Mercurial > dropbear
annotate common-kex.c @ 511:582cb38e4eb5 insecure-nocrypto
propagate from branch 'au.asn.ucc.matt.dropbear' (head cdcc3c729e29544e8b98a408e2dc60e4483dfd2a)
to branch 'au.asn.ucc.matt.dropbear.insecure-nocrypto' (head 0ca38a1cf349f7426ac9de34ebe4c3e3735effab)
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Thu, 06 Nov 2008 13:16:55 +0000 |
| parents | 64abb124763d 43bbe17d6ba0 |
| children | 0129fd8ccc71 |
| rev | line source |
|---|---|
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
1 /* |
|
74
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
36
diff
changeset
|
2 * Dropbear SSH |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
3 * |
| 33 | 4 * Copyright (c) 2002-2004 Matt Johnston |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
5 * Portions Copyright (c) 2004 by Mihnea Stoenescu |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
6 * All rights reserved. |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
7 * |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
8 * Permission is hereby granted, free of charge, to any person obtaining a copy |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
9 * of this software and associated documentation files (the "Software"), to deal |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
10 * in the Software without restriction, including without limitation the rights |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
11 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
12 * copies of the Software, and to permit persons to whom the Software is |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
13 * furnished to do so, subject to the following conditions: |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
14 * |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
15 * The above copyright notice and this permission notice shall be included in |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
16 * all copies or substantial portions of the Software. |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
17 * |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
18 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
19 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
20 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
21 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
22 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
23 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
24 * SOFTWARE. */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
25 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
26 #include "includes.h" |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
27 #include "dbutil.h" |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
28 #include "algo.h" |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
29 #include "buffer.h" |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
30 #include "session.h" |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
31 #include "kex.h" |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
32 #include "ssh.h" |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
33 #include "packet.h" |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
34 #include "bignum.h" |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
35 #include "random.h" |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
36 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
37 /* diffie-hellman-group1-sha1 value for p */ |
| 227 | 38 static const unsigned char dh_p_val[] = { |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
39 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
40 0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
41 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6, |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
42 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
43 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D, |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
44 0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
45 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9, |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
46 0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
47 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11, |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
48 0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE6, 0x53, 0x81, |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
49 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}; |
| 227 | 50 #define DH_P_LEN sizeof(dh_p_val) |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
51 |
| 227 | 52 static const int DH_G_VAL = 2; |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
53 |
| 33 | 54 static void kexinitialise(); |
|
35
0ad5fb979f42
set the isserver flag (oops)
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
55 void gen_new_keys(); |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
56 #ifndef DISABLE_ZLIB |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
57 static void gen_new_zstreams(); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
58 #endif |
| 33 | 59 static void read_kex_algos(); |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
60 /* helper function for gen_new_keys */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
61 static void hashkeys(unsigned char *out, int outlen, |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
62 const hash_state * hs, unsigned const char X); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
63 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
64 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
65 /* Send our list of algorithms we can use */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
66 void send_msg_kexinit() { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
67 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
68 CHECKCLEARTOWRITE(); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
69 buf_putbyte(ses.writepayload, SSH_MSG_KEXINIT); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
70 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
71 /* cookie */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
72 genrandom(buf_getwriteptr(ses.writepayload, 16), 16); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
73 buf_incrwritepos(ses.writepayload, 16); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
74 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
75 /* kex algos */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
76 buf_put_algolist(ses.writepayload, sshkex); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
77 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
78 /* server_host_key_algorithms */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
79 buf_put_algolist(ses.writepayload, sshhostkey); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
80 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
81 /* encryption_algorithms_client_to_server */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
82 buf_put_algolist(ses.writepayload, sshciphers); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
83 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
84 /* encryption_algorithms_server_to_client */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
85 buf_put_algolist(ses.writepayload, sshciphers); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
86 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
87 /* mac_algorithms_client_to_server */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
88 buf_put_algolist(ses.writepayload, sshhashes); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
89 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
90 /* mac_algorithms_server_to_client */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
91 buf_put_algolist(ses.writepayload, sshhashes); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
92 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
93 /* compression_algorithms_client_to_server */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
94 buf_put_algolist(ses.writepayload, sshcompress); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
95 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
96 /* compression_algorithms_server_to_client */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
97 buf_put_algolist(ses.writepayload, sshcompress); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
98 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
99 /* languages_client_to_server */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
100 buf_putstring(ses.writepayload, "", 0); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
101 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
102 /* languages_server_to_client */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
103 buf_putstring(ses.writepayload, "", 0); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
104 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
105 /* first_kex_packet_follows - unimplemented for now */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
106 buf_putbyte(ses.writepayload, 0x00); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
107 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
108 /* reserved unit32 */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
109 buf_putint(ses.writepayload, 0); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
110 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
111 /* set up transmitted kex packet buffer for hashing. |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
112 * This is freed after the end of the kex */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
113 ses.transkexinit = buf_newcopy(ses.writepayload); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
114 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
115 encrypt_packet(); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
