diff options
Diffstat (limited to 'kexgexs.c')
| -rw-r--r-- | kexgexs.c | 20 |
1 files changed, 13 insertions, 7 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: kexgexs.c,v 1.12 2009/06/21 07:37:15 dtucker Exp $ */ | 1 | /* $OpenBSD: kexgexs.c,v 1.13 2010/02/26 20:29:54 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2000 Niels Provos. All rights reserved. | 3 | * Copyright (c) 2000 Niels Provos. All rights reserved. |
| 4 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2001 Markus Friedl. All rights reserved. |
| @@ -52,18 +52,24 @@ void | |||
| 52 | kexgex_server(Kex *kex) | 52 | kexgex_server(Kex *kex) |
| 53 | { | 53 | { |
| 54 | BIGNUM *shared_secret = NULL, *dh_client_pub = NULL; | 54 | BIGNUM *shared_secret = NULL, *dh_client_pub = NULL; |
| 55 | Key *server_host_key; | 55 | Key *server_host_public, *server_host_private; |
| 56 | DH *dh; | 56 | DH *dh; |
| 57 | u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL; | 57 | u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL; |
| 58 | u_int sbloblen, klen, slen, hashlen; | 58 | u_int sbloblen, klen, slen, hashlen; |
| 59 | int omin = -1, min = -1, omax = -1, max = -1, onbits = -1, nbits = -1; | 59 | int omin = -1, min = -1, omax = -1, max = -1, onbits = -1, nbits = -1; |
| 60 | int type, kout; | 60 | int type, kout; |
| 61 | 61 | ||
| 62 | if (kex->load_host_key == NULL) | 62 | if (kex->load_host_public_key == NULL || |
| 63 | kex->load_host_private_key == NULL) | ||
| 63 | fatal("Cannot load hostkey"); | 64 | fatal("Cannot load hostkey"); |
| 64 | server_host_key = kex->load_host_key(kex->hostkey_type); | 65 | server_host_public = kex->load_host_public_key(kex->hostkey_type); |
| 65 | if (server_host_key == NULL) | 66 | if (server_host_public == NULL) |
| 66 | fatal("Unsupported hostkey type %d", kex->hostkey_type); | 67 | fatal("Unsupported hostkey type %d", kex->hostkey_type); |
| 68 | server_host_private = kex->load_host_private_key(kex->hostkey_type); | ||
| 69 | if (server_host_private == NULL) | ||
| 70 | fatal("Missing private key for hostkey type %d", | ||
| 71 | kex->hostkey_type); | ||
| 72 | |||
| 67 | 73 | ||
| 68 | type = packet_read(); | 74 | type = packet_read(); |
| 69 | switch (type) { | 75 | switch (type) { |
| @@ -149,7 +155,7 @@ kexgex_server(Kex *kex) | |||
| 149 | memset(kbuf, 0, klen); | 155 | memset(kbuf, 0, klen); |
| 150 | xfree(kbuf); | 156 | xfree(kbuf); |
| 151 | 157 | ||
| 152 | key_to_blob(server_host_key, &server_host_key_blob, &sbloblen); | 158 | key_to_blob(server_host_public, &server_host_key_blob, &sbloblen); |
| 153 | 159 | ||
| 154 | if (type == SSH2_MSG_KEX_DH_GEX_REQUEST_OLD) | 160 | if (type == SSH2_MSG_KEX_DH_GEX_REQUEST_OLD) |
| 155 | omin = min = omax = max = -1; | 161 | omin = min = omax = max = -1; |
| @@ -179,7 +185,7 @@ kexgex_server(Kex *kex) | |||
| 179 | } | 185 | } |
| 180 | 186 | ||
| 181 | /* sign H */ | 187 | /* sign H */ |
| 182 | if (PRIVSEP(key_sign(server_host_key, &signature, &slen, hash, | 188 | if (PRIVSEP(key_sign(server_host_private, &signature, &slen, hash, |
| 183 | hashlen)) < 0) | 189 | hashlen)) < 0) |
| 184 | fatal("kexgex_server: key_sign failed"); | 190 | fatal("kexgex_server: key_sign failed"); |
| 185 | 191 | ||