diff options
author | Damien Miller <djm@mindrot.org> | 2000-05-30 13:44:51 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2000-05-30 13:44:51 +1000 |
commit | b1715dc0cf5ea91707b437310f63b17bed2dc7a6 (patch) | |
tree | f7fe557697d12b37c6be6a97c6ce083d23fd07de /sshconnect2.c | |
parent | 9448c002db7427058ecca76760f3a75e379bf0a1 (diff) |
- OpenBSD CVS updates:
- markus@cvs.openbsd.org
[session.c]
make x11-fwd work w/ localhost (xauth add host/unix:11)
[cipher.c compat.c readconf.c servconf.c]
check strtok() != NULL; ok niels@
[key.c]
fix key_read() for uuencoded keys w/o '='
[serverloop.c]
group ssh1 vs. ssh2 in serverloop
[kex.c kex.h myproposal.h sshconnect2.c sshd.c]
split kexinit/kexdh, factor out common code
[readconf.c ssh.1 ssh.c]
forwardagent defaults to no, add ssh -A
- theo@cvs.openbsd.org
[session.c]
just some line shortening
Diffstat (limited to 'sshconnect2.c')
-rw-r--r-- | sshconnect2.c | 137 |
1 files changed, 57 insertions, 80 deletions
diff --git a/sshconnect2.c b/sshconnect2.c index 99ffb2c47..0abcf89a0 100644 --- a/sshconnect2.c +++ b/sshconnect2.c | |||
@@ -28,7 +28,7 @@ | |||
28 | */ | 28 | */ |
29 | 29 | ||
30 | #include "includes.h" | 30 | #include "includes.h" |
31 | RCSID("$OpenBSD: sshconnect2.c,v 1.10 2000/05/08 17:42:25 markus Exp $"); | 31 | RCSID("$OpenBSD: sshconnect2.c,v 1.11 2000/05/25 20:45:20 markus Exp $"); |
32 | 32 | ||
33 | #include <openssl/bn.h> | 33 | #include <openssl/bn.h> |
34 | #include <openssl/rsa.h> | 34 | #include <openssl/rsa.h> |
@@ -68,16 +68,12 @@ unsigned char *session_id2 = NULL; | |||
68 | int session_id2_len = 0; | 68 | int session_id2_len = 0; |
69 | 69 | ||
70 | void | 70 | void |
71 | ssh_kex2(char *host, struct sockaddr *hostaddr) | 71 | ssh_kex_dh(Kex *kex, char *host, struct sockaddr *hostaddr, |
72 | Buffer *client_kexinit, Buffer *server_kexinit) | ||
72 | { | 73 | { |
73 | Kex *kex; | 74 | int i; |
74 | char *cprop[PROPOSAL_MAX]; | 75 | int plen, dlen; |
75 | char *sprop[PROPOSAL_MAX]; | ||
76 | Buffer *client_kexinit; | ||
77 | Buffer *server_kexinit; | ||
78 | int payload_len, dlen; | ||
79 | unsigned int klen, kout; | 76 | unsigned int klen, kout; |
80 | char *ptr; | ||
81 | char *signature = NULL; | 77 | char *signature = NULL; |
82 | unsigned int slen; | 78 | unsigned int slen; |
83 | char *server_host_key_blob = NULL; | 79 | char *server_host_key_blob = NULL; |
@@ -86,72 +82,10 @@ ssh_kex2(char *host, struct sockaddr *hostaddr) | |||
86 | DH *dh; | 82 | DH *dh; |
87 | BIGNUM *dh_server_pub = 0; | 83 | BIGNUM *dh_server_pub = 0; |
88 | BIGNUM *shared_secret = 0; | 84 | BIGNUM *shared_secret = 0; |
89 | int i; | ||
90 | unsigned char *kbuf; | 85 | unsigned char *kbuf; |
91 | unsigned char *hash; | 86 | unsigned char *hash; |
92 | 87 | ||
93 | /* KEXINIT */ | ||
94 | |||
95 | debug("Sending KEX init."); | ||
96 | if (options.ciphers != NULL) { | ||
97 | myproposal[PROPOSAL_ENC_ALGS_CTOS] = | ||
98 | myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers; | ||
99 | } else if (options.cipher == SSH_CIPHER_3DES) { | ||
100 | myproposal[PROPOSAL_ENC_ALGS_CTOS] = | ||
101 | myproposal[PROPOSAL_ENC_ALGS_STOC] = | ||
102 | cipher_name(SSH_CIPHER_3DES_CBC); | ||