116 ses.dataallowed = 0; /* don't send other packets during kex */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
117 |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
116
diff
changeset
|
118 TRACE(("DATAALLOWED=0")) |
|
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
116
diff
changeset
|
119 TRACE(("-> KEXINIT")) |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
120 ses.kexstate.sentkexinit = 1; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
121 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
122 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
123 /* *** NOTE regarding (send|recv)_msg_newkeys *** |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
124 * Changed by mihnea from the original kex.c to set dataallowed after a |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
125 * completed key exchange, no matter the order in which it was performed. |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
126 * This enables client mode without affecting server functionality. |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
127 */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
128 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
129 /* Bring new keys into use after a key exchange, and let the client know*/ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
130 void send_msg_newkeys() { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
131 |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
116
diff
changeset
|
132 TRACE(("enter send_msg_newkeys")) |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
133 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
134 /* generate the kexinit request */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
135 CHECKCLEARTOWRITE(); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
136 buf_putbyte(ses.writepayload, SSH_MSG_NEWKEYS); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
137 encrypt_packet(); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
138 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
139 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
140 /* set up our state */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
141 if (ses.kexstate.recvnewkeys) { |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
116
diff
changeset
|
142 TRACE(("while RECVNEWKEYS=1")) |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
143 gen_new_keys(); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
144 kexinitialise(); /* we've finished with this kex */ |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
116
diff
changeset
|
145 TRACE((" -> DATAALLOWED=1")) |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
146 ses.dataallowed = 1; /* we can send other packets again now */ |
| 33 | 147 ses.kexstate.donefirstkex = 1; |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
148 } else { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
149 ses.kexstate.sentnewkeys = 1; |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
116
diff
changeset
|
150 TRACE(("SENTNEWKEYS=1")) |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
151 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
152 |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
116
diff
changeset
|
153 TRACE(("-> MSG_NEWKEYS")) |
|
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
116
diff
changeset
|
154 TRACE(("leave send_msg_newkeys")) |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
155 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
156 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
157 /* Bring the new keys into use after a key exchange */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
158 void recv_msg_newkeys() { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
159 |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
116
diff
changeset
|
160 TRACE(("<- MSG_NEWKEYS")) |
|
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
116
diff
changeset
|
161 TRACE(("enter recv_msg_newkeys")) |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
162 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
163 /* simply check if we've sent SSH_MSG_NEWKEYS, and if so, |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
164 * switch to the new keys */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
165 if (ses.kexstate.sentnewkeys) { |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
116
diff
changeset
|
166 TRACE(("while SENTNEWKEYS=1")) |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
167 gen_new_keys(); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
168 kexinitialise(); /* we've finished with this kex */ |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
116
diff
changeset
|
169 TRACE((" -> DATAALLOWED=1")) |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
170 ses.dataallowed = 1; /* we can send other packets again now */ |
| 33 | 171 ses.kexstate.donefirstkex = 1; |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
172 } else { |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
116
diff
changeset
|
173 TRACE(("RECVNEWKEYS=1")) |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
174 ses.kexstate.recvnewkeys = 1; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
175 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
176 |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
116
diff
changeset
|
177 TRACE(("leave recv_msg_newkeys")) |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
178 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
179 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
180 |
| 33 | 181 /* Set up the kex for the first time */ |
| 182 void kexfirstinitialise() { | |
| 183 | |
| 184 ses.kexstate.donefirstkex = 0; | |
| 185 kexinitialise(); | |
| 186 } | |
| 187 | |
| 188 /* Reset the kex state, ready for a new negotiation */ | |
| 189 static void kexinitialise() { | |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
190 |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
116
diff
changeset
|
191 TRACE(("kexinitialise()")) |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
192 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
193 /* sent/recv'd MSG_KEXINIT */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
194 ses.kexstate.sentkexinit = 0; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
195 ses.kexstate.recvkexinit = 0; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
196 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
197 /* sent/recv'd MSG_NEWKEYS */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
198 ses.kexstate.recvnewkeys = 0; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
199 ses.kexstate.sentnewkeys = 0; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
200 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
201 /* first_packet_follows */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
202 ses.kexstate.firstfollows = 0; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
203 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
204 ses.kexstate.datatrans = 0; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
205 ses.kexstate.datarecv = 0; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
206 |
|
454
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
410
diff
changeset
|
207 ses.kexstate.lastkextime = time(NULL); |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
208 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
209 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
210 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
211 /* Helper function for gen_new_keys, creates a hash. It makes a copy of the |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
212 * already initialised hash_state hs, which should already have processed |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
213 * the dh_K and hash, since these are common. X is the letter 'A', 'B' etc. |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
214 * out must have at least min(SHA1_HASH_SIZE, outlen) bytes allocated. |
|
409
0e69e948caba
Add comments about requiring keysize <= 2*SHA1_HASH_SIZE
Matt Johnston <matt@ucc.asn.au>
parents:
257
diff
changeset
|
215 * The output will only be expanded once, as we are assured that |
|
0e69e948caba
Add comments about requiring keysize <= 2*SHA1_HASH_SIZE
Matt Johnston <matt@ucc.asn.au>
parents:
257
diff
changeset
|
216 * outlen <= 2*SHA1_HASH_SIZE for all known hashes. |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
217 * |
|
409
0e69e948caba
Add comments about requiring keysize <= 2*SHA1_HASH_SIZE
Matt Johnston <matt@ucc.asn.au>
parents:
257
diff
changeset
|
218 * See Section 7.2 of rfc4253 (ssh transport) for details */ |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
219 static void hashkeys(unsigned char *out, int outlen, |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
220 const hash_state * hs, const unsigned char X) { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
221 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
222 hash_state hs2; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
223 unsigned char k2[SHA1_HASH_SIZE]; /* used to extending */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
224 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
225 memcpy(&hs2, hs, sizeof(hash_state)); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
226 sha1_process(&hs2, &X, 1); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
227 sha1_process(&hs2, ses.session_id, SHA1_HASH_SIZE); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
228 sha1_done(&hs2, out); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
229 if (SHA1_HASH_SIZE < outlen) { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
230 /* need to extend */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
231 memcpy(&hs2, hs, sizeof(hash_state)); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
232 sha1_process(&hs2, out, SHA1_HASH_SIZE); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
