comparison common-kex.c @ 35:0ad5fb979f42

set the isserver flag (oops) fix password auth for the server
author Matt Johnston <matt@ucc.asn.au>
date Thu, 29 Jul 2004 02:19:03 +0000
parents e2a1eaa19f22
children a600c015562d
comparison
equal deleted inserted replaced
34:e2a1eaa19f22 35:0ad5fb979f42
53 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}; 53 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
54 54
55 const int DH_G_VAL = 2; 55 const int DH_G_VAL = 2;
56 56
57 static void kexinitialise(); 57 static void kexinitialise();
58 static void gen_new_keys(); 58 void gen_new_keys();
59 #ifndef DISABLE_ZLIB 59 #ifndef DISABLE_ZLIB
60 static void gen_new_zstreams(); 60 static void gen_new_zstreams();
61 #endif 61 #endif
62 static void read_kex_algos(); 62 static void read_kex_algos();
63 /* helper function for gen_new_keys */ 63 /* helper function for gen_new_keys */
251 * 251 *
252 * ses.newkeys is the new set of keys which are generated, these are only 252 * ses.newkeys is the new set of keys which are generated, these are only
253 * taken into use after both sides have sent a newkeys message */ 253 * taken into use after both sides have sent a newkeys message */
254 254
255 /* Originally from kex.c, generalized for cli/svr mode --mihnea */ 255 /* Originally from kex.c, generalized for cli/svr mode --mihnea */
256 static void gen_new_keys() { 256 void gen_new_keys() {
257 257
258 unsigned char C2S_IV[MAX_IV_LEN]; 258 unsigned char C2S_IV[MAX_IV_LEN];
259 unsigned char C2S_key[MAX_KEY_LEN]; 259 unsigned char C2S_key[MAX_KEY_LEN];
260 unsigned char S2C_IV[MAX_IV_LEN]; 260 unsigned char S2C_IV[MAX_IV_LEN];
261 unsigned char S2C_key[MAX_KEY_LEN]; 261 unsigned char S2C_key[MAX_KEY_LEN];
273 sha1_process_mp(&hs, ses.dh_K); 273 sha1_process_mp(&hs, ses.dh_K);
274 mp_clear(ses.dh_K); 274 mp_clear(ses.dh_K);
275 m_free(ses.dh_K); 275 m_free(ses.dh_K);
276 sha1_process(&hs, ses.hash, SHA1_HASH_SIZE); 276 sha1_process(&hs, ses.hash, SHA1_HASH_SIZE);
277 m_burn(ses.hash, SHA1_HASH_SIZE); 277 m_burn(ses.hash, SHA1_HASH_SIZE);
278
279 hashkeys(C2S_IV, SHA1_HASH_SIZE, &hs, 'A');
280 hashkeys(S2C_IV, SHA1_HASH_SIZE, &hs, 'B');
281 278
282 if (IS_DROPBEAR_CLIENT) { 279 if (IS_DROPBEAR_CLIENT) {
283 trans_IV = C2S_IV; 280 trans_IV = C2S_IV;
284 recv_IV = S2C_IV; 281 recv_IV = S2C_IV;
285 trans_key = C2S_key; 282 trans_key = C2S_key;
297 S2C_keysize = ses.newkeys->trans_algo_crypt->keysize; 294 S2C_keysize = ses.newkeys->trans_algo_crypt->keysize;
298 mactransletter = 'F'; 295 mactransletter = 'F';
299 macrecvletter = 'E'; 296 macrecvletter = 'E';
300 } 297 }
301 298
299 hashkeys(C2S_IV, SHA1_HASH_SIZE, &hs, 'A');
300 hashkeys(S2C_IV, SHA1_HASH_SIZE, &hs, 'B');
302 hashkeys(C2S_key, C2S_keysize, &hs, 'C'); 301 hashkeys(C2S_key, C2S_keysize, &hs, 'C');
303 hashkeys(S2C_key, S2C_keysize, &hs, 'D'); 302 hashkeys(S2C_key, S2C_keysize, &hs, 'D');
304 303
305 if (cbc_start( 304 if (cbc_start(
306 find_cipher(ses.newkeys->recv_algo_crypt->cipherdesc->name), 305 find_cipher(ses.newkeys->recv_algo_crypt->cipherdesc->name),
578 sha1_init(&hs); 577 sha1_init(&hs);
579 buf_setpos(ses.kexhashbuf, 0); 578 buf_setpos(ses.kexhashbuf, 0);
580 sha1_process(&hs, buf_getptr(ses.kexhashbuf, ses.kexhashbuf->len), 579 sha1_process(&hs, buf_getptr(ses.kexhashbuf, ses.kexhashbuf->len),
581 ses.kexhashbuf->len); 580 ses.kexhashbuf->len);
582 sha1_done(&hs, ses.hash); 581 sha1_done(&hs, ses.hash);
582
583 buf_burn(ses.kexhashbuf);
583 buf_free(ses.kexhashbuf); 584 buf_free(ses.kexhashbuf);
584 ses.kexhashbuf = NULL; 585 ses.kexhashbuf = NULL;
585 586
586 /* first time around, we set the session_id to H */ 587 /* first time around, we set the session_id to H */
587 if (ses.session_id == NULL) { 588 if (ses.session_id == NULL) {