Mercurial > dropbear

comparison cli-kex.c @ 1294:56aba7dedbea

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
options for disabling "normal" DH
author Matt Johnston <matt@ucc.asn.au>
date Mon, 02 May 2016 23:48:16 +0200
parents 8291fc87273e
children 750ec4ec4cbe
comparison
equal deleted inserted replaced
1293:dc8f7997f10f 1294:56aba7dedbea
46 TRACE(("send_msg_kexdh_init()")) 46 TRACE(("send_msg_kexdh_init()"))
47 47
48 CHECKCLEARTOWRITE(); 48 CHECKCLEARTOWRITE();
49 buf_putbyte(ses.writepayload, SSH_MSG_KEXDH_INIT); 49 buf_putbyte(ses.writepayload, SSH_MSG_KEXDH_INIT);
50 switch (ses.newkeys->algo_kex->mode) { 50 switch (ses.newkeys->algo_kex->mode) {
51 #if DROPBEAR_NORMAL_DH
51 case DROPBEAR_KEX_NORMAL_DH: 52 case DROPBEAR_KEX_NORMAL_DH:
52 if (ses.newkeys->algo_kex != cli_ses.param_kex_algo 53 if (ses.newkeys->algo_kex != cli_ses.param_kex_algo
53 || !cli_ses.dh_param) { 54 || !cli_ses.dh_param) {
54 if (cli_ses.dh_param) { 55 if (cli_ses.dh_param) {
55 free_kexdh_param(cli_ses.dh_param); 56 free_kexdh_param(cli_ses.dh_param);
56 } 57 }
57 cli_ses.dh_param = gen_kexdh_param(); 58 cli_ses.dh_param = gen_kexdh_param();
58 } 59 }
59 buf_putmpint(ses.writepayload, &cli_ses.dh_param->pub); 60 buf_putmpint(ses.writepayload, &cli_ses.dh_param->pub);
60 break; 61 break;
62 #endif
63 #ifdef DROPBEAR_ECDH
61 case DROPBEAR_KEX_ECDH: 64 case DROPBEAR_KEX_ECDH:
62 #ifdef DROPBEAR_ECDH
63 if (ses.newkeys->algo_kex != cli_ses.param_kex_algo 65 if (ses.newkeys->algo_kex != cli_ses.param_kex_algo
64 || !cli_ses.ecdh_param) { 66 || !cli_ses.ecdh_param) {
65 if (cli_ses.ecdh_param) { 67 if (cli_ses.ecdh_param) {
66 free_kexecdh_param(cli_ses.ecdh_param); 68 free_kexecdh_param(cli_ses.ecdh_param);
67 } 69 }
68 cli_ses.ecdh_param = gen_kexecdh_param(); 70 cli_ses.ecdh_param = gen_kexecdh_param();
69 } 71 }
70 buf_put_ecc_raw_pubkey_string(ses.writepayload, &cli_ses.ecdh_param->key); 72 buf_put_ecc_raw_pubkey_string(ses.writepayload, &cli_ses.ecdh_param->key);
71 #endif 73 break;
72 break; 74 #endif
73 #ifdef DROPBEAR_CURVE25519 75 #ifdef DROPBEAR_CURVE25519
74 case DROPBEAR_KEX_CURVE25519: 76 case DROPBEAR_KEX_CURVE25519:
75 if (ses.newkeys->algo_kex != cli_ses.param_kex_algo 77 if (ses.newkeys->algo_kex != cli_ses.param_kex_algo
76 || !cli_ses.curve25519_param) { 78 || !cli_ses.curve25519_param) {
77 if (cli_ses.curve25519_param) { 79 if (cli_ses.curve25519_param) {
78 free_kexcurve25519_param(cli_ses.curve25519_param); 80 free_kexcurve25519_param(cli_ses.curve25519_param);
79 } 81 }
80 cli_ses.curve25519_param = gen_kexcurve25519_param(); 82 cli_ses.curve25519_param = gen_kexcurve25519_param();
81 } 83 }
82 buf_putstring(ses.writepayload, (const char*)cli_ses.curve25519_param->pub, CURVE25519_LEN); 84 buf_putstring(ses.writepayload, (const char*)cli_ses.curve25519_param->pub, CURVE25519_LEN);
83 #endif 85 break;
84 break; 86 #endif
85 } 87 }
86 88
87 cli_ses.param_kex_algo = ses.newkeys->algo_kex; 89 cli_ses.param_kex_algo = ses.newkeys->algo_kex;
88 encrypt_packet(); 90 encrypt_packet();
89 } 91 }
116 TRACE(("failed getting pubkey")) 118 TRACE(("failed getting pubkey"))
117 dropbear_exit("Bad KEX packet"); 119 dropbear_exit("Bad KEX packet");
118 } 120 }
119 121
120 switch (ses.newkeys->algo_kex->mode) { 122 switch (ses.newkeys->algo_kex->mode) {
123 #if DROPBEAR_NORMAL_DH
121 case DROPBEAR_KEX_NORMAL_DH: 124 case DROPBEAR_KEX_NORMAL_DH:
122 { 125 {
123 DEF_MP_INT(dh_f); 126 DEF_MP_INT(dh_f);
124 m_mp_init(&dh_f); 127 m_mp_init(&dh_f);
125 if (buf_getmpint(ses.payload, &dh_f) != DROPBEAR_SUCCESS) { 128 if (buf_getmpint(ses.payload, &dh_f) != DROPBEAR_SUCCESS) {
129 132
130 kexdh_comb_key(cli_ses.dh_param, &dh_f, hostkey); 133 kexdh_comb_key(cli_ses.dh_param, &dh_f, hostkey);
131 mp_clear(&dh_f); 134 mp_clear(&dh_f);
132 } 135 }
133 break; 136 break;
137 #endif
138 #ifdef DROPBEAR_ECDH
134 case DROPBEAR_KEX_ECDH: 139 case DROPBEAR_KEX_ECDH:
135 #ifdef DROPBEAR_ECDH
136 { 140 {
137 buffer *ecdh_qs = buf_getstringbuf(ses.payload); 141 buffer *ecdh_qs = buf_getstringbuf(ses.payload);
138 kexecdh_comb_key(cli_ses.ecdh_param, ecdh_qs, hostkey); 142 kexecdh_comb_key(cli_ses.ecdh_param, ecdh_qs, hostkey);
139 buf_free(ecdh_qs); 143 buf_free(ecdh_qs);
140 } 144 }
141 #endif 145 break;
142 break; 146 #endif
143 #ifdef DROPBEAR_CURVE25519 147 #ifdef DROPBEAR_CURVE25519
144 case DROPBEAR_KEX_CURVE25519: 148 case DROPBEAR_KEX_CURVE25519:
145 { 149 {
146 buffer *ecdh_qs = buf_getstringbuf(ses.payload); 150 buffer *ecdh_qs = buf_getstringbuf(ses.payload);
147 kexcurve25519_comb_key(cli_ses.curve25519_param, ecdh_qs, hostkey); 151 kexcurve25519_comb_key(cli_ses.curve25519_param, ecdh_qs, hostkey);
148 buf_free(ecdh_qs); 152 buf_free(ecdh_qs);
149 } 153 }
150 #endif 154 break;
151 break; 155 #endif
152 } 156 }
153 157
154 if (cli_ses.dh_param) { 158 if (cli_ses.dh_param) {
155 free_kexdh_param(cli_ses.dh_param); 159 free_kexdh_param(cli_ses.dh_param);
156 cli_ses.dh_param = NULL; 160 cli_ses.dh_param = NULL;