diff options
author | djm@openbsd.org <djm@openbsd.org> | 2018-12-27 03:25:24 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2018-12-27 14:38:22 +1100 |
commit | 0a843d9a0e805f14653a555f5c7a8ba99d62c12d (patch) | |
tree | 481f36e9fd1918be5449e369a97c086a1a8d2432 /kexc25519.c | |
parent | 434b587afe41c19391821e7392005068fda76248 (diff) |
upstream: move client/server SSH-* banners to buffers under
ssh->kex and factor out the banner exchange. This eliminates some common code
from the client and server.
Also be more strict about handling \r characters - these should only
be accepted immediately before \n (pointed out by Jann Horn).
Inspired by a patch from Markus Schmidt.
(lots of) feedback and ok markus@
OpenBSD-Commit-ID: 1cc7885487a6754f63641d7d3279b0941890275b
Diffstat (limited to 'kexc25519.c')
-rw-r--r-- | kexc25519.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/kexc25519.c b/kexc25519.c index 0897b8c51..712dd523d 100644 --- a/kexc25519.c +++ b/kexc25519.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kexc25519.c,v 1.10 2016/05/02 08:49:03 djm Exp $ */ | 1 | /* $OpenBSD: kexc25519.c,v 1.11 2018/12/27 03:25:25 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2001, 2013 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2001, 2013 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2010 Damien Miller. All rights reserved. | 4 | * Copyright (c) 2010 Damien Miller. All rights reserved. |
@@ -84,8 +84,8 @@ kexc25519_shared_key(const u_char key[CURVE25519_SIZE], | |||
84 | int | 84 | int |
85 | kex_c25519_hash( | 85 | kex_c25519_hash( |
86 | int hash_alg, | 86 | int hash_alg, |
87 | const char *client_version_string, | 87 | const struct sshbuf *client_version, |
88 | const char *server_version_string, | 88 | const struct sshbuf *server_version, |
89 | const u_char *ckexinit, size_t ckexinitlen, | 89 | const u_char *ckexinit, size_t ckexinitlen, |
90 | const u_char *skexinit, size_t skexinitlen, | 90 | const u_char *skexinit, size_t skexinitlen, |
91 | const u_char *serverhostkeyblob, size_t sbloblen, | 91 | const u_char *serverhostkeyblob, size_t sbloblen, |
@@ -101,8 +101,8 @@ kex_c25519_hash( | |||
101 | return SSH_ERR_INVALID_ARGUMENT; | 101 | return SSH_ERR_INVALID_ARGUMENT; |
102 | if ((b = sshbuf_new()) == NULL) | 102 | if ((b = sshbuf_new()) == NULL) |
103 | return SSH_ERR_ALLOC_FAIL; | 103 | return SSH_ERR_ALLOC_FAIL; |
104 | if ((r = sshbuf_put_cstring(b, client_version_string)) < 0 || | 104 | if ((r = sshbuf_put_stringb(b, client_version)) < 0 || |
105 | (r = sshbuf_put_cstring(b, server_version_string)) < 0 || | 105 | (r = sshbuf_put_stringb(b, server_version)) < 0 || |
106 | /* kexinit messages: fake header: len+SSH2_MSG_KEXINIT */ | 106 | /* kexinit messages: fake header: len+SSH2_MSG_KEXINIT */ |
107 | (r = sshbuf_put_u32(b, ckexinitlen+1)) < 0 || | 107 | (r = sshbuf_put_u32(b, ckexinitlen+1)) < 0 || |
108 | (r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) < 0 || | 108 | (r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) < 0 || |