233 sha1_done(&hs2, k2); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
234 memcpy(&out[SHA1_HASH_SIZE], k2, outlen - SHA1_HASH_SIZE); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
235 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
236 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
237 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
238 /* Generate the actual encryption/integrity keys, using the results of the |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
239 * key exchange, as specified in section 5.2 of the IETF secsh-transport |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
240 * draft. This occurs after the DH key-exchange. |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
241 * |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
242 * ses.newkeys is the new set of keys which are generated, these are only |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
243 * taken into use after both sides have sent a newkeys message */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
244 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
245 /* Originally from kex.c, generalized for cli/svr mode --mihnea */ |
|
35
0ad5fb979f42
set the isserver flag (oops)
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
246 void gen_new_keys() { |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
247 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
248 unsigned char C2S_IV[MAX_IV_LEN]; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
249 unsigned char C2S_key[MAX_KEY_LEN]; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
250 unsigned char S2C_IV[MAX_IV_LEN]; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
251 unsigned char S2C_key[MAX_KEY_LEN]; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
252 /* unsigned char key[MAX_KEY_LEN]; */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
253 unsigned char *trans_IV, *trans_key, *recv_IV, *recv_key; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
254 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
255 hash_state hs; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
256 unsigned int C2S_keysize, S2C_keysize; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
257 char mactransletter, macrecvletter; /* Client or server specific */ |
| 342 | 258 int recv_cipher = 0, trans_cipher = 0; |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
259 |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
116
diff
changeset
|
260 TRACE(("enter gen_new_keys")) |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
261 /* the dh_K and hash are the start of all hashes, we make use of that */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
262 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
263 sha1_init(&hs); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
264 sha1_process_mp(&hs, ses.dh_K); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
265 mp_clear(ses.dh_K); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
266 m_free(ses.dh_K); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
267 sha1_process(&hs, ses.hash, SHA1_HASH_SIZE); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
268 m_burn(ses.hash, SHA1_HASH_SIZE); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
269 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
270 if (IS_DROPBEAR_CLIENT) { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
271 trans_IV = C2S_IV; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
272 recv_IV = S2C_IV; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
273 trans_key = C2S_key; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
274 recv_key = S2C_key; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
275 C2S_keysize = ses.newkeys->trans_algo_crypt->keysize; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
276 S2C_keysize = ses.newkeys->recv_algo_crypt->keysize; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
277 mactransletter = 'E'; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
278 macrecvletter = 'F'; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
279 } else { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
280 trans_IV = S2C_IV; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
281 recv_IV = C2S_IV; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
282 trans_key = S2C_key; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
283 recv_key = C2S_key; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
284 C2S_keysize = ses.newkeys->recv_algo_crypt->keysize; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
285 S2C_keysize = ses.newkeys->trans_algo_crypt->keysize; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
286 mactransletter = 'F'; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
287 macrecvletter = 'E'; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
288 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
289 |
|
35
0ad5fb979f42
set the isserver flag (oops)
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
290 hashkeys(C2S_IV, SHA1_HASH_SIZE, &hs, 'A'); |
|
0ad5fb979f42
set the isserver flag (oops)
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
291 hashkeys(S2C_IV, SHA1_HASH_SIZE, &hs, 'B'); |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
292 hashkeys(C2S_key, C2S_keysize, &hs, 'C'); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
293 hashkeys(S2C_key, S2C_keysize, &hs, 'D'); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
294 |
| 342 | 295 recv_cipher = find_cipher(ses.newkeys->recv_algo_crypt->cipherdesc->name); |
| 296 if (recv_cipher < 0) | |
| 297 dropbear_exit("crypto error"); | |
| 502 | 298 if (ses.newkeys->recv_crypt_mode->start(recv_cipher, |
| 299 recv_IV, recv_key, | |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
300 ses.newkeys->recv_algo_crypt->keysize, 0, |
| 502 | 301 &ses.newkeys->recv_cipher_state) != CRYPT_OK) { |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
302 dropbear_exit("crypto error"); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
303 } |
| 502 | 304 |
| 342 | 305 trans_cipher = find_cipher(ses.newkeys->trans_algo_crypt->cipherdesc->name); |
| 306 if (trans_cipher < 0) | |
| 307 dropbear_exit("crypto error"); | |
| 502 | 308 if (ses.newkeys->trans_crypt_mode->start(trans_cipher, |
| 309 trans_IV, trans_key, | |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
310 ses.newkeys->trans_algo_crypt->keysize, 0, |
| 502 | 311 &ses.newkeys->trans_cipher_state) != CRYPT_OK) { |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
312 dropbear_exit("crypto error"); |
|
252
29afa62b5450
- a hack for grahame to run dropbear with "none" cipher.
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
313 if (ses.newkeys->recv_algo_crypt->cipherdesc != NULL) { |
|
29afa62b5450
- a hack for grahame to run dropbear with "none" cipher.
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
314 if (cbc_start( |
|
29afa62b5450
- a hack for grahame to run dropbear with "none" cipher.
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
315 find_cipher(ses.newkeys->recv_algo_crypt->cipherdesc->name), |
|
29afa62b5450
- a hack for grahame to run dropbear with "none" cipher.
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
316 recv_IV, recv_key, |
|
29afa62b5450
- a hack for grahame to run dropbear with "none" cipher.
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
317 ses.newkeys->recv_algo_crypt->keysize, 0, |
|
29afa62b5450
- a hack for grahame to run dropbear with "none" cipher.
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
318 &ses.newkeys->recv_symmetric_struct) != CRYPT_OK) { |
|
29afa62b5450
- a hack for grahame to run dropbear with "none" cipher.
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
319 dropbear_exit("crypto error"); |
|
29afa62b5450
- a hack for grahame to run dropbear with "none" cipher.
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
320 } |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
321 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
322 |
|
252
29afa62b5450
- a hack for grahame to run dropbear with "none" cipher.
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
323 if (ses.newkeys->trans_algo_crypt->cipherdesc != NULL) { |
|
29afa62b5450
- a hack for grahame to run dropbear with "none" cipher.
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
324 if (cbc_start( |
|
29afa62b5450
- a hack for grahame to run dropbear with "none" cipher.
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
325 find_cipher(ses.newkeys->trans_algo_crypt->cipherdesc->name), |
|
29afa62b5450
- a hack for grahame to run dropbear with "none" cipher.
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
326 trans_IV, trans_key, |
|
29afa62b5450
- a hack for grahame to run dropbear with "none" cipher.
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
327 ses.newkeys->trans_algo_crypt->keysize, 0, |
|
29afa62b5450
- a hack for grahame to run dropbear with "none" cipher.
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
328 &ses.newkeys->trans_symmetric_struct) != CRYPT_OK) { |
|
29afa62b5450
- a hack for grahame to run dropbear with "none" cipher.
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
329 dropbear_exit("crypto error"); |
|
29afa62b5450
- a hack for grahame to run dropbear with "none" cipher.
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
330 } |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
331 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
332 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
333 /* MAC keys */ |
|
252
29afa62b5450
- a hack for grahame to run dropbear with "none" cipher.
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
334 if (ses.newkeys->trans_algo_mac->hashdesc != NULL) { |
|
29afa62b5450
- a hack for grahame to run dropbear with "none" cipher.
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
335 hashkeys(ses.newkeys->transmackey, |
|
29afa62b5450
- a hack for grahame to run dropbear with "none" cipher.
