summaryrefslogtreecommitdiff
path: root/kex.c
diff options
context:
space:
mode:
Diffstat (limited to 'kex.c')
-rw-r--r--kex.c81
1 files changed, 18 insertions, 63 deletions
diff --git a/kex.c b/kex.c
index cf4ac0dc5..d5d5a9dae 100644
--- a/kex.c
+++ b/kex.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: kex.c,v 1.131 2017/03/15 07:07:39 markus Exp $ */ 1/* $OpenBSD: kex.c,v 1.134 2017/06/13 12:13:59 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
4 * 4 *
@@ -54,17 +54,9 @@
54#include "sshbuf.h" 54#include "sshbuf.h"
55#include "digest.h" 55#include "digest.h"
56 56
57#if OPENSSL_VERSION_NUMBER >= 0x00907000L
58# if defined(HAVE_EVP_SHA256)
59# define evp_ssh_sha256 EVP_sha256
60# else
61extern const EVP_MD *evp_ssh_sha256(void);
62# endif
63#endif
64
65/* prototype */ 57/* prototype */
66static int kex_choose_conf(struct ssh *); 58static int kex_choose_conf(struct ssh *);
67static int kex_input_newkeys(int, u_int32_t, void *); 59static int kex_input_newkeys(int, u_int32_t, struct ssh *);
68 60
69static const char *proposal_names[PROPOSAL_MAX] = { 61static const char *proposal_names[PROPOSAL_MAX] = {
70 "KEX algorithms", 62 "KEX algorithms",
@@ -323,9 +315,8 @@ kex_prop_free(char **proposal)
323 315
324/* ARGSUSED */ 316/* ARGSUSED */
325static int 317static int
326kex_protocol_error(int type, u_int32_t seq, void *ctxt) 318kex_protocol_error(int type, u_int32_t seq, struct ssh *ssh)
327{ 319{
328 struct ssh *ssh = active_state; /* XXX */
329 int r; 320 int r;
330 321
331 error("kex protocol error: type %d seq %u", type, seq); 322 error("kex protocol error: type %d seq %u", type, seq);
@@ -383,12 +374,13 @@ kex_send_newkeys(struct ssh *ssh)
383} 374}
384 375
385int 376int
386kex_input_ext_info(int type, u_int32_t seq, void *ctxt) 377kex_input_ext_info(int type, u_int32_t seq, struct ssh *ssh)
387{ 378{
388 struct ssh *ssh = ctxt;
389 struct kex *kex = ssh->kex; 379 struct kex *kex = ssh->kex;
390 u_int32_t i, ninfo; 380 u_int32_t i, ninfo;
391 char *name, *val, *found; 381 char *name, *found;
382 u_char *val;
383 size_t vlen;
392 int r; 384 int r;
393 385
394 debug("SSH2_MSG_EXT_INFO received"); 386 debug("SSH2_MSG_EXT_INFO received");
@@ -398,12 +390,17 @@ kex_input_ext_info(int type, u_int32_t seq, void *ctxt)
398 for (i = 0; i < ninfo; i++) { 390 for (i = 0; i < ninfo; i++) {
399 if ((r = sshpkt_get_cstring(ssh, &name, NULL)) != 0) 391 if ((r = sshpkt_get_cstring(ssh, &name, NULL)) != 0)
400 return r; 392 return r;
401 if ((r = sshpkt_get_cstring(ssh, &val, NULL)) != 0) { 393 if ((r = sshpkt_get_string(ssh, &val, &vlen)) != 0) {
402 free(name); 394 free(name);
403 return r; 395 return r;
404 } 396 }
405 debug("%s: %s=<%s>", __func__, name, val);
406 if (strcmp(name, "server-sig-algs") == 0) { 397 if (strcmp(name, "server-sig-algs") == 0) {
398 /* Ensure no \0 lurking in value */
399 if (memchr(val, '\0', vlen) != NULL) {
400 error("%s: nul byte in %s", __func__, name);
401 return SSH_ERR_INVALID_FORMAT;
402 }
403 debug("%s: %s=<%s>", __func__, name, val);