103 | } else if (options.cipher == SSH_CIPHER_BLOWFISH) { | ||
104 | myproposal[PROPOSAL_ENC_ALGS_CTOS] = | ||
105 | myproposal[PROPOSAL_ENC_ALGS_STOC] = | ||
106 | cipher_name(SSH_CIPHER_BLOWFISH_CBC); | ||
107 | } | ||
108 | if (options.compression) { | ||
109 | myproposal[PROPOSAL_COMP_ALGS_CTOS] = "zlib"; | ||
110 | myproposal[PROPOSAL_COMP_ALGS_STOC] = "zlib"; | ||
111 | } else { | ||
112 | myproposal[PROPOSAL_COMP_ALGS_CTOS] = "none"; | ||
113 | myproposal[PROPOSAL_COMP_ALGS_STOC] = "none"; | ||
114 | } | ||
115 | for (i = 0; i < PROPOSAL_MAX; i++) | ||
116 | cprop[i] = xstrdup(myproposal[i]); | ||
117 | |||
118 | client_kexinit = kex_init(cprop); | ||
119 | packet_start(SSH2_MSG_KEXINIT); | ||
120 | packet_put_raw(buffer_ptr(client_kexinit), buffer_len(client_kexinit)); | ||
121 | packet_send(); | ||
122 | packet_write_wait(); | ||
123 | |||
124 | debug("done"); | ||
125 | |||
126 | packet_read_expect(&payload_len, SSH2_MSG_KEXINIT); | ||
127 | |||
128 | /* save payload for session_id */ | ||
129 | server_kexinit = xmalloc(sizeof(*server_kexinit)); | ||
130 | buffer_init(server_kexinit); | ||
131 | ptr = packet_get_raw(&payload_len); | ||
132 | buffer_append(server_kexinit, ptr, payload_len); | ||
133 | |||
134 | /* skip cookie */ | ||
135 | for (i = 0; i < 16; i++) | ||
136 | (void) packet_get_char(); | ||
137 | /* kex init proposal strings */ | ||
138 | for (i = 0; i < PROPOSAL_MAX; i++) { | ||
139 | sprop[i] = packet_get_string(NULL); | ||
140 | debug("got kexinit string: %s", sprop[i]); | ||
141 | } | ||
142 | i = (int) packet_get_char(); | ||
143 | debug("first kex follow == %d", i); | ||
144 | i = packet_get_int(); | ||
145 | debug("reserved == %d", i); | ||
146 | packet_done(); | ||
147 | |||
148 | debug("done read kexinit"); | ||
149 | kex = kex_choose_conf(cprop, sprop, 0); | ||
150 | |||
151 | /* KEXDH */ | ||
152 | |||
153 | debug("Sending SSH2_MSG_KEXDH_INIT."); | 88 | debug("Sending SSH2_MSG_KEXDH_INIT."); |
154 | |||
155 | /* generate and send 'e', client DH public key */ | 89 | /* generate and send 'e', client DH public key */ |
156 | dh = dh_new_group1(); | 90 | dh = dh_new_group1(); |
157 | packet_start(SSH2_MSG_KEXDH_INIT); | 91 | packet_start(SSH2_MSG_KEXDH_INIT); |
@@ -172,7 +106,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr) | |||
172 | 106 | ||
173 | debug("Wait SSH2_MSG_KEXDH_REPLY."); | 107 | debug("Wait SSH2_MSG_KEXDH_REPLY."); |
174 | 108 | ||
175 | packet_read_expect(&payload_len, SSH2_MSG_KEXDH_REPLY); | 109 | packet_read_expect(&plen, SSH2_MSG_KEXDH_REPLY); |
176 | 110 | ||
177 | debug("Got SSH2_MSG_KEXDH_REPLY."); | 111 | debug("Got SSH2_MSG_KEXDH_REPLY."); |
178 | 112 | ||
@@ -233,10 +167,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr) | |||
233 | shared_secret | 167 | shared_secret |
234 | ); | 168 | ); |
235 | xfree(server_host_key_blob); | 169 | xfree(server_host_key_blob); |
236 | buffer_free(client_kexinit); | 170 | DH_free(dh); |
237 | buffer_free(server_kexinit); | ||
238 | xfree(client_kexinit); | ||
239 | xfree(server_kexinit); | ||
240 | #ifdef DEBUG_KEXDH | 171 | #ifdef DEBUG_KEXDH |
241 | fprintf(stderr, "hash == "); | 172 | fprintf(stderr, "hash == "); |
242 | for (i = 0; i< 20; i++) | 173 | for (i = 0; i< 20; i++) |
