diff options
author | Colin Watson <cjwatson@debian.org> | 2017-10-04 11:23:58 +0100 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2017-10-04 11:23:58 +0100 |
commit | 62f54f20bf351468e0124f63cc2902ee40d9b0e9 (patch) | |
tree | 3e090f2711b94ca5029d3fa3e8047b1ed1448b1f /kex.c | |
parent | 6fabaf6fd9b07cc8bc6a17c9c4a5b76849cfc874 (diff) | |
parent | 66bf74a92131b7effe49fb0eefe5225151869dc5 (diff) |
Import openssh_7.6p1.orig.tar.gz
Diffstat (limited to 'kex.c')
-rw-r--r-- | kex.c | 81 |
1 files changed, 18 insertions, 63 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kex.c,v 1.131 2017/03/15 07:07:39 markus Exp $ */ | 1 | /* $OpenBSD: kex.c,v 1.134 2017/06/13 12:13:59 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -54,17 +54,9 @@ | |||
54 | #include "sshbuf.h" | 54 | #include "sshbuf.h" |
55 | #include "digest.h" | 55 | #include "digest.h" |
56 | 56 | ||
57 | #if OPENSSL_VERSION_NUMBER >= 0x00907000L | ||
58 | # if defined(HAVE_EVP_SHA256) | ||
59 | # define evp_ssh_sha256 EVP_sha256 | ||
60 | # else | ||
61 | extern const EVP_MD *evp_ssh_sha256(void); | ||
62 | # endif | ||
63 | #endif | ||
64 | |||
65 | /* prototype */ | 57 | /* prototype */ |
66 | static int kex_choose_conf(struct ssh *); | 58 | static int kex_choose_conf(struct ssh *); |
67 | static int kex_input_newkeys(int, u_int32_t, void *); | 59 | static int kex_input_newkeys(int, u_int32_t, struct ssh *); |
68 | 60 | ||
69 | static const char *proposal_names[PROPOSAL_MAX] = { | 61 | static const char *proposal_names[PROPOSAL_MAX] = { |
70 | "KEX algorithms", | 62 | "KEX algorithms", |
@@ -323,9 +315,8 @@ kex_prop_free(char **proposal) | |||
323 | 315 | ||
324 | /* ARGSUSED */ | 316 | /* ARGSUSED */ |
325 | static int | 317 | static int |
326 | kex_protocol_error(int type, u_int32_t seq, void *ctxt) | 318 | kex_protocol_error(int type, u_int32_t seq, struct ssh *ssh) |
327 | { | 319 | { |
328 | struct ssh *ssh = active_state; /* XXX */ | ||
329 | int r; | 320 | int r; |
330 | 321 | ||
331 | error("kex protocol error: type %d seq %u", type, seq); | 322 | error("kex protocol error: type %d seq %u", type, seq); |
@@ -383,12 +374,13 @@ kex_send_newkeys(struct ssh *ssh) | |||
383 | } | 374 | } |
384 | 375 | ||
385 | int | 376 | int |
386 | kex_input_ext_info(int type, u_int32_t seq, void *ctxt) | 377 | kex_input_ext_info(int type, u_int32_t seq, struct ssh *ssh) |
387 | { | 378 | { |
388 | struct ssh *ssh = ctxt; | ||
389 | struct kex *kex = ssh->kex; | 379 | struct kex *kex = ssh->kex; |
390 | u_int32_t i, ninfo; | 380 | u_int32_t i, ninfo; |
391 | char *name, *val, *found; | 381 | char *name, *found; |
382 | u_char *val; | ||
383 | size_t vlen; | ||
392 | int r; | 384 | int r; |
393 | 385 | ||
394 | debug("SSH2_MSG_EXT_INFO received"); | 386 | debug("SSH2_MSG_EXT_INFO received"); |
@@ -398,12 +390,17 @@ kex_input_ext_info(int type, u_int32_t seq, void *ctxt) | |||
398 | for (i = 0; i < ninfo; i++) { | 390 | for (i = 0; i < ninfo; i++) { |
399 | if ((r = sshpkt_get_cstring(ssh, &name, NULL)) != 0) | 391 | if ((r = sshpkt_get_cstring(ssh, &name, NULL)) != 0) |
400 | return r; | 392 | return r; |
401 | if ((r = sshpkt_get_cstring(ssh, &val, NULL)) != 0) { | 393 | if ((r = sshpkt_get_string(ssh, &val, &vlen)) != 0) { |
402 | free(name); | 394 | free(name); |
403 | return r; | 395 | return r; |
404 | } | 396 | } |
405 | debug("%s: %s=<%s>", __func__, name, val); | ||
406 | if (strcmp(name, "server-sig-algs") == 0) { | 397 | if (strcmp(name, "server-sig-algs") == 0) { |
398 | /* Ensure no \0 lurking in value */ | ||
399 | if (memchr(val, '\0', vlen) != NULL) { | ||
400 | error("%s: nul byte in %s", __func__, name); | ||