407 found = match_list("rsa-sha2-256", val, NULL); 404 found = match_list("rsa-sha2-256", val, NULL);
408 if (found) { 405 if (found) {
409 kex->rsa_sha2 = 256; 406 kex->rsa_sha2 = 256;
@@ -414,7 +411,8 @@ kex_input_ext_info(int type, u_int32_t seq, void *ctxt)
414 kex->rsa_sha2 = 512; 411 kex->rsa_sha2 = 512;
415 free(found); 412 free(found);
416 } 413 }
417 } 414 } else
415 debug("%s: %s (unrecognised)", __func__, name);
418 free(name); 416 free(name);
419 free(val); 417 free(val);
420 } 418 }
@@ -422,9 +420,8 @@ kex_input_ext_info(int type, u_int32_t seq, void *ctxt)
422} 420}
423 421
424static int 422static int
425kex_input_newkeys(int type, u_int32_t seq, void *ctxt) 423kex_input_newkeys(int type, u_int32_t seq, struct ssh *ssh)
426{ 424{
427 struct ssh *ssh = ctxt;
428 struct kex *kex = ssh->kex; 425 struct kex *kex = ssh->kex;
429 int r; 426 int r;
430 427
@@ -475,9 +472,8 @@ kex_send_kexinit(struct ssh *ssh)
475 472
476/* ARGSUSED */ 473/* ARGSUSED */
477int 474int
478kex_input_kexinit(int type, u_int32_t seq, void *ctxt) 475kex_input_kexinit(int type, u_int32_t seq, struct ssh *ssh)
479{ 476{
480 struct ssh *ssh = ctxt;
481 struct kex *kex = ssh->kex; 477 struct kex *kex = ssh->kex;
482 const u_char *ptr; 478 const u_char *ptr;
483 u_int i; 479 u_int i;
@@ -988,47 +984,6 @@ kex_derive_keys_bn(struct ssh *ssh, u_char *hash, u_int hashlen,
988} 984}
989#endif 985#endif
990 986
991#ifdef WITH_SSH1
992int
993derive_ssh1_session_id(BIGNUM *host_modulus, BIGNUM *server_modulus,
994 u_int8_t cookie[8], u_int8_t id[16])
995{
996 u_int8_t hbuf[2048], sbuf[2048], obuf[SSH_DIGEST_MAX_LENGTH];
997 struct ssh_digest_ctx *hashctx = NULL;
998 size_t hlen, slen;
999 int r;
1000
1001 hlen = BN_num_bytes(host_modulus);
1002 slen = BN_num_bytes(server_modulus);
1003 if (hlen < (512 / 8) || (u_int)hlen > sizeof(hbuf) ||
1004 slen < (512 / 8) || (u_int)slen > sizeof(sbuf))
1005 return SSH_ERR_KEY_BITS_MISMATCH;
1006 if (BN_bn2bin(host_modulus, hbuf) <= 0 ||
1007 BN_bn2bin(server_modulus, sbuf) <= 0) {
1008 r = SSH_ERR_LIBCRYPTO_ERROR;
1009 goto out;
1010 }
1011 if ((hashctx = ssh_digest_start(SSH_DIGEST_MD5)) == NULL) {
1012 r = SSH_ERR_ALLOC_FAIL;
1013 goto out;
1014 }
1015 if (ssh_digest_update(hashctx, hbuf, hlen) != 0 ||
1016 ssh_digest_update(hashctx, sbuf, slen) != 0 ||
1017 ssh_digest_update(hashctx, cookie, 8) != 0 ||
1018 ssh_digest_final(hashctx, obuf, sizeof(obuf)) != 0) {
1019 r = SSH_ERR_LIBCRYPTO_ERROR;
1020 goto out;
1021 }
1022 memcpy(id, obuf, ssh_digest_bytes(SSH_DIGEST_MD5));
1023 r = 0;
1024 out:
1025 ssh_digest_free(hashctx);
1026 explicit_bzero(hbuf, sizeof(hbuf));
1027 explicit_bzero(sbuf, sizeof(sbuf));
1028 explicit_bzero(obuf, sizeof(obuf));
1029 return r;
1030}
1031#endif
1032 987
1033#if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) || defined(DEBUG_KEXECDH) 988#if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) || defined(DEBUG_KEXECDH)
1034void 989void
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-26 18:29:16 +0000