diff options
| author | Damien Miller <djm@mindrot.org> | 2006-03-15 12:08:28 +1100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2006-03-15 12:08:28 +1100 |
| commit | a63128d1a8a4077bc992e09d00e2683d1592e500 (patch) | |
| tree | d202bbd39fd539ff7173b196df0286636af49f2b /monitor.c | |
| parent | cc3e8ba3c24357b912dd7071ba34ab863de593bd (diff) | |
- djm@cvs.openbsd.org 2006/03/07 09:07:40
[kex.c kex.h monitor.c myproposal.h ssh-keyscan.c sshconnect2.c sshd.c]
Implement the diffie-hellman-group-exchange-sha256 key exchange method
using the SHA256 code in libc (and wrapper to make it into an OpenSSL
EVP), interop tested against CVS PuTTY
NB. no portability bits committed yet
Diffstat (limited to 'monitor.c')
| -rw-r--r-- | monitor.c | 9 |
1 files changed, 7 insertions, 2 deletions
| @@ -25,7 +25,7 @@ | |||
| 25 | */ | 25 | */ |
| 26 | 26 | ||
| 27 | #include "includes.h" | 27 | #include "includes.h" |
| 28 | RCSID("$OpenBSD: monitor.c,v 1.68 2006/02/20 17:02:44 stevesk Exp $"); | 28 | RCSID("$OpenBSD: monitor.c,v 1.69 2006/03/07 09:07:40 djm Exp $"); |
| 29 | 29 | ||
| 30 | #include <sys/types.h> | 30 | #include <sys/types.h> |
| 31 | #include <sys/wait.h> | 31 | #include <sys/wait.h> |
| @@ -543,7 +543,11 @@ mm_answer_sign(int sock, Buffer *m) | |||
| 543 | keyid = buffer_get_int(m); | 543 | keyid = buffer_get_int(m); |
| 544 | p = buffer_get_string(m, &datlen); | 544 | p = buffer_get_string(m, &datlen); |
| 545 | 545 | ||
| 546 | if (datlen != 20) | 546 | /* |
| 547 | * Supported KEX types will only return SHA1 (20 byte) or | ||
| 548 | * SHA256 (32 byte) hashes | ||
| 549 | */ | ||
| 550 | if (datlen != 20 && datlen != 32) | ||
| 547 | fatal("%s: data length incorrect: %u", __func__, datlen); | 551 | fatal("%s: data length incorrect: %u", __func__, datlen); |
| 548 | 552 | ||
| 549 | /* save session id, it will be passed on the first call */ | 553 | /* save session id, it will be passed on the first call */ |
| @@ -1627,6 +1631,7 @@ mm_get_kex(Buffer *m) | |||
| 1627 | kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; | 1631 | kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; |
| 1628 | kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; | 1632 | kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; |
| 1629 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; | 1633 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; |
| 1634 | kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; | ||
| 1630 | kex->server = 1; | 1635 | kex->server = 1; |
| 1631 | kex->hostkey_type = buffer_get_int(m); | 1636 | kex->hostkey_type = buffer_get_int(m); |
| 1632 | kex->kex_type = buffer_get_int(m); | 1637 | kex->kex_type = buffer_get_int(m); |