summaryrefslogtreecommitdiff
path: root/kexdh.c
diff options
context:
space:
mode:
authordjm@openbsd.org <djm@openbsd.org>2018-12-27 03:25:24 +0000
committerDamien Miller <djm@mindrot.org>2018-12-27 14:38:22 +1100
commit0a843d9a0e805f14653a555f5c7a8ba99d62c12d (patch)
tree481f36e9fd1918be5449e369a97c086a1a8d2432 /kexdh.c
parent434b587afe41c19391821e7392005068fda76248 (diff)
upstream: move client/server SSH-* banners to buffers under
ssh->kex and factor out the banner exchange. This eliminates some common code from the client and server. Also be more strict about handling \r characters - these should only be accepted immediately before \n (pointed out by Jann Horn). Inspired by a patch from Markus Schmidt. (lots of) feedback and ok markus@ OpenBSD-Commit-ID: 1cc7885487a6754f63641d7d3279b0941890275b
Diffstat (limited to 'kexdh.c')
-rw-r--r--kexdh.c10
1 files changed, 5 insertions, 5 deletions
diff --git a/kexdh.c b/kexdh.c
index e6925b186..34c55ef9f 100644
--- a/kexdh.c
+++ b/kexdh.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: kexdh.c,v 1.26 2016/05/02 10:26:04 djm Exp $ */ 1/* $OpenBSD: kexdh.c,v 1.27 2018/12/27 03:25:25 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2001 Markus Friedl. All rights reserved.
4 * 4 *
@@ -46,8 +46,8 @@
46int 46int
47kex_dh_hash( 47kex_dh_hash(
48 int hash_alg, 48 int hash_alg,
49 const char *client_version_string, 49 const struct sshbuf *client_version,
50 const char *server_version_string, 50 const struct sshbuf *server_version,
51 const u_char *ckexinit, size_t ckexinitlen, 51 const u_char *ckexinit, size_t ckexinitlen,
52 const u_char *skexinit, size_t skexinitlen, 52 const u_char *skexinit, size_t skexinitlen,
53 const u_char *serverhostkeyblob, size_t sbloblen, 53 const u_char *serverhostkeyblob, size_t sbloblen,
@@ -63,8 +63,8 @@ kex_dh_hash(
63 return SSH_ERR_INVALID_ARGUMENT; 63 return SSH_ERR_INVALID_ARGUMENT;
64 if ((b = sshbuf_new()) == NULL) 64 if ((b = sshbuf_new()) == NULL)
65 return SSH_ERR_ALLOC_FAIL; 65 return SSH_ERR_ALLOC_FAIL;
66 if ((r = sshbuf_put_cstring(b, client_version_string)) != 0 || 66 if ((r = sshbuf_put_stringb(b, client_version)) < 0 ||
67 (r = sshbuf_put_cstring(b, server_version_string)) != 0 || 67 (r = sshbuf_put_stringb(b, server_version)) < 0 ||
68 /* kexinit messages: fake header: len+SSH2_MSG_KEXINIT */ 68 /* kexinit messages: fake header: len+SSH2_MSG_KEXINIT */
69 (r = sshbuf_put_u32(b, ckexinitlen+1)) != 0 || 69 (r = sshbuf_put_u32(b, ckexinitlen+1)) != 0 ||
70 (r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) != 0 || 70 (r = sshbuf_put_u8(b, SSH2_MSG_KEXINIT)) != 0 ||