- markus@cvs.openbsd.org 2001/04/04 14:34:58

     [clientloop.c kex.c kex.h serverloop.c sshconnect2.c sshd.c]
     enable server side rekeying + some rekey related clientup.
     todo: we should not send any non-KEX messages after we send KEXINIT

1 files changed, 7 insertions, 2 deletions

diff --git a/sshd.c b/sshd.c
index 0bb4269d5..ea29e75ac 100644
--- a/sshd.c
+++ b/sshd.c
@@ -40,7 +40,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.188 2001/04/04 09:48:35 markus Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.189 2001/04/04 14:34:58 markus Exp $");
 
 #include <openssl/dh.h>
 #include <openssl/bn.h>
@@ -141,6 +141,9 @@ int num_listen_socks = 0;
 char *client_version_string = NULL;
 char *server_version_string = NULL;
 
+/* for rekeying XXX fixme */
+Kex *xxx_kex;
+
 /*
  * Any really sensitive data in the application is contained in this
  * structure. The idea is that this structure could be locked into memory so
@@ -1425,13 +1428,15 @@ do_ssh2_kex(void)
         }
         myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = list_hostkey_types();
 
+        /* start key exchange */
         kex = kex_setup(myproposal);
         kex->server = 1;
         kex->client_version_string=client_version_string;
         kex->server_version_string=server_version_string;
         kex->load_host_key=&get_hostkey_by_type;
 
-        /* start key exchange */
+        xxx_kex = kex;
+
         dispatch_run(DISPATCH_BLOCK, &kex->newkeys, kex);
 
         session_id2 = kex->session_id;