diff options
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | kex.c | 41 |
2 files changed, 42 insertions, 5 deletions
@@ -24,6 +24,10 @@ | |||
24 | [scp.c] | 24 | [scp.c] |
25 | call okname() only when using system(3) for remote-remote copy; | 25 | call okname() only when using system(3) for remote-remote copy; |
26 | fixes bugs #483, #472; ok deraadt@, mouring@ | 26 | fixes bugs #483, #472; ok deraadt@, mouring@ |
27 | - markus@cvs.openbsd.org 2003/02/02 10:56:08 | ||
28 | [kex.c] | ||
29 | add support for key exchange guesses; based on work by | ||
30 | avraham.fraenkel@commatch.com; fixes bug #148; ok deraadt@ | ||
27 | 31 | ||
28 | 20030211 | 32 | 20030211 |
29 | - (djm) Cygwin needs libcrypt too. Patch from vinschen@redhat.com | 33 | - (djm) Cygwin needs libcrypt too. Patch from vinschen@redhat.com |
@@ -1124,4 +1128,4 @@ | |||
1124 | save auth method before monitor_reset_key_state(); bugzilla bug #284; | 1128 | save auth method before monitor_reset_key_state(); bugzilla bug #284; |
1125 | ok provos@ | 1129 | ok provos@ |
1126 | 1130 | ||
1127 | $Id: ChangeLog,v 1.2599 2003/02/24 00:52:58 djm Exp $ | 1131 | $Id: ChangeLog,v 1.2600 2003/02/24 00:53:32 djm Exp $ |
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: kex.c,v 1.52 2002/11/21 22:45:31 markus Exp $"); | 26 | RCSID("$OpenBSD: kex.c,v 1.53 2003/02/02 10:56:08 markus Exp $"); |
27 | 27 | ||
28 | #include <openssl/crypto.h> | 28 | #include <openssl/crypto.h> |
29 | 29 | ||
@@ -74,7 +74,7 @@ kex_prop2buf(Buffer *b, char *proposal[PROPOSAL_MAX]) | |||
74 | 74 | ||
75 | /* parse buffer and return algorithm proposal */ | 75 | /* parse buffer and return algorithm proposal */ |
76 | static char ** | 76 | static char ** |
77 | kex_buf2prop(Buffer *raw) | 77 | kex_buf2prop(Buffer *raw, int *first_kex_follows) |
78 | { | 78 | { |
79 | Buffer b; | 79 | Buffer b; |
80 | int i; | 80 | int i; |
@@ -94,6 +94,8 @@ kex_buf2prop(Buffer *raw) | |||
94 | } | 94 | } |
95 | /* first kex follows / reserved */ | 95 | /* first kex follows / reserved */ |
96 | i = buffer_get_char(&b); | 96 | i = buffer_get_char(&b); |
97 | if (first_kex_follows != NULL) | ||
98 | *first_kex_follows = i; | ||
97 | debug2("kex_parse_kexinit: first_kex_follows %d ", i); | 99 | debug2("kex_parse_kexinit: first_kex_follows %d ", i); |
98 | i = buffer_get_int(&b); | 100 | i = buffer_get_int(&b); |
99 | debug2("kex_parse_kexinit: reserved %d ", i); | 101 | debug2("kex_parse_kexinit: reserved %d ", i); |
@@ -317,6 +319,30 @@ choose_hostkeyalg(Kex *k, char *client, char *server) | |||
317 | xfree(hostkeyalg); | 319 | xfree(hostkeyalg); |
318 | } | 320 | } |
319 | 321 | ||
322 | static int | ||
323 | proposals_match(char *my[PROPOSAL_MAX], char *peer[PROPOSAL_MAX]) | ||
324 | { | ||
325 | static int check[] = { | ||
326 | PROPOSAL_KEX_ALGS, PROPOSAL_SERVER_HOST_KEY_ALGS, -1 | ||
327 | }; | ||
328 | int *idx; | ||
329 | char *p; | ||
330 | |||
331 | for (idx = &check[0]; *idx != -1; idx++) { | ||
332 | if ((p = strchr(my[*idx], ',')) != NULL) | ||
333 | *p = '\0'; | ||
334 | if ((p = strchr(peer[*idx], ',')) != NULL) | ||
335 | *p = '\0'; | ||
336 | if (strcmp(my[*idx], peer[*idx]) != 0) { | ||
337 | debug2("proposal mismatch: my %s peer %s", | ||
338 | my[*idx], peer[*idx]); | ||
339 | return (0); | ||
340 | } | ||
341 | } | ||
342 | debug2("proposals match"); | ||
343 | return (1); | ||
344 | } | ||
345 | |||
320 | static void | 346 | static void |
321 | kex_choose_conf(Kex *kex) | 347 | kex_choose_conf(Kex *kex) |
322 | { | 348 | { |
@@ -327,9 +353,10 @@ kex_choose_conf(Kex *kex) | |||
327 | int mode; | 353 | int mode; |
328 | int ctos; /* direction: if true client-to-server */ | 354 | int ctos; /* direction: if true client-to-server */ |
329 | int need; | 355 | int need; |
356 | int first_kex_follows, type; | ||
330 | 357 | ||
331 | my = kex_buf2prop(&kex->my); | 358 | my = kex_buf2prop(&kex->my, NULL); |
332 | peer = kex_buf2prop(&kex->peer); | 359 | peer = kex_buf2prop(&kex->peer, &first_kex_follows); |
333 | 360 | ||
334 | if (kex->server) { | 361 | if (kex->server) { |
335 | cprop=peer; | 362 | cprop=peer; |
@@ -373,6 +400,12 @@ kex_choose_conf(Kex *kex) | |||
373 | /* XXX need runden? */ | 400 | /* XXX need runden? */ |
374 | kex->we_need = need; | 401 | kex->we_need = need; |
375 | 402 | ||
403 | /* ignore the next message if the proposals do not match */ | ||
404 | if (first_kex_follows && !proposals_match(my, peer)) { | ||
405 | type = packet_read(); | ||
406 | debug2("skipping next packet (type %u)", type); | ||
407 | } | ||
408 | |||
376 | kex_prop_free(my); | 409 | kex_prop_free(my); |
377 | kex_prop_free(peer); | 410 | kex_prop_free(peer); |
378 | } | 411 | } |