diff options
Diffstat (limited to 'kexdhs.c')
-rw-r--r-- | kexdhs.c | 13 |
1 files changed, 7 insertions, 6 deletions
@@ -35,6 +35,8 @@ | |||
35 | 35 | ||
36 | #include <openssl/dh.h> | 36 | #include <openssl/dh.h> |
37 | 37 | ||
38 | #include "openbsd-compat/openssl-compat.h" | ||
39 | |||
38 | #include "sshkey.h" | 40 | #include "sshkey.h" |
39 | #include "cipher.h" | 41 | #include "cipher.h" |
40 | #include "digest.h" | 42 | #include "digest.h" |
@@ -95,6 +97,7 @@ input_kex_dh_init(int type, u_int32_t seq, struct ssh *ssh) | |||
95 | { | 97 | { |
96 | struct kex *kex = ssh->kex; | 98 | struct kex *kex = ssh->kex; |
97 | BIGNUM *shared_secret = NULL, *dh_client_pub = NULL; | 99 | BIGNUM *shared_secret = NULL, *dh_client_pub = NULL; |
100 | const BIGNUM *pub_key; | ||
98 | struct sshkey *server_host_public, *server_host_private; | 101 | struct sshkey *server_host_public, *server_host_private; |
99 | u_char *kbuf = NULL, *signature = NULL, *server_host_key_blob = NULL; | 102 | u_char *kbuf = NULL, *signature = NULL, *server_host_key_blob = NULL; |
100 | u_char hash[SSH_DIGEST_MAX_LENGTH]; | 103 | u_char hash[SSH_DIGEST_MAX_LENGTH]; |
@@ -121,6 +124,7 @@ input_kex_dh_init(int type, u_int32_t seq, struct ssh *ssh) | |||
121 | r = SSH_ERR_ALLOC_FAIL; | 124 | r = SSH_ERR_ALLOC_FAIL; |
122 | goto out; | 125 | goto out; |
123 | } | 126 | } |
127 | DH_get0_key(kex->dh, &pub_key, NULL); | ||
124 | if ((r = sshpkt_get_bignum2(ssh, dh_client_pub)) != 0 || | 128 | if ((r = sshpkt_get_bignum2(ssh, dh_client_pub)) != 0 || |
125 | (r = sshpkt_get_end(ssh)) != 0) | 129 | (r = sshpkt_get_end(ssh)) != 0) |
126 | goto out; | 130 | goto out; |
@@ -130,12 +134,9 @@ input_kex_dh_init(int type, u_int32_t seq, struct ssh *ssh) | |||
130 | BN_print_fp(stderr, dh_client_pub); | 134 | BN_print_fp(stderr, dh_client_pub); |
131 | fprintf(stderr, "\n"); | 135 | fprintf(stderr, "\n"); |
132 | debug("bits %d", BN_num_bits(dh_client_pub)); | 136 | debug("bits %d", BN_num_bits(dh_client_pub)); |
133 | #endif | ||
134 | |||
135 | #ifdef DEBUG_KEXDH | ||
136 | DHparams_print_fp(stderr, kex->dh); | 137 | DHparams_print_fp(stderr, kex->dh); |
137 | fprintf(stderr, "pub= "); | 138 | fprintf(stderr, "pub= "); |
138 | BN_print_fp(stderr, kex->dh->pub_key); | 139 | BN_print_fp(stderr, pub_key); |
139 | fprintf(stderr, "\n"); | 140 | fprintf(stderr, "\n"); |
140 | #endif | 141 | #endif |
141 | if (!dh_pub_is_valid(kex->dh, dh_client_pub)) { | 142 | if (!dh_pub_is_valid(kex->dh, dh_client_pub)) { |
@@ -171,7 +172,7 @@ input_kex_dh_init(int type, u_int32_t seq, struct ssh *ssh) | |||
171 | sshbuf_ptr(kex->my), sshbuf_len(kex->my), | 172 | sshbuf_ptr(kex->my), sshbuf_len(kex->my), |
172 | server_host_key_blob, sbloblen, | 173 | server_host_key_blob, sbloblen, |
173 | dh_client_pub, | 174 | dh_client_pub, |
174 | kex->dh->pub_key, | 175 | pub_key, |
175 | shared_secret, | 176 | shared_secret, |
176 | hash, &hashlen)) != 0) | 177 | hash, &hashlen)) != 0) |
177 | goto out; | 178 | goto out; |
@@ -197,7 +198,7 @@ input_kex_dh_init(int type, u_int32_t seq, struct ssh *ssh) | |||
197 | /* send server hostkey, DH pubkey 'f' and signed H */ | 198 | /* send server hostkey, DH pubkey 'f' and signed H */ |
198 | if ((r = sshpkt_start(ssh, SSH2_MSG_KEXDH_REPLY)) != 0 || | 199 | if ((r = sshpkt_start(ssh, SSH2_MSG_KEXDH_REPLY)) != 0 || |
199 | (r = sshpkt_put_string(ssh, server_host_key_blob, sbloblen)) != 0 || | 200 | (r = sshpkt_put_string(ssh, server_host_key_blob, sbloblen)) != 0 || |
200 | (r = sshpkt_put_bignum2(ssh, kex->dh->pub_key)) != 0 || /* f */ | 201 | (r = sshpkt_put_bignum2(ssh, pub_key)) != 0 || /* f */ |
201 | (r = sshpkt_put_string(ssh, signature, slen)) != 0 || | 202 | (r = sshpkt_put_string(ssh, signature, slen)) != 0 || |
202 | (r = sshpkt_send(ssh)) != 0) | 203 | (r = sshpkt_send(ssh)) != 0) |
203 | goto out; | 204 | goto out; |