diff options
Diffstat (limited to 'kexgexs.c')
-rw-r--r-- | kexgexs.c | 20 |
1 files changed, 10 insertions, 10 deletions
@@ -24,7 +24,7 @@ | |||
24 | */ | 24 | */ |
25 | 25 | ||
26 | #include "includes.h" | 26 | #include "includes.h" |
27 | RCSID("$OpenBSD: kexgexs.c,v 1.1 2003/02/16 17:09:57 markus Exp $"); | 27 | RCSID("$OpenBSD: kexgexs.c,v 1.2 2005/11/04 05:15:59 djm Exp $"); |
28 | 28 | ||
29 | #include "xmalloc.h" | 29 | #include "xmalloc.h" |
30 | #include "key.h" | 30 | #include "key.h" |
@@ -43,7 +43,7 @@ kexgex_server(Kex *kex) | |||
43 | Key *server_host_key; | 43 | Key *server_host_key; |
44 | DH *dh; | 44 | DH *dh; |
45 | u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL; | 45 | u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL; |
46 | u_int sbloblen, klen, kout, slen; | 46 | u_int sbloblen, klen, kout, slen, hashlen; |
47 | int min = -1, max = -1, nbits = -1, type; | 47 | int min = -1, max = -1, nbits = -1, type; |
48 | 48 | ||
49 | if (kex->load_host_key == NULL) | 49 | if (kex->load_host_key == NULL) |
@@ -137,8 +137,9 @@ kexgex_server(Kex *kex) | |||
137 | if (type == SSH2_MSG_KEX_DH_GEX_REQUEST_OLD) | 137 | if (type == SSH2_MSG_KEX_DH_GEX_REQUEST_OLD) |
138 | min = max = -1; | 138 | min = max = -1; |
139 | 139 | ||
140 | /* calc H */ /* XXX depends on 'kex' */ | 140 | /* calc H */ |
141 | hash = kexgex_hash( | 141 | kexgex_hash( |
142 | kex->evp_md, | ||
142 | kex->client_version_string, | 143 | kex->client_version_string, |
143 | kex->server_version_string, | 144 | kex->server_version_string, |
144 | buffer_ptr(&kex->peer), buffer_len(&kex->peer), | 145 | buffer_ptr(&kex->peer), buffer_len(&kex->peer), |
@@ -148,21 +149,20 @@ kexgex_server(Kex *kex) | |||
148 | dh->p, dh->g, | 149 | dh->p, dh->g, |
149 | dh_client_pub, | 150 | dh_client_pub, |
150 | dh->pub_key, | 151 | dh->pub_key, |
151 | shared_secret | 152 | shared_secret, |
153 | &hash, &hashlen | ||
152 | ); | 154 | ); |
153 | BN_clear_free(dh_client_pub); | 155 | BN_clear_free(dh_client_pub); |
154 | 156 | ||
155 | /* save session id := H */ | 157 | /* save session id := H */ |
156 | /* XXX hashlen depends on KEX */ | ||
157 | if (kex->session_id == NULL) { | 158 | if (kex->session_id == NULL) { |
158 | kex->session_id_len = 20; | 159 | kex->session_id_len = hashlen; |
159 | kex->session_id = xmalloc(kex->session_id_len); | 160 | kex->session_id = xmalloc(kex->session_id_len); |
160 | memcpy(kex->session_id, hash, kex->session_id_len); | 161 | memcpy(kex->session_id, hash, kex->session_id_len); |
161 | } | 162 | } |
162 | 163 | ||
163 | /* sign H */ | 164 | /* sign H */ |
164 | /* XXX hashlen depends on KEX */ | 165 | PRIVSEP(key_sign(server_host_key, &signature, &slen, hash, hashlen)); |
165 | PRIVSEP(key_sign(server_host_key, &signature, &slen, hash, 20)); | ||
166 | 166 | ||
167 | /* destroy_sensitive_data(); */ | 167 | /* destroy_sensitive_data(); */ |
168 | 168 | ||
@@ -179,7 +179,7 @@ kexgex_server(Kex *kex) | |||
179 | /* have keys, free DH */ | 179 | /* have keys, free DH */ |
180 | DH_free(dh); | 180 | DH_free(dh); |
181 | 181 | ||
182 | kex_derive_keys(kex, hash, shared_secret); | 182 | kex_derive_keys(kex, hash, hashlen, shared_secret); |
183 | BN_clear_free(shared_secret); | 183 | BN_clear_free(shared_secret); |
184 | 184 | ||
185 | kex_finish(kex); | 185 | kex_finish(kex); |