summaryrefslogtreecommitdiff
path: root/kexgex.c
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2002-03-13 12:47:54 +1100
committerDamien Miller <djm@mindrot.org>2002-03-13 12:47:54 +1100
commit646e7cf3d7e7d4231c2d97d27c09fe5fe1d749e2 (patch)
treea693368c47d2d044514878fbb1516f87b487f78b /kexgex.c
parent29bdd2c9bca2737e7a246ed50fd827a6ccba0c61 (diff)
Import of Niels Provos' 20020312 ssh-complete.diff
PAM, Cygwin and OSF SIA will not work for sure
Diffstat (limited to 'kexgex.c')
-rw-r--r--kexgex.c19
1 files changed, 17 insertions, 2 deletions
diff --git a/kexgex.c b/kexgex.c
index 61896e6ed..3c811f337 100644
--- a/kexgex.c
+++ b/kexgex.c
@@ -38,6 +38,12 @@ RCSID("$OpenBSD: kexgex.c,v 1.20 2002/02/28 15:46:33 markus Exp $");
38#include "dh.h" 38#include "dh.h"
39#include "ssh2.h" 39#include "ssh2.h"
40#include "compat.h" 40#include "compat.h"
41#include "monitor.h"
42#include "monitor_wrap.h"
43
44/* Imports */
45extern int use_privsep;
46extern int mm_recvfd;
41 47
42static u_char * 48static u_char *
43kexgex_hash( 49kexgex_hash(
@@ -296,7 +302,11 @@ kexgex_server(Kex *kex)
296 fatal("DH_GEX_REQUEST, bad parameters: %d !< %d !< %d", 302 fatal("DH_GEX_REQUEST, bad parameters: %d !< %d !< %d",
297 min, nbits, max); 303 min, nbits, max);
298 304
299 dh = choose_dh(min, nbits, max); 305 /* Contact privileged parent */
306 if (use_privsep)
307 dh = mm_choose_dh(mm_recvfd, min, nbits, max);
308 else
309 dh = choose_dh(min, nbits, max);
300 if (dh == NULL) 310 if (dh == NULL)
301 packet_disconnect("Protocol error: no matching DH grp found"); 311 packet_disconnect("Protocol error: no matching DH grp found");
302 312
@@ -379,7 +389,11 @@ kexgex_server(Kex *kex)
379 389
380 /* sign H */ 390 /* sign H */
381 /* XXX hashlen depends on KEX */ 391 /* XXX hashlen depends on KEX */
382 key_sign(server_host_key, &signature, &slen, hash, 20); 392 if (use_privsep)
393 mm_key_sign(mm_recvfd, kex->host_key_index(server_host_key),
394 &signature, &slen, hash, 20);
395 else
396 key_sign(server_host_key, &signature, &slen, hash, 20);
383 397
384 /* destroy_sensitive_data(); */ 398 /* destroy_sensitive_data(); */
385 399
@@ -390,6 +404,7 @@ kexgex_server(Kex *kex)
390 packet_put_bignum2(dh->pub_key); /* f */ 404 packet_put_bignum2(dh->pub_key); /* f */
391 packet_put_string(signature, slen); 405 packet_put_string(signature, slen);
392 packet_send(); 406 packet_send();
407
393 xfree(signature); 408 xfree(signature);
394 xfree(server_host_key_blob); 409 xfree(server_host_key_blob);
395 /* have keys, free DH */ 410 /* have keys, free DH */
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-02 09:38:33 +0000