host_key)(int type); |
105 | char *server_version_string; | ||
106 | |||
107 | int (*check_host_key)(Key *hostkey); | ||
108 | Key *(*load_host_key)(int type); | ||
109 | }; | 112 | }; |
110 | 113 | ||
111 | void kex_derive_keys(Kex *k, u_char *hash, BIGNUM *shared_secret); | ||
112 | void packet_set_kex(Kex *k); | ||
113 | Kex *kex_start(char *proposal[PROPOSAL_MAX]); | 114 | Kex *kex_start(char *proposal[PROPOSAL_MAX]); |
114 | void kex_send_newkeys(void); | 115 | void kex_send_newkeys(void); |
116 | void kex_send_kexinit(Kex *kex); | ||
115 | void kex_protocol_error(int type, int plen, void *ctxt); | 117 | void kex_protocol_error(int type, int plen, void *ctxt); |
118 | void kex_derive_keys(Kex *k, u_char *hash, BIGNUM *shared_secret); | ||
116 | 119 | ||
117 | void kexdh(Kex *); | 120 | void kexdh(Kex *); |
118 | void kexgex(Kex *); | 121 | void kexgex(Kex *); |
119 | 122 | ||
123 | Newkeys *kex_get_newkeys(int mode); | ||
124 | |||
120 | #if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) | 125 | #if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) |
121 | void dump_digest(char *msg, u_char *digest, int len); | 126 | void dump_digest(char *msg, u_char *digest, int len); |
122 | #endif | 127 | #endif |
@@ -37,7 +37,7 @@ | |||
37 | */ | 37 | */ |
38 | 38 | ||
39 | #include "includes.h" | 39 | #include "includes.h" |
40 | RCSID("$OpenBSD: packet.c,v 1.56 2001/03/03 21:41:07 millert Exp $"); | 40 | RCSID("$OpenBSD: packet.c,v 1.57 2001/04/03 23:32:12 markus Exp $"); |
41 | 41 | ||
42 | #include "xmalloc.h" | 42 | #include "xmalloc.h" |
43 | #include "buffer.h" | 43 | #include "buffer.h" |
@@ -121,21 +121,9 @@ static int interactive_mode = 0; | |||
121 | int use_ssh2_packet_format = 0; | 121 | int use_ssh2_packet_format = 0; |
122 | 122 | ||
123 | /* Session key information for Encryption and MAC */ | 123 | /* Session key information for Encryption and MAC */ |
124 | Kex *kex = NULL; | 124 | Newkeys *newkeys[MODE_MAX]; |
125 | 125 | ||
126 | void | 126 | void |
127 | packet_set_kex(Kex *k) | ||
128 | { | ||
129 | if( k->mac[MODE_IN ].key == NULL || | ||
130 | k->enc[MODE_IN ].key == NULL || | ||
131 | k->enc[MODE_IN ].iv == NULL || | ||
132 | k->mac[MODE_OUT].key == NULL || | ||
133 | k->enc[MODE_OUT].key == NULL || | ||
134 | k->enc[MODE_OUT].iv == NULL) | ||
135 | fatal("bad KEX"); | ||
136 | kex = k; | ||
137 | } | ||
138 | void | ||
139 | clear_enc_keys(Enc *enc, int len) | 127 | clear_enc_keys(Enc *enc, int len) |
140 | { | 128 | { |
141 | memset(enc->iv, 0, len); | 129 | memset(enc->iv, 0, len); |
@@ -150,6 +138,7 @@ packet_set_ssh2_format(void) | |||
150 | { | 138 | { |
151 | DBG(debug("use_ssh2_packet_format")); | 139 | DBG(debug("use_ssh2_packet_format")); |
152 | use_ssh2_packet_format = 1; | 140 | use_ssh2_packet_format = 1; |
141 | newkeys[MODE_IN] = newkeys[MODE_OUT] = NULL; | ||
153 | } | 142 | } |
154 | 143 | ||
155 | /* | 144 | /* |
@@ -522,6 +511,41 @@ packet_send1(void) | |||
522 | */ | 511 | */ |
523 | } | 512 | } |
524 | 513 | ||
514 | void | ||
515 | set_newkeys(int mode) | ||
516 | { | ||
517 | Enc *enc; | ||
518 | Mac *mac; | ||
519 | Comp *comp; | ||
520 | CipherContext *cc; | ||
521 | |||
522 | debug("newkeys: mode %d", mode); | ||
523 | |||
524 | cc = (mode == MODE_OUT) ? &send_context : &receive_context; | ||
525 | if (newkeys[mode] != NULL) { | ||
526 | debug("newkeys: rekeying"); | ||
527 | memset(cc, 0, sizeof(*cc)); | ||
528 | // free old keys, reset compression cipher-contexts; | ||
529 | } | ||
530 | newkeys[mode] = kex_get_newkeys(mode); | ||
