Mercurial > dropbear

comparison common-kex.c @ 35:0ad5fb979f42

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
set the isserver flag (oops) fix password auth for the server
author Matt Johnston <matt@ucc.asn.au>
date Thu, 29 Jul 2004 02:19:03 +0000
parents e2a1eaa19f22
children a600c015562d
comparison
equal deleted inserted replaced
34:e2a1eaa19f22 35:0ad5fb979f42
53 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}; 53 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
54 54
55 const int DH_G_VAL = 2; 55 const int DH_G_VAL = 2;
56 56
57 static void kexinitialise(); 57 static void kexinitialise();
58 static void gen_new_keys(); 58 void gen_new_keys();
59 #ifndef DISABLE_ZLIB 59 #ifndef DISABLE_ZLIB
60 static void gen_new_zstreams(); 60 static void gen_new_zstreams();
61 #endif 61 #endif
62 static void read_kex_algos(); 62 static void read_kex_algos();
63 /* helper function for gen_new_keys */ 63 /* helper function for gen_new_keys */
251 * 251 *
252 * ses.newkeys is the new set of keys which are generated, these are only 252 * ses.newkeys is the new set of keys which are generated, these are only
253 * taken into use after both sides have sent a newkeys message */ 253 * taken into use after both sides have sent a newkeys message */
254 254
255 /* Originally from kex.c, generalized for cli/svr mode --mihnea */ 255 /* Originally from kex.c, generalized for cli/svr mode --mihnea */
256 static void gen_new_keys() { 256 void gen_new_keys() {
257 257
258 unsigned char C2S_IV[MAX_IV_LEN]; 258 unsigned char C2S_IV[MAX_IV_LEN];
259 unsigned char C2S_key[MAX_KEY_LEN]; 259 unsigned char C2S_key[MAX_KEY_LEN];
260 unsigned char S2C_IV[MAX_IV_LEN]; 260 unsigned char S2C_IV[MAX_IV_LEN];
261 unsigned char S2C_key[MAX_KEY_LEN]; 261 unsigned char S2C_key[MAX_KEY_LEN];
273 sha1_process_mp(&hs, ses.dh_K); 273 sha1_process_mp(&hs, ses.dh_K);
274 mp_clear(ses.dh_K); 274 mp_clear(ses.dh_K);
275 m_free(ses.dh_K); 275 m_free(ses.dh_K);
276 sha1_process(&hs, ses.hash, SHA1_HASH_SIZE); 276 sha1_process(&hs, ses.hash, SHA1_HASH_SIZE);
277 m_burn(ses.hash, SHA1_HASH_SIZE); 277 m_burn(ses.hash, SHA1_HASH_SIZE);
278
279 hashkeys(C2S_IV, SHA1_HASH_SIZE, &hs, 'A');
280 hashkeys(S2C_IV, SHA1_HASH_SIZE, &hs, 'B');
281 278
282 if (IS_DROPBEAR_CLIENT) { 279 if (IS_DROPBEAR_CLIENT) {
283 trans_IV = C2S_IV; 280 trans_IV = C2S_IV;
284 recv_IV = S2C_IV; 281 recv_IV = S2C_IV;
285 trans_key = C2S_key; 282 trans_key = C2S_key;
297 S2C_keysize = ses.newkeys->trans_algo_crypt->keysize; 294 S2C_keysize = ses.newkeys->trans_algo_crypt->keysize;
298 mactransletter = 'F'; 295 mactransletter = 'F';
299 macrecvletter = 'E'; 296 macrecvletter = 'E';
300 } 297 }
301 298
299 hashkeys(C2S_IV, SHA1_HASH_SIZE, &hs, 'A');
300 hashkeys(S2C_IV, SHA1_HASH_SIZE, &hs, 'B');
302 hashkeys(C2S_key, C2S_keysize, &hs, 'C'); 301 hashkeys(C2S_key, C2S_keysize, &hs, 'C');
303 hashkeys(S2C_key, S2C_keysize, &hs, 'D'); 302 hashkeys(S2C_key, S2C_keysize, &hs, 'D');
304 303
305 if (cbc_start( 304 if (cbc_start(
306 find_cipher(ses.newkeys->recv_algo_crypt->cipherdesc->name), 305 find_cipher(ses.newkeys->recv_algo_crypt->cipherdesc->name),
578 sha1_init(&hs); 577 sha1_init(&hs);
579 buf_setpos(ses.kexhashbuf, 0); 578 buf_setpos(ses.kexhashbuf, 0);
580 sha1_process(&hs, buf_getptr(ses.kexhashbuf, ses.kexhashbuf->len), 579 sha1_process(&hs, buf_getptr(ses.kexhashbuf, ses.kexhashbuf->len),
581 ses.kexhashbuf->len); 580 ses.kexhashbuf->len);
582 sha1_done(&hs, ses.hash); 581 sha1_done(&hs, ses.hash);
582
583 buf_burn(ses.kexhashbuf);
583 buf_free(ses.kexhashbuf); 584 buf_free(ses.kexhashbuf);
584 ses.kexhashbuf = NULL; 585 ses.kexhashbuf = NULL;
585 586
586 /* first time around, we set the session_id to H */ 587 /* first time around, we set the session_id to H */
587 if (ses.session_id == NULL) { 588 if (ses.session_id == NULL) {