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
336 ses.newkeys->trans_algo_mac->keysize, &hs, mactransletter); |
|
29afa62b5450
- a hack for grahame to run dropbear with "none" cipher.
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
337 } |
|
29afa62b5450
- a hack for grahame to run dropbear with "none" cipher.
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
338 if (ses.newkeys->recv_algo_mac->hashdesc != NULL) { |
|
29afa62b5450
- a hack for grahame to run dropbear with "none" cipher.
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
339 hashkeys(ses.newkeys->recvmackey, |
|
29afa62b5450
- a hack for grahame to run dropbear with "none" cipher.
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
340 ses.newkeys->recv_algo_mac->keysize, &hs, macrecvletter); |
|
29afa62b5450
- a hack for grahame to run dropbear with "none" cipher.
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
341 } |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
342 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
343 #ifndef DISABLE_ZLIB |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
344 gen_new_zstreams(); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
345 #endif |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
346 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
347 /* Switch over to the new keys */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
348 m_burn(ses.keys, sizeof(struct key_context)); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
349 m_free(ses.keys); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
350 ses.keys = ses.newkeys; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
351 ses.newkeys = NULL; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
352 |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
116
diff
changeset
|
353 TRACE(("leave gen_new_keys")) |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
354 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
355 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
356 #ifndef DISABLE_ZLIB |
|
501
d58c478bd399
Add support for [email protected] delayed compression.
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
357 |
|
d58c478bd399
Add support for [email protected] delayed compression.
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
358 int is_compress_trans() { |
|
d58c478bd399
Add support for [email protected] delayed compression.
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
359 return ses.keys->trans_algo_comp == DROPBEAR_COMP_ZLIB |
|
d58c478bd399
Add support for [email protected] delayed compression.
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
360 || (ses.authstate.authdone |
|
d58c478bd399
Add support for [email protected] delayed compression.
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
361 && ses.keys->trans_algo_comp == DROPBEAR_COMP_ZLIB_DELAY); |
|
d58c478bd399
Add support for [email protected] delayed compression.
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
362 } |
|
d58c478bd399
Add support for [email protected] delayed compression.
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
363 |
|
d58c478bd399
Add support for [email protected] delayed compression.
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
364 int is_compress_recv() { |
|
d58c478bd399
Add support for [email protected] delayed compression.
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
365 return ses.keys->recv_algo_comp == DROPBEAR_COMP_ZLIB |
|
d58c478bd399
Add support for [email protected] delayed compression.
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
366 || (ses.authstate.authdone |
|
d58c478bd399
Add support for [email protected] delayed compression.
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
367 && ses.keys->recv_algo_comp == DROPBEAR_COMP_ZLIB_DELAY); |
|
d58c478bd399
Add support for [email protected] delayed compression.
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
368 } |
|
d58c478bd399
Add support for [email protected] delayed compression.
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
369 |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
370 /* Set up new zlib compression streams, close the old ones. Only |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
371 * called from gen_new_keys() */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
372 static void gen_new_zstreams() { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
373 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
374 /* create new zstreams */ |
|
501
d58c478bd399
Add support for [email protected] delayed compression.
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
375 if (ses.newkeys->recv_algo_comp == DROPBEAR_COMP_ZLIB |
|
d58c478bd399
Add support for [email protected] delayed compression.
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
376 || ses.newkeys->recv_algo_comp == DROPBEAR_COMP_ZLIB_DELAY) { |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
377 ses.newkeys->recv_zstream = (z_streamp)m_malloc(sizeof(z_stream)); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
378 ses.newkeys->recv_zstream->zalloc = Z_NULL; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
379 ses.newkeys->recv_zstream->zfree = Z_NULL; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
380 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
381 if (inflateInit(ses.newkeys->recv_zstream) != Z_OK) { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
382 dropbear_exit("zlib error"); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
383 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
384 } else { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
385 ses.newkeys->recv_zstream = NULL; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
386 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
387 |
|
501
d58c478bd399
Add support for [email protected] delayed compression.
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
388 if (ses.newkeys->trans_algo_comp == DROPBEAR_COMP_ZLIB |
|
d58c478bd399
Add support for [email protected] delayed compression.
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
389 || ses.newkeys->trans_algo_comp == DROPBEAR_COMP_ZLIB_DELAY) { |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
390 ses.newkeys->trans_zstream = (z_streamp)m_malloc(sizeof(z_stream)); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
391 ses.newkeys->trans_zstream->zalloc = Z_NULL; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
392 ses.newkeys->trans_zstream->zfree = Z_NULL; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
393 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
394 if (deflateInit(ses.newkeys->trans_zstream, Z_DEFAULT_COMPRESSION) |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
395 != Z_OK) { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
396 dropbear_exit("zlib error"); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
397 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
398 } else { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
399 ses.newkeys->trans_zstream = NULL; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
400 } |
|
501
d58c478bd399
Add support for [email protected] delayed compression.
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
401 |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
402 /* clean up old keys */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
403 if (ses.keys->recv_zstream != NULL) { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
404 if (inflateEnd(ses.keys->recv_zstream) == Z_STREAM_ERROR) { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
405 /* Z_DATA_ERROR is ok, just means that stream isn't ended */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
406 dropbear_exit("crypto error"); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
407 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
408 m_free(ses.keys->recv_zstream); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
409 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
410 if (ses.keys->trans_zstream != NULL) { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
411 if (deflateEnd(ses.keys->trans_zstream) == Z_STREAM_ERROR) { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
412 /* Z_DATA_ERROR is ok, just means that stream isn't ended */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
413 dropbear_exit("crypto error"); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
414 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
415 m_free(ses.keys->trans_zstream); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
416 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
417 } |
|
501
d58c478bd399
Add support for [email protected] delayed compression.