401 | return SSH_ERR_INVALID_FORMAT; | ||
402 | } | ||
403 | debug("%s: %s=<%s>", __func__, name, val); | ||
407 | found = match_list("rsa-sha2-256", val, NULL); | 404 | found = match_list("rsa-sha2-256", val, NULL); |
408 | if (found) { | 405 | if (found) { |
409 | kex->rsa_sha2 = 256; | 406 | kex->rsa_sha2 = 256; |
@@ -414,7 +411,8 @@ kex_input_ext_info(int type, u_int32_t seq, void *ctxt) | |||
414 | kex->rsa_sha2 = 512; | 411 | kex->rsa_sha2 = 512; |
415 | free(found); | 412 | free(found); |
416 | } | 413 | } |
417 | } | 414 | } else |
415 | debug("%s: %s (unrecognised)", __func__, name); | ||
418 | free(name); | 416 | free(name); |
419 | free(val); | 417 | free(val); |
420 | } | 418 | } |
@@ -422,9 +420,8 @@ kex_input_ext_info(int type, u_int32_t seq, void *ctxt) | |||
422 | } | 420 | } |
423 | 421 | ||
424 | static int | 422 | static int |
425 | kex_input_newkeys(int type, u_int32_t seq, void *ctxt) | 423 | kex_input_newkeys(int type, u_int32_t seq, struct ssh *ssh) |
426 | { | 424 | { |
427 | struct ssh *ssh = ctxt; | ||
428 | struct kex *kex = ssh->kex; | 425 | struct kex *kex = ssh->kex; |
429 | int r; | 426 | int r; |
430 | 427 | ||
@@ -475,9 +472,8 @@ kex_send_kexinit(struct ssh *ssh) | |||
475 | 472 | ||
476 | /* ARGSUSED */ | 473 | /* ARGSUSED */ |
477 | int | 474 | int |
478 | kex_input_kexinit(int type, u_int32_t seq, void *ctxt) | 475 | kex_input_kexinit(int type, u_int32_t seq, struct ssh *ssh) |
479 | { | 476 | { |
480 | struct ssh *ssh = ctxt; | ||
481 | struct kex *kex = ssh->kex; | 477 | struct kex *kex = ssh->kex; |
482 | const u_char *ptr; | 478 | const u_char *ptr; |
483 | u_int i; | 479 | u_int i; |
@@ -988,47 +984,6 @@ kex_derive_keys_bn(struct ssh *ssh, u_char *hash, u_int hashlen, | |||
988 | } | 984 | } |
989 | #endif | 985 | #endif |
990 | 986 | ||
991 | #ifdef WITH_SSH1 | ||
992 | int | ||
993 | derive_ssh1_session_id(BIGNUM *host_modulus, BIGNUM *server_modulus, | ||
994 | u_int8_t cookie[8], u_int8_t id[16]) | ||
995 | { | ||
996 | u_int8_t hbuf[2048], sbuf[2048], obuf[SSH_DIGEST_MAX_LENGTH]; | ||
997 | struct ssh_digest_ctx *hashctx = NULL; | ||
998 | size_t hlen, slen; | ||
999 | int r; | ||
1000 | |||
1001 | hlen = BN_num_bytes(host_modulus); | ||
1002 | slen = BN_num_bytes(server_modulus); | ||
1003 | if (hlen < (512 / 8) || (u_int)hlen > sizeof(hbuf) || | ||
1004 | slen < (512 / 8) || (u_int)slen > sizeof(sbuf)) | ||
1005 | return SSH_ERR_KEY_BITS_MISMATCH; | ||
1006 | if (BN_bn2bin(host_modulus, hbuf) <= 0 || | ||
1007 | BN_bn2bin(server_modulus, sbuf) <= 0) { | ||
1008 | r = SSH_ERR_LIBCRYPTO_ERROR; | ||
1009 | goto out; | ||
1010 | } | ||
1011 | if ((hashctx = ssh_digest_start(SSH_DIGEST_MD5)) == NULL) { | ||
1012 | r = SSH_ERR_ALLOC_FAIL; | ||
1013 | goto out; | ||
1014 | } | ||
1015 | if (ssh_digest_update(hashctx, hbuf, hlen) != 0 || | ||
1016 | ssh_digest_update(hashctx, sbuf, slen) != 0 || | ||
1017 | ssh_digest_update(hashctx, cookie, 8) != 0 || | ||
1018 | ssh_digest_final(hashctx, obuf, sizeof(obuf)) != 0) { | ||
1019 | r = SSH_ERR_LIBCRYPTO_ERROR; | ||
1020 | goto out; | ||
1021 | } | ||
1022 | memcpy(id, obuf, ssh_digest_bytes(SSH_DIGEST_MD5)); | ||
1023 | r = 0; | ||
1024 | out: | ||
1025 | ssh_digest_free(hashctx); | ||
1026 | explicit_bzero(hbuf, sizeof(hbuf)); | ||
1027 | explicit_bzero(sbuf, sizeof(sbuf)); | ||
1028 | explicit_bzero(obuf, sizeof(obuf)); | ||
1029 | return r; | ||
1030 | } | ||
1031 | #endif | ||
1032 | 987 | ||
1033 | #if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) || defined(DEBUG_KEXECDH) | 988 | #if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) || defined(DEBUG_KEXECDH) |
1034 | void | 989 | void |