- provos@cvs.openbsd.org 2001/03/27 17:46:50

[compat.c compat.h dh.c dh.h ssh2.h sshconnect2.c sshd.c version.h] make dh group exchange more flexible, allow min and max group size, okay markus@, deraadt@
author: Ben Lindstrom <mouring@eviladmin.org> 2001-03-29 00:36:16 +0000
committer: Ben Lindstrom <mouring@eviladmin.org> 2001-03-29 00:36:16 +0000
commit: df221391e620776789e40af9a885c7c9cd945bd3 (patch)
tree: 1639ed6e2923e7bb67cc3ebfc0c1bbae03150298 /sshd.c
parent: 60a4381f1a6ebc2f8eeeb2ba4e005ede91ac9af3 (diff)
1 files changed, 29 insertions, 5 deletions
diff --git a/sshd.c b/sshd.c
index 961aeeaa0..65cb832d4 100644
--- a/sshd.c
+++ b/sshd.c
@@ -40,7 +40,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.180 2001/03/27 10:34:08 markus Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.181 2001/03/27 17:46:49 provos Exp $");
 #include <openssl/dh.h>
 #include <openssl/bn.h>
@@ -1614,7 +1614,7 @@ ssh_dhgex_server(Kex *kex, Buffer *client_kexinit, Buffer *server_kexinit)
        int i;
 #endif
        int payload_len, dlen;
-        int slen, nbits;
+        int slen, nbits, type, min, max;
        u_char *signature = NULL;
        u_char *server_host_key_blob = NULL;
        u_int sbloblen;
@@ -1632,9 +1632,33 @@ ssh_dhgex_server(Kex *kex, Buffer *client_kexinit, Buffer *server_kexinit)
 /* KEXDHGEX */
        debug("Wait SSH2_MSG_KEX_DH_GEX_REQUEST.");
-        packet_read_expect(&payload_len, SSH2_MSG_KEX_DH_GEX_REQUEST);
+        type = packet_read(&payload_len);
-        nbits = packet_get_int();
+        if (type != SSH2_MSG_KEX_DH_GEX_REQUEST_OLD &&
-        dh = choose_dh(nbits);
+            type != SSH2_MSG_KEX_DH_GEX_REQUEST)
+                packet_disconnect("Protocol error: expected type %d or %d, got %d",
+                    SSH2_MSG_KEX_DH_GEX_REQUEST_OLD,
+                    SSH2_MSG_KEX_DH_GEX_REQUEST,
+                    type);
+        if (type == SSH2_MSG_KEX_DH_GEX_REQUEST_OLD) {
+                nbits = packet_get_int();
+                min = DH_GRP_MIN;
+                max = DH_GRP_MAX;
+        } else {
+                min = packet_get_int();
+                nbits = packet_get_int();
+                max = packet_get_int();
+                min = MAX(DH_GRP_MIN, min);
+                max = MIN(DH_GRP_MAX, max);
+        }
+        if (max < min || nbits < min || max < nbits)
+                fatal("DH_GEX_REQUEST, bad parameters: %d !< %d !< %d",
+                    min, nbits, max);
+        dh = choose_dh(min, nbits, max);
+        if (dh == NULL)
+                packet_disconnect("Protocol error: no matching DH grp found");
        debug("Sending SSH2_MSG_KEX_DH_GEX_GROUP.");
        packet_start(SSH2_MSG_KEX_DH_GEX_GROUP);
author	Ben Lindstrom <mouring@eviladmin.org>	2001-03-29 00:36:16 +0000
committer	Ben Lindstrom <mouring@eviladmin.org>	2001-03-29 00:36:16 +0000
commit	df221391e620776789e40af9a885c7c9cd945bd3 (patch)
tree	1639ed6e2923e7bb67cc3ebfc0c1bbae03150298 /sshd.c
parent	60a4381f1a6ebc2f8eeeb2ba4e005ede91ac9af3 (diff)

diff --git a/sshd.c b/sshd.c index 961aeeaa0..65cb832d4 100644 --- a/sshd.c +++ b/sshd.c
@@ -40,7 +40,7 @@
40	*/	40	*/
41		41
42	#include "includes.h"	42	#include "includes.h"
43	RCSID("$OpenBSD: sshd.c,v 1.180 2001/03/27 10:34:08 markus Exp $");	43	RCSID("$OpenBSD: sshd.c,v 1.181 2001/03/27 17:46:49 provos Exp $");
44		44
45	#include <openssl/dh.h>	45	#include <openssl/dh.h>
46	#include <openssl/bn.h>	46	#include <openssl/bn.h>
@@ -1614,7 +1614,7 @@ ssh_dhgex_server(Kex kex, Buffer client_kexinit, Buffer *server_kexinit)
1614	int i;	1614	int i;
1615	#endif	1615	#endif
1616	int payload_len, dlen;	1616	int payload_len, dlen;
1617	int slen, nbits;	1617	int slen, nbits, type, min, max;
1618	u_char *signature = NULL;	1618	u_char *signature = NULL;
1619	u_char *server_host_key_blob = NULL;	1619	u_char *server_host_key_blob = NULL;
1620	u_int sbloblen;	1620	u_int sbloblen;
@@ -1632,9 +1632,33 @@ ssh_dhgex_server(Kex kex, Buffer client_kexinit, Buffer *server_kexinit)
1632		1632
1633	/* KEXDHGEX */	1633	/* KEXDHGEX */
1634	debug("Wait SSH2_MSG_KEX_DH_GEX_REQUEST.");	1634	debug("Wait SSH2_MSG_KEX_DH_GEX_REQUEST.");
1635	packet_read_expect(&payload_len, SSH2_MSG_KEX_DH_GEX_REQUEST);	1635	type = packet_read(&payload_len);
1636	nbits = packet_get_int();	1636	if (type != SSH2_MSG_KEX_DH_GEX_REQUEST_OLD &&
1637	dh = choose_dh(nbits);	1637	type != SSH2_MSG_KEX_DH_GEX_REQUEST)
		1638	packet_disconnect("Protocol error: expected type %d or %d, got %d",
		1639	SSH2_MSG_KEX_DH_GEX_REQUEST_OLD,
		1640	SSH2_MSG_KEX_DH_GEX_REQUEST,
		1641	type);
		1642	if (type == SSH2_MSG_KEX_DH_GEX_REQUEST_OLD) {
		1643	nbits = packet_get_int();
		1644	min = DH_GRP_MIN;
		1645	max = DH_GRP_MAX;
		1646	} else {
		1647	min = packet_get_int();
		1648	nbits = packet_get_int();
		1649	max = packet_get_int();
		1650
		1651	min = MAX(DH_GRP_MIN, min);
		1652	max = MIN(DH_GRP_MAX, max);
		1653	}
		1654
		1655	if (max < min \|\| nbits < min \|\| max < nbits)
		1656	fatal("DH_GEX_REQUEST, bad parameters: %d !< %d !< %d",
		1657	min, nbits, max);
		1658
		1659	dh = choose_dh(min, nbits, max);
		1660	if (dh == NULL)
		1661	packet_disconnect("Protocol error: no matching DH grp found");
1638		1662
1639	debug("Sending SSH2_MSG_KEX_DH_GEX_GROUP.");	1663	debug("Sending SSH2_MSG_KEX_DH_GEX_GROUP.");
1640	packet_start(SSH2_MSG_KEX_DH_GEX_GROUP);	1664	packet_start(SSH2_MSG_KEX_DH_GEX_GROUP);