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
418 #endif /* DISABLE_ZLIB */ |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
419 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
420 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
421 /* Executed upon receiving a kexinit message from the client to initiate |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
422 * key exchange. If we haven't already done so, we send the list of our |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
423 * preferred algorithms. The client's requested algorithms are processed, |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
424 * and we calculate the first portion of the key-exchange-hash for used |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
425 * later in the key exchange. No response is sent, as the client should |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
426 * initiate the diffie-hellman key exchange */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
427 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
428 /* Originally from kex.c, generalized for cli/svr mode --mihnea */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
429 /* Belongs in common_kex.c where it should be moved after review */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
430 void recv_msg_kexinit() { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
431 |
|
257
63601217f5ab
* options.h, common-kex.c: fix support of 4096 byte host keys
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
432 unsigned int kexhashbuf_len = 0; |
|
63601217f5ab
* options.h, common-kex.c: fix support of 4096 byte host keys
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
433 unsigned int remote_ident_len = 0; |
|
63601217f5ab
* options.h, common-kex.c: fix support of 4096 byte host keys
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
434 unsigned int local_ident_len = 0; |
|
63601217f5ab
* options.h, common-kex.c: fix support of 4096 byte host keys
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
435 |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
116
diff
changeset
|
436 TRACE(("<- KEXINIT")) |
|
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
116
diff
changeset
|
437 TRACE(("enter recv_msg_kexinit")) |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
438 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
439 if (!ses.kexstate.sentkexinit) { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
440 /* we need to send a kex packet */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
441 send_msg_kexinit(); |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
116
diff
changeset
|
442 TRACE(("continue recv_msg_kexinit: sent kexinit")) |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
443 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
444 |
|
257
63601217f5ab
* options.h, common-kex.c: fix support of 4096 byte host keys
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
445 /* start the kex hash */ |
|
63601217f5ab
* options.h, common-kex.c: fix support of 4096 byte host keys
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
446 local_ident_len = strlen(LOCAL_IDENT); |
|
63601217f5ab
* options.h, common-kex.c: fix support of 4096 byte host keys
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
447 remote_ident_len = strlen((char*)ses.remoteident); |
|
63601217f5ab
* options.h, common-kex.c: fix support of 4096 byte host keys
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
448 |
|
63601217f5ab
* options.h, common-kex.c: fix support of 4096 byte host keys
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
449 kexhashbuf_len = local_ident_len + remote_ident_len |
|
63601217f5ab
* options.h, common-kex.c: fix support of 4096 byte host keys
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
450 + ses.transkexinit->len + ses.payload->len |
|
63601217f5ab
* options.h, common-kex.c: fix support of 4096 byte host keys
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
451 + KEXHASHBUF_MAX_INTS; |
|
63601217f5ab
* options.h, common-kex.c: fix support of 4096 byte host keys
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
452 |
|
63601217f5ab
* options.h, common-kex.c: fix support of 4096 byte host keys
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
453 ses.kexhashbuf = buf_new(kexhashbuf_len); |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
454 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
455 if (IS_DROPBEAR_CLIENT) { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
456 |
| 26 | 457 /* read the peer's choice of algos */ |
| 33 | 458 read_kex_algos(); |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
459 |
| 26 | 460 /* V_C, the client's version string (CR and NL excluded) */ |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
461 buf_putstring(ses.kexhashbuf, |
|
257
63601217f5ab
* options.h, common-kex.c: fix support of 4096 byte host keys
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
462 (unsigned char*)LOCAL_IDENT, local_ident_len); |
| 26 | 463 /* V_S, the server's version string (CR and NL excluded) */ |
|
257
63601217f5ab
* options.h, common-kex.c: fix support of 4096 byte host keys
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
464 buf_putstring(ses.kexhashbuf, ses.remoteident, remote_ident_len); |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
465 |
| 26 | 466 /* I_C, the payload of the client's SSH_MSG_KEXINIT */ |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
467 buf_putstring(ses.kexhashbuf, |
|
257
63601217f5ab
* options.h, common-kex.c: fix support of 4096 byte host keys
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
468 ses.transkexinit->data, ses.transkexinit->len); |
| 26 | 469 /* I_S, the payload of the server's SSH_MSG_KEXINIT */ |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
470 buf_setpos(ses.payload, 0); |
|
257
63601217f5ab
* options.h, common-kex.c: fix support of 4096 byte host keys
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
471 buf_putstring(ses.kexhashbuf, ses.payload->data, ses.payload->len); |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
472 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
473 } else { |