531 | if (newkeys[mode] == NULL) | ||
532 | fatal("newkeys: no keys for mode %d", mode); | ||
533 | enc = &newkeys[mode]->enc; | ||
534 | mac = &newkeys[mode]->mac; | ||
535 | comp = &newkeys[mode]->comp; | ||
536 | if (mac->md != NULL) | ||
537 | mac->enabled = 1; | ||
538 | DBG(debug("cipher_init_context: %d", mode)); | ||
539 | cipher_init(cc, enc->cipher, enc->key, enc->cipher->key_len, | ||
540 | enc->iv, enc->cipher->block_size); | ||
541 | clear_enc_keys(enc, enc->cipher->key_len); | ||
542 | if (comp->type != 0 && comp->enabled == 0) { | ||
543 | comp->enabled = 1; | ||
544 | if (! packet_compression) | ||
545 | packet_start_compression(6); | ||
546 | } | ||
547 | } | ||
548 | |||
525 | /* | 549 | /* |
526 | * Finalize packet in SSH2 format (compress, mac, encrypt, enqueue) | 550 | * Finalize packet in SSH2 format (compress, mac, encrypt, enqueue) |
527 | */ | 551 | */ |
@@ -540,10 +564,10 @@ packet_send2(void) | |||
540 | Comp *comp = NULL; | 564 | Comp *comp = NULL; |
541 | int block_size; | 565 | int block_size; |
542 | 566 | ||
543 | if (kex != NULL) { | 567 | if (newkeys[MODE_OUT] != NULL) { |
544 | enc = &kex->enc[MODE_OUT]; | 568 | enc = &newkeys[MODE_OUT]->enc; |
545 | mac = &kex->mac[MODE_OUT]; | 569 | mac = &newkeys[MODE_OUT]->mac; |
546 | comp = &kex->comp[MODE_OUT]; | 570 | comp = &newkeys[MODE_OUT]->comp; |
547 | } | 571 | } |
548 | block_size = enc ? enc->cipher->block_size : 8; | 572 | block_size = enc ? enc->cipher->block_size : 8; |
549 | 573 | ||
@@ -622,22 +646,8 @@ packet_send2(void) | |||
622 | log("outgoing seqnr wraps around"); | 646 | log("outgoing seqnr wraps around"); |
623 | buffer_clear(&outgoing_packet); | 647 | buffer_clear(&outgoing_packet); |
624 | 648 | ||
625 | if (type == SSH2_MSG_NEWKEYS) { | 649 | if (type == SSH2_MSG_NEWKEYS) |
626 | if (kex==NULL || mac==NULL || enc==NULL || comp==NULL) | 650 | set_newkeys(MODE_OUT); |
627 | fatal("packet_send2: no KEX"); | ||
628 | if (mac->md != NULL) | ||
629 | mac->enabled = 1; | ||
630 | DBG(debug("cipher_init send_context")); | ||
631 | cipher_init(&send_context, enc->cipher, | ||
632 | enc->key, enc->cipher->key_len, | ||
633 | enc->iv, enc->cipher->block_size); | ||
634 | clear_enc_keys(enc, kex->we_need); | ||
635 | if (comp->type != 0 && comp->enabled == 0) { | ||
636 | comp->enabled = 1; | ||
637 | if (! packet_compression) | ||
638 | packet_start_compression(6); | ||
639 | } | ||
640 | } | ||
641 | } | 651 | } |
642 | 652 | ||
643 | void | 653 | void |
@@ -833,10 +843,10 @@ packet_read_poll2(int *payload_len_ptr) | |||
833 | Mac *mac = NULL; | 843 | Mac *mac = NULL; |
834 | Comp *comp = NULL; | 844 | Comp *comp = NULL; |
835 | 845 | ||
836 | if (kex != NULL) { | 846 | if (newkeys[MODE_IN] != NULL) { |
837 | enc = &kex->enc[MODE_IN]; | 847 | enc = &newkeys[MODE_IN]->enc; |
838 | mac = &kex->mac[MODE_IN]; | 848 | mac = &newkeys[MODE_IN]->mac; |
839 | comp = &kex->comp[MODE_IN]; | 849 | comp = &newkeys[MODE_IN]->comp; |
840 | } | 850 | } |
841 | maclen = mac && mac->enabled ? mac->mac_len : 0; | 851 | maclen = mac && mac->enabled ? mac->mac_len : 0; |
842 | block_size = enc ? enc->cipher->block_size : 8; | 852 | block_size = enc ? enc->cipher->block_size : 8; |
@@ -930,22 +940,8 @@ packet_read_poll2(int *payload_len_ptr) | |||
930 | /* extract packet type */ | 940 | /* extract packet type */ |
931 | type = (u_char)buf[0]; | 941 | type = (u_char)buf[0]; |
932 | 942 | ||
933 | if (type == SSH2_MSG_NEWKEYS) { | 943 | if (type == SSH2_MSG_NEWKEYS) |