@@ -250,16 +181,61 @@ ssh_kex2(char *host, struct sockaddr *hostaddr) | |||
250 | kex_derive_keys(kex, hash, shared_secret); | 181 | kex_derive_keys(kex, hash, shared_secret); |
251 | packet_set_kex(kex); | 182 | packet_set_kex(kex); |
252 | 183 | ||
253 | /* have keys, free DH */ | ||
254 | DH_free(dh); | ||
255 | |||
256 | /* save session id */ | 184 | /* save session id */ |
257 | session_id2_len = 20; | 185 | session_id2_len = 20; |
258 | session_id2 = xmalloc(session_id2_len); | 186 | session_id2 = xmalloc(session_id2_len); |
259 | memcpy(session_id2, hash, session_id2_len); | 187 | memcpy(session_id2, hash, session_id2_len); |
188 | } | ||
189 | |||
190 | void | ||
191 | ssh_kex2(char *host, struct sockaddr *hostaddr) | ||
192 | { | ||
193 | int i, plen; | ||
194 | Kex *kex; | ||
195 | Buffer *client_kexinit, *server_kexinit; | ||
196 | char *sprop[PROPOSAL_MAX]; | ||
197 | |||
198 | if (options.ciphers != NULL) { | ||
199 | myproposal[PROPOSAL_ENC_ALGS_CTOS] = | ||
200 | myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers; | ||
201 | } else if (options.cipher == SSH_CIPHER_3DES) { | ||
202 | myproposal[PROPOSAL_ENC_ALGS_CTOS] = | ||
203 | myproposal[PROPOSAL_ENC_ALGS_STOC] = | ||
204 | (char *) cipher_name(SSH_CIPHER_3DES_CBC); | ||
205 | } else if (options.cipher == SSH_CIPHER_BLOWFISH) { | ||
206 | myproposal[PROPOSAL_ENC_ALGS_CTOS] = | ||
207 | myproposal[PROPOSAL_ENC_ALGS_STOC] = | ||
208 | (char *) cipher_name(SSH_CIPHER_BLOWFISH_CBC); | ||
209 | } | ||
210 | if (options.compression) { | ||
211 | myproposal[PROPOSAL_COMP_ALGS_CTOS] = "zlib"; | ||
212 | myproposal[PROPOSAL_COMP_ALGS_STOC] = "zlib"; | ||
213 | } else { | ||
214 | myproposal[PROPOSAL_COMP_ALGS_CTOS] = "none"; | ||
215 | myproposal[PROPOSAL_COMP_ALGS_STOC] = "none"; | ||
216 | } | ||
217 | |||
218 | /* buffers with raw kexinit messages */ | ||
219 | server_kexinit = xmalloc(sizeof(*server_kexinit)); | ||
220 | buffer_init(server_kexinit); | ||
221 | client_kexinit = kex_init(myproposal); | ||
222 | |||
223 | /* algorithm negotiation */ | ||
224 | kex_exchange_kexinit(client_kexinit, server_kexinit, sprop); | ||
225 | kex = kex_choose_conf(myproposal, sprop, 0); | ||
226 | for (i = 0; i < PROPOSAL_MAX; i++) | ||
227 | xfree(sprop[i]); | ||
228 | |||
229 | /* server authentication and session key agreement */ | ||
230 | ssh_kex_dh(kex, host, hostaddr, client_kexinit, server_kexinit); | ||
231 | |||
232 | buffer_free(client_kexinit); | ||
233 | buffer_free(server_kexinit); | ||
234 | xfree(client_kexinit); | ||
235 | xfree(server_kexinit); | ||
260 | 236 | ||
261 | debug("Wait SSH2_MSG_NEWKEYS."); | 237 | debug("Wait SSH2_MSG_NEWKEYS."); |
262 | packet_read_expect(&payload_len, SSH2_MSG_NEWKEYS); | 238 | packet_read_expect(&plen, SSH2_MSG_NEWKEYS); |
263 | packet_done(); | 239 | packet_done(); |
264 | debug("GOT SSH2_MSG_NEWKEYS."); | 240 | debug("GOT SSH2_MSG_NEWKEYS."); |
265 | 241 | ||
@@ -278,6 +254,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr) | |||
278 | #endif | 254 | #endif |
279 | debug("done: KEX2."); | 255 | debug("done: KEX2."); |
280 | } | 256 | } |
257 | |||
281 | /* | 258 | /* |
282 | * Authenticate user | 259 | * Authenticate user |
283 | */ | 260 | */ |