| 26 | 474 /* SERVER */ |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
475 |
| 26 | 476 /* read the peer's choice of algos */ |
| 33 | 477 read_kex_algos(); |
| 26 | 478 /* V_C, the client's version string (CR and NL excluded) */ |
|
257
63601217f5ab
* options.h, common-kex.c: fix support of 4096 byte host keys
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
479 buf_putstring(ses.kexhashbuf, ses.remoteident, remote_ident_len); |
| 26 | 480 /* V_S, the server's version string (CR and NL excluded) */ |
|
257
63601217f5ab
* options.h, common-kex.c: fix support of 4096 byte host keys
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
481 buf_putstring(ses.kexhashbuf, |
|
63601217f5ab
* options.h, common-kex.c: fix support of 4096 byte host keys
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
482 (unsigned char*)LOCAL_IDENT, local_ident_len); |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
483 |
| 26 | 484 /* I_C, the payload of the client's SSH_MSG_KEXINIT */ |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
485 buf_setpos(ses.payload, 0); |
|
257
63601217f5ab
* options.h, common-kex.c: fix support of 4096 byte host keys
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
486 buf_putstring(ses.kexhashbuf, ses.payload->data, ses.payload->len); |
|
63601217f5ab
* options.h, common-kex.c: fix support of 4096 byte host keys
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
487 |
| 26 | 488 /* I_S, the payload of the server's SSH_MSG_KEXINIT */ |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
489 buf_putstring(ses.kexhashbuf, |
|
257
63601217f5ab
* options.h, common-kex.c: fix support of 4096 byte host keys
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
490 ses.transkexinit->data, ses.transkexinit->len); |
|
63601217f5ab
* options.h, common-kex.c: fix support of 4096 byte host keys
Matt Johnston <matt@ucc.asn.au>
parents:
228
diff
changeset
|
491 |
| 26 | 492 ses.requirenext = SSH_MSG_KEXDH_INIT; |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
493 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
494 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
495 buf_free(ses.transkexinit); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
496 ses.transkexinit = NULL; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
497 /* the rest of ses.kexhashbuf will be done after DH exchange */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
498 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
499 ses.kexstate.recvkexinit = 1; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
500 |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
116
diff
changeset
|
501 TRACE(("leave recv_msg_kexinit")) |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
502 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
503 |
| 26 | 504 /* Initialises and generate one side of the diffie-hellman key exchange values. |
| 505 * See the ietf-secsh-transport draft, section 6, for details */ | |
|
84
29a5c7c62350
default initialisers for mp_ints
Matt Johnston <matt@ucc.asn.au>
parents:
79
diff
changeset
|
506 /* dh_pub and dh_priv MUST be already initialised */ |
| 26 | 507 void gen_kexdh_vals(mp_int *dh_pub, mp_int *dh_priv) { |
| 508 | |
|
84
29a5c7c62350
default initialisers for mp_ints
Matt Johnston <matt@ucc.asn.au>
parents:
79
diff
changeset
|
509 DEF_MP_INT(dh_p); |
|
29a5c7c62350
default initialisers for mp_ints
Matt Johnston <matt@ucc.asn.au>
parents:
79
diff
changeset
|
510 DEF_MP_INT(dh_q); |
|
29a5c7c62350
default initialisers for mp_ints
Matt Johnston <matt@ucc.asn.au>
parents:
79
diff
changeset
|
511 DEF_MP_INT(dh_g); |
| 26 | 512 |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
116
diff
changeset
|
513 TRACE(("enter send_msg_kexdh_reply")) |
| 26 | 514 |
|
84
29a5c7c62350
default initialisers for mp_ints
Matt Johnston <matt@ucc.asn.au>
parents:
79
diff
changeset
|
515 m_mp_init_multi(&dh_g, &dh_p, &dh_q, NULL); |
| 26 | 516 |
| 517 /* read the prime and generator*/ | |
|
188
c9483550701b
- refactored random mp_int generation and byte->mp_int code
Matt Johnston <matt@ucc.asn.au>
parents:
179
diff
changeset
|
518 bytes_to_mp(&dh_p, (unsigned char*)dh_p_val, DH_P_LEN); |
| 26 | 519 |
| 520 if (mp_set_int(&dh_g, DH_G_VAL) != MP_OKAY) { | |
| 521 dropbear_exit("Diffie-Hellman error"); | |
| 522 } | |
| 523 | |
| 524 /* calculate q = (p-1)/2 */ | |
| 525 /* dh_priv is just a temp var here */ | |
| 526 if (mp_sub_d(&dh_p, 1, dh_priv) != MP_OKAY) { | |
| 527 dropbear_exit("Diffie-Hellman error"); | |
| 528 } | |
| 529 if (mp_div_2(dh_priv, &dh_q) != MP_OKAY) { | |
| 530 dropbear_exit("Diffie-Hellman error"); | |
| 531 } | |
| 532 | |
|
188
c9483550701b
- refactored random mp_int generation and byte->mp_int code
Matt Johnston <matt@ucc.asn.au>
parents:
179
diff
changeset
|
533 /* Generate a private portion 0 < dh_priv < dh_q */ |
|
c9483550701b
- refactored random mp_int generation and byte->mp_int code
Matt Johnston <matt@ucc.asn.au>
parents:
179
diff
changeset
|
534 gen_random_mpint(&dh_q, dh_priv); |
| 26 | 535 |
| 536 /* f = g^y mod p */ | |
| 537 if (mp_exptmod(&dh_g, dh_priv, &dh_p, dh_pub) != MP_OKAY) { | |
| 538 dropbear_exit("Diffie-Hellman error"); | |
| 539 } | |
| 540 mp_clear_multi(&dh_g, &dh_p, &dh_q, NULL); | |
| 541 } | |
| 542 | |
| 543 /* This function is fairly common between client/server, with some substitution | |
| 544 * of dh_e/dh_f etc. Hence these arguments: | |
| 545 * dh_pub_us is 'e' for the client, 'f' for the server. dh_pub_them is | |
| 546 * vice-versa. dh_priv is the x/y value corresponding to dh_pub_us */ | |
| 547 void kexdh_comb_key(mp_int *dh_pub_us, mp_int *dh_priv, mp_int *dh_pub_them, | |
| 548 sign_key *hostkey) { | |
| 549 | |
| 550 mp_int dh_p; | |
| 551 mp_int *dh_e = NULL, *dh_f = NULL; | |
| 552 hash_state hs; | |
| 553 | |
| 554 /* read the prime and generator*/ | |
| 342 | 555 m_mp_init(&dh_p); |
|
188
c9483550701b
- refactored random mp_int generation and byte->mp_int code
Matt Johnston <matt@ucc.asn.au>
parents:
179
diff
changeset
|
556 bytes_to_mp(&dh_p, dh_p_val, DH_P_LEN); |
| 26 | 557 |
| 558 /* Check that dh_pub_them (dh_e or dh_f) is in the range [1, p-1] */ | |
| 559 if (mp_cmp(dh_pub_them, &dh_p) != MP_LT | |
| 560 || mp_cmp_d(dh_pub_them, 0) != MP_GT) { | |