934 | if (kex==NULL || mac==NULL || enc==NULL || comp==NULL) | 944 | set_newkeys(MODE_IN); |
935 | fatal("packet_read_poll2: no KEX"); | ||
936 | if (mac->md != NULL) | ||
937 | mac->enabled = 1; | ||
938 | DBG(debug("cipher_init receive_context")); | ||
939 | cipher_init(&receive_context, enc->cipher, | ||
940 | enc->key, enc->cipher->key_len, | ||
941 | enc->iv, enc->cipher->block_size); | ||
942 | clear_enc_keys(enc, kex->we_need); | ||
943 | if (comp->type != 0 && comp->enabled == 0) { | ||
944 | comp->enabled = 1; | ||
945 | if (! packet_compression) | ||
946 | packet_start_compression(6); | ||
947 | } | ||
948 | } | ||
949 | 945 | ||
950 | #ifdef PACKET_DEBUG | 946 | #ifdef PACKET_DEBUG |
951 | fprintf(stderr, "read/plain[%d]:\r\n", type); | 947 | fprintf(stderr, "read/plain[%d]:\r\n", type); |
@@ -1339,8 +1335,8 @@ packet_inject_ignore(int sumlen) | |||
1339 | 1335 | ||
1340 | have = buffer_len(&outgoing_packet); | 1336 | have = buffer_len(&outgoing_packet); |
1341 | debug2("packet_inject_ignore: current %d", have); | 1337 | debug2("packet_inject_ignore: current %d", have); |
1342 | if (kex != NULL) | 1338 | if (newkeys[MODE_OUT] != NULL) |
1343 | enc = &kex->enc[MODE_OUT]; | 1339 | enc = &newkeys[MODE_OUT]->enc; |
1344 | blocksize = enc ? enc->cipher->block_size : 8; | 1340 | blocksize = enc ? enc->cipher->block_size : 8; |
1345 | padlen = blocksize - (have % blocksize); | 1341 | padlen = blocksize - (have % blocksize); |
1346 | if (padlen < 4) | 1342 | if (padlen < 4) |
diff --git a/sshconnect2.c b/sshconnect2.c index 4ed39a23e..dd3f36b57 100644 --- a/sshconnect2.c +++ b/sshconnect2.c | |||
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: sshconnect2.c,v 1.61 2001/04/03 19:53:29 markus Exp $"); | 26 | RCSID("$OpenBSD: sshconnect2.c,v 1.62 2001/04/03 23:32:12 markus Exp $"); |
27 | 27 | ||
28 | #include <openssl/bn.h> | 28 | #include <openssl/bn.h> |
29 | #include <openssl/md5.h> | 29 | #include <openssl/md5.h> |
@@ -117,6 +117,9 @@ ssh_kex2(char *host, struct sockaddr *hostaddr) | |||
117 | /* start key exchange */ | 117 | /* start key exchange */ |
118 | dispatch_run(DISPATCH_BLOCK, &kex->newkeys, kex); | 118 | dispatch_run(DISPATCH_BLOCK, &kex->newkeys, kex); |
119 | 119 | ||
120 | session_id2 = kex->session_id; | ||
121 | session_id2_len = kex->session_id_len; | ||
122 | |||
120 | #ifdef DEBUG_KEXDH | 123 | #ifdef DEBUG_KEXDH |
121 | /* send 1st encrypted/maced/compressed message */ | 124 | /* send 1st encrypted/maced/compressed message */ |
122 | packet_start(SSH2_MSG_IGNORE); | 125 | packet_start(SSH2_MSG_IGNORE); |
@@ -40,7 +40,7 @@ | |||
40 | */ | 40 | */ |
41 | 41 | ||
42 | #include "includes.h" | 42 | #include "includes.h" |
43 | RCSID("$OpenBSD: sshd.c,v 1.186 2001/04/03 19:53:29 markus Exp $"); | 43 | RCSID("$OpenBSD: sshd.c,v 1.187 2001/04/03 23:32:12 markus Exp $"); |
44 | 44 | ||
45 | #include <openssl/dh.h> | 45 | #include <openssl/dh.h> |
46 | #include <openssl/bn.h> | 46 | #include <openssl/bn.h> |
@@ -1434,6 +1434,9 @@ do_ssh2_kex(void) | |||
1434 | /* start key exchange */ | 1434 | /* start key exchange */ |
1435 | dispatch_run(DISPATCH_BLOCK, &kex->newkeys, kex); | 1435 | dispatch_run(DISPATCH_BLOCK, &kex->newkeys, kex); |
1436 | 1436 | ||
1437 | session_id2 = kex->session_id; | ||
1438 | session_id2_len = kex->session_id_len; | ||
1439 | |||
1437 | #ifdef DEBUG_KEXDH | 1440 | #ifdef DEBUG_KEXDH |
1438 | /* send 1st encrypted/maced/compressed message */ | 1441 | /* send 1st encrypted/maced/compressed message */ |
1439 | packet_start(SSH2_MSG_IGNORE); | 1442 | packet_start(SSH2_MSG_IGNORE); |