Mercurial > dropbear
comparison common-kex.c @ 989:73ea0dce9a57 pam
Merge up to date
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Fri, 23 Jan 2015 21:38:47 +0800 |
parents | ed85797bbc85 |
children | 47643024fc90 |
comparison
equal
deleted
inserted
replaced
925:bae0b34bc059 | 989:73ea0dce9a57 |
---|---|
268 ses.kexstate.datatrans = 0; | 268 ses.kexstate.datatrans = 0; |
269 ses.kexstate.datarecv = 0; | 269 ses.kexstate.datarecv = 0; |
270 | 270 |
271 ses.kexstate.our_first_follows_matches = 0; | 271 ses.kexstate.our_first_follows_matches = 0; |
272 | 272 |
273 ses.kexstate.lastkextime = time(NULL); | 273 ses.kexstate.lastkextime = monotonic_now(); |
274 | 274 |
275 } | 275 } |
276 | 276 |
277 /* Helper function for gen_new_keys, creates a hash. It makes a copy of the | 277 /* Helper function for gen_new_keys, creates a hash. It makes a copy of the |
278 * already initialised hash_state hs, which should already have processed | 278 * already initialised hash_state hs, which should already have processed |
301 memcpy(&hs2, hs, sizeof(hash_state)); | 301 memcpy(&hs2, hs, sizeof(hash_state)); |
302 hash_desc->process(&hs2, out, offset); | 302 hash_desc->process(&hs2, out, offset); |
303 hash_desc->done(&hs2, tmpout); | 303 hash_desc->done(&hs2, tmpout); |
304 memcpy(&out[offset], tmpout, MIN(outlen - offset, hash_desc->hashsize)); | 304 memcpy(&out[offset], tmpout, MIN(outlen - offset, hash_desc->hashsize)); |
305 } | 305 } |
306 | 306 m_burn(&hs2, sizeof(hash_state)); |
307 } | 307 } |
308 | 308 |
309 /* Generate the actual encryption/integrity keys, using the results of the | 309 /* Generate the actual encryption/integrity keys, using the results of the |
310 * key exchange, as specified in section 7.2 of the transport rfc 4253. | 310 * key exchange, as specified in section 7.2 of the transport rfc 4253. |
311 * This occurs after the DH key-exchange. | 311 * This occurs after the DH key-exchange. |
401 | 401 |
402 m_burn(C2S_IV, sizeof(C2S_IV)); | 402 m_burn(C2S_IV, sizeof(C2S_IV)); |
403 m_burn(C2S_key, sizeof(C2S_key)); | 403 m_burn(C2S_key, sizeof(C2S_key)); |
404 m_burn(S2C_IV, sizeof(S2C_IV)); | 404 m_burn(S2C_IV, sizeof(S2C_IV)); |
405 m_burn(S2C_key, sizeof(S2C_key)); | 405 m_burn(S2C_key, sizeof(S2C_key)); |
406 m_burn(&hs, sizeof(hash_state)); | |
406 | 407 |
407 TRACE(("leave gen_new_keys")) | 408 TRACE(("leave gen_new_keys")) |
408 } | 409 } |
409 | 410 |
410 #ifndef DISABLE_ZLIB | 411 #ifndef DISABLE_ZLIB |
796 } | 797 } |
797 #endif | 798 #endif |
798 | 799 |
799 buf_burn(ses.kexhashbuf); | 800 buf_burn(ses.kexhashbuf); |
800 buf_free(ses.kexhashbuf); | 801 buf_free(ses.kexhashbuf); |
802 m_burn(&hs, sizeof(hash_state)); | |
801 ses.kexhashbuf = NULL; | 803 ses.kexhashbuf = NULL; |
802 | 804 |
803 /* first time around, we set the session_id to H */ | 805 /* first time around, we set the session_id to H */ |
804 if (ses.session_id == NULL) { | 806 if (ses.session_id == NULL) { |
805 /* create the session_id, this never needs freeing */ | 807 /* create the session_id, this never needs freeing */ |
806 ses.session_id = buf_newcopy(ses.hash); | 808 ses.session_id = buf_newcopy(ses.hash); |
807 } | 809 } |
808 | |
809 } | 810 } |
810 | 811 |
811 /* read the other side's algo list. buf_match_algo is a callback to match | 812 /* read the other side's algo list. buf_match_algo is a callback to match |
812 * algos for the client or server. */ | 813 * algos for the client or server. */ |
813 static void read_kex_algos() { | 814 static void read_kex_algos() { |