| 561 dropbear_exit("Diffie-Hellman error"); | |
| 562 } | |
| 563 | |
| 564 /* K = e^y mod p = f^x mod p */ | |
| 565 ses.dh_K = (mp_int*)m_malloc(sizeof(mp_int)); | |
| 566 m_mp_init(ses.dh_K); | |
| 567 if (mp_exptmod(dh_pub_them, dh_priv, &dh_p, ses.dh_K) != MP_OKAY) { | |
| 568 dropbear_exit("Diffie-Hellman error"); | |
| 569 } | |
| 570 | |
| 571 /* clear no longer needed vars */ | |
| 572 mp_clear_multi(&dh_p, NULL); | |
| 573 | |
| 574 /* From here on, the code needs to work with the _same_ vars on each side, | |
| 575 * not vice-versaing for client/server */ | |
| 576 if (IS_DROPBEAR_CLIENT) { | |
| 577 dh_e = dh_pub_us; | |
| 578 dh_f = dh_pub_them; | |
| 579 } else { | |
| 580 dh_e = dh_pub_them; | |
| 581 dh_f = dh_pub_us; | |
| 582 } | |
| 583 | |
| 584 /* Create the remainder of the hash buffer, to generate the exchange hash */ | |
| 585 /* K_S, the host key */ | |
| 586 buf_put_pub_key(ses.kexhashbuf, hostkey, ses.newkeys->algo_hostkey); | |
| 587 /* e, exchange value sent by the client */ | |
| 588 buf_putmpint(ses.kexhashbuf, dh_e); | |
| 589 /* f, exchange value sent by the server */ | |
| 590 buf_putmpint(ses.kexhashbuf, dh_f); | |
| 591 /* K, the shared secret */ | |
| 592 buf_putmpint(ses.kexhashbuf, ses.dh_K); | |
| 593 | |
| 594 /* calculate the hash H to sign */ | |
| 595 sha1_init(&hs); | |
| 596 buf_setpos(ses.kexhashbuf, 0); | |
| 597 sha1_process(&hs, buf_getptr(ses.kexhashbuf, ses.kexhashbuf->len), | |
| 598 ses.kexhashbuf->len); | |
| 599 sha1_done(&hs, ses.hash); | |
|
35
0ad5fb979f42
set the isserver flag (oops)
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
600 |
|
0ad5fb979f42
set the isserver flag (oops)
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
601 buf_burn(ses.kexhashbuf); |
| 26 | 602 buf_free(ses.kexhashbuf); |
| 603 ses.kexhashbuf = NULL; | |
| 604 | |
| 605 /* first time around, we set the session_id to H */ | |
| 606 if (ses.session_id == NULL) { | |
| 607 /* create the session_id, this never needs freeing */ | |
| 608 ses.session_id = (unsigned char*)m_malloc(SHA1_HASH_SIZE); | |
| 609 memcpy(ses.session_id, ses.hash, SHA1_HASH_SIZE); | |
| 610 } | |
| 611 } | |
| 612 | |
| 613 /* read the other side's algo list. buf_match_algo is a callback to match | |
| 614 * algos for the client or server. */ | |
| 33 | 615 static void read_kex_algos() { |
| 26 | 616 |
|
36
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
617 /* for asymmetry */ |
|
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
618 algo_type * c2s_hash_algo = NULL; |
|
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
619 algo_type * s2c_hash_algo = NULL; |
|
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
620 algo_type * c2s_cipher_algo = NULL; |
|
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
621 algo_type * s2c_cipher_algo = NULL; |
|
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
622 algo_type * c2s_comp_algo = NULL; |
|
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
623 algo_type * s2c_comp_algo = NULL; |
|
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
624 /* the generic one */ |
|
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
625 algo_type * algo = NULL; |
|
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
626 |
|
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
627 /* which algo couldn't match */ |
| 26 | 628 char * erralgo = NULL; |
| 629 | |
| 630 int goodguess = 0; | |
| 631 int allgood = 1; /* we AND this with each goodguess and see if its still | |
| 632 true after */ | |
| 633 | |
| 634 buf_incrpos(ses.payload, 16); /* start after the cookie */ | |
| 635 | |
| 636 ses.newkeys = (struct key_context*)m_malloc(sizeof(struct key_context)); | |
| 637 | |
| 638 /* kex_algorithms */ | |
| 33 | 639 algo = ses.buf_match_algo(ses.payload, sshkex, &goodguess); |
| 26 | 640 allgood &= goodguess; |
| 641 if (algo == NULL) { | |
| 642 erralgo = "kex"; | |
| 643 goto error; | |
| 644 } | |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
116
diff
changeset
|
645 TRACE(("kex algo %s", algo->name)) |
| 26 | 646 ses.newkeys->algo_kex = algo->val; |
| 647 | |
| 648 /* server_host_key_algorithms */ | |
| 33 | 649 algo = ses.buf_match_algo(ses.payload, sshhostkey, &goodguess); |
| 26 | 650 allgood &= goodguess; |
| 651 if (algo == NULL) { | |
| 652 erralgo = "hostkey"; | |
| 653 goto error; | |
| 654 } | |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
116
diff
changeset
|
655 TRACE(("hostkey algo %s", algo->name)) |
| 26 | 656 ses.newkeys->algo_hostkey = algo->val; |
| 657 | |
| 658 /* encryption_algorithms_client_to_server */ | |
|
36
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
659 c2s_cipher_algo = ses.buf_match_algo(ses.payload, sshciphers, &goodguess); |
|
116
2010f4119c1a
Check for non-matching algos properly
Matt Johnston <matt@ucc.asn.au>
parents:
84
diff
changeset
|
660 if (c2s_cipher_algo == NULL) { |
| 26 | 661 erralgo = "enc c->s"; |
| 662 goto error; | |
| 663 } | |
|
228
5e4110bb753a
- Fixed twofish algorithm naming so it actually works.
Matt Johnston <matt@ucc.asn.au>
parents:
227
diff
changeset
|
664 TRACE(("enc c2s is %s", c2s_cipher_algo->name)) |
| 26 | 665 |
| 666 /* encryption_algorithms_server_to_client */ | |
|
36
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
667 s2c_cipher_algo = ses.buf_match_algo(ses.payload, sshciphers, &goodguess); |
|
116
2010f4119c1a
Check for non-matching algos properly
Matt Johnston <matt@ucc.asn.au>
parents:
84
diff
changeset
|
668 if (s2c_cipher_algo == NULL) { |
| 26 | 669 erralgo = "enc s->c"; |
| 670 goto error; | |
| 671 } | |
|
228
5e4110bb753a
- Fixed twofish algorithm naming so it actually works.
Matt Johnston <matt@ucc.asn.au>
parents:
227
diff
changeset
|
672 TRACE(("enc s2c is %s", s2c_cipher_algo->name)) |
| 26 | 673 |
| 674 /* mac_algorithms_client_to_server */ | |
|
36
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
675 c2s_hash_algo = ses.buf_match_algo(ses.payload, sshhashes, &goodguess); |
|
116
2010f4119c1a
Check for non-matching algos properly
Matt Johnston <matt@ucc.asn.au>
parents:
84
diff
changeset
|
676 if (c2s_hash_algo == NULL) { |
| 26 | 677 erralgo = "mac c->s"; |
| 678 goto error; | |
| 679 } | |
|
228
5e4110bb753a
- Fixed twofish algorithm naming so it actually works.
Matt Johnston <matt@ucc.asn.au>
parents:
227
diff
changeset
|
680 TRACE(("hash c2s is %s", c2s_hash_algo->name)) |
| 26 | 681 |
| 682 /* mac_algorithms_server_to_client */ | |
|
36
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
683 s2c_hash_algo = ses.buf_match_algo(ses.payload, sshhashes, &goodguess); |
|
116
2010f4119c1a
Check for non-matching algos properly
Matt Johnston <matt@ucc.asn.au>
parents:
84
diff
changeset
|
684 if (s2c_hash_algo == NULL) { |
| 26 | 685 erralgo = "mac s->c"; |
| 686 goto error; | |
| 687 } | |
|
228
5e4110bb753a
- Fixed twofish algorithm naming so it actually works.
Matt Johnston <matt@ucc.asn.au>
parents:
227
diff
changeset
|
688 TRACE(("hash s2c is %s", s2c_hash_algo->name)) |
| 26 | 689 |
| 690 /* compression_algorithms_client_to_server */ | |
|
36
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
691 c2s_comp_algo = ses.buf_match_algo(ses.payload, sshcompress, &goodguess); |
|
116
2010f4119c1a
Check for non-matching algos properly
Matt Johnston <matt@ucc.asn.au>
parents:
84
diff
changeset
|
692 if (c2s_comp_algo == NULL) { |
| 26 | 693 erralgo = "comp c->s"; |
| 694 goto error; | |
| 695 } | |
|
228
5e4110bb753a
- Fixed twofish algorithm naming so it actually works.
Matt Johnston <matt@ucc.asn.au>
parents:
227
diff
changeset
|
696 TRACE(("hash c2s is %s", c2s_comp_algo->name)) |
| 26 | 697 |
| 698 /* compression_algorithms_server_to_client */ | |
|
36
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
699 s2c_comp_algo = ses.buf_match_algo(ses.payload, sshcompress, &goodguess); |
|
116
2010f4119c1a
Check for non-matching algos properly
Matt Johnston <matt@ucc.asn.au>
parents:
84
diff
changeset
|
700 if (s2c_comp_algo == NULL) { |
| 26 | 701 erralgo = "comp s->c"; |
| 702 goto error; | |
| 703 } | |
|
228
5e4110bb753a
- Fixed twofish algorithm naming so it actually works.
Matt Johnston <matt@ucc.asn.au>
parents:
227
diff
changeset
|
704 TRACE(("hash s2c is %s", s2c_comp_algo->name)) |
| 26 | 705 |
| 706 /* languages_client_to_server */ | |
| 707 buf_eatstring(ses.payload); | |
| 708 | |
| 709 /* languages_server_to_client */ | |
| 710 buf_eatstring(ses.payload); | |
| 711 | |
| 712 /* first_kex_packet_follows */ | |
|
179
161557a9dde8
* fix longstanding bug with connections being closed on failure to
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
713 if (buf_getbool(ses.payload)) { |
| 26 | 714 ses.kexstate.firstfollows = 1; |
| 715 /* if the guess wasn't good, we ignore the packet sent */ | |
| 716 if (!allgood) { | |
| 717 ses.ignorenext = 1; | |
| 718 } | |
| 719 } | |
| 720 | |
|
36
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
721 /* Handle the asymmetry */ |
|
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
722 if (IS_DROPBEAR_CLIENT) { |
|
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
723 ses.newkeys->recv_algo_crypt = |
|
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
724 (struct dropbear_cipher*)s2c_cipher_algo->data; |
|
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
725 ses.newkeys->trans_algo_crypt = |
|
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
726 (struct dropbear_cipher*)c2s_cipher_algo->data; |
| 502 | 727 ses.newkeys->recv_crypt_mode = |
| 728 (struct dropbear_cipher_mode*)s2c_cipher_algo->mode; | |
| 729 ses.newkeys->trans_crypt_mode = | |
| 730 (struct dropbear_cipher_mode*)c2s_cipher_algo->mode; | |
|
36
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
731 ses.newkeys->recv_algo_mac = |
|
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
732 (struct dropbear_hash*)s2c_hash_algo->data; |
|
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
733 ses.newkeys->trans_algo_mac = |
|
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
734 (struct dropbear_hash*)c2s_hash_algo->data; |
|
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
735 ses.newkeys->recv_algo_comp = s2c_comp_algo->val; |
|
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
736 ses.newkeys->trans_algo_comp = c2s_comp_algo->val; |
|
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
737 } else { |
|
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
738 /* SERVER */ |
|
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
739 ses.newkeys->recv_algo_crypt = |
|
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
740 (struct dropbear_cipher*)c2s_cipher_algo->data; |
|
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
741 ses.newkeys->trans_algo_crypt = |
|
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
742 (struct dropbear_cipher*)s2c_cipher_algo->data; |
| 502 | 743 ses.newkeys->recv_crypt_mode = |
| 744 (struct dropbear_cipher_mode*)c2s_cipher_algo->mode; | |
| 745 ses.newkeys->trans_crypt_mode = | |
| 746 (struct dropbear_cipher_mode*)s2c_cipher_algo->mode; | |
|
36
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
747 ses.newkeys->recv_algo_mac = |
|
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
748 (struct dropbear_hash*)c2s_hash_algo->data; |
|
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
749 ses.newkeys->trans_algo_mac = |
|
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
750 (struct dropbear_hash*)s2c_hash_algo->data; |
|
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
751 ses.newkeys->recv_algo_comp = c2s_comp_algo->val; |
|
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
752 ses.newkeys->trans_algo_comp = s2c_comp_algo->val; |
|
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
753 } |
|
a600c015562d
Handle differing c2s and s2c algorithms properly
Matt Johnston <matt@ucc.asn.au>
parents:
35
diff
changeset
|
754 |
| 26 | 755 /* reserved for future extensions */ |
| 756 buf_getint(ses.payload); | |
| 757 return; | |
| 758 | |
| 759 error: | |
| 760 dropbear_exit("no matching algo %s", erralgo); | |
| 761 } |