Mercurial > dropbear

comparison cli-kex.c @ 773:a9f2a6ae4eb5

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
merge
author Matt Johnston <matt@ucc.asn.au>
date Sun, 14 Apr 2013 22:49:19 +0800
parents 7fc0aeada79c d63ef1e211ea
children 2f1c199b6e4b
comparison
equal deleted inserted replaced
772:7fc0aeada79c 773:a9f2a6ae4eb5
40 40
41 static void checkhostkey(unsigned char* keyblob, unsigned int keybloblen); 41 static void checkhostkey(unsigned char* keyblob, unsigned int keybloblen);
42 #define MAX_KNOWNHOSTS_LINE 4500 42 #define MAX_KNOWNHOSTS_LINE 4500
43 43
44 void send_msg_kexdh_init() { 44 void send_msg_kexdh_init() {
45 45 TRACE(("send_msg_kexdh_init()"))
46 cli_ses.dh_e = (mp_int*)m_malloc(sizeof(mp_int)); 46 if ((cli_ses.dh_e && cli_ses.dh_x
47 cli_ses.dh_x = (mp_int*)m_malloc(sizeof(mp_int)); 47 && cli_ses.dh_val_algo == ses.newkeys->algo_kex)) {
48 m_mp_init_multi(cli_ses.dh_e, cli_ses.dh_x, NULL); 48 TRACE(("reusing existing dh_e from first_kex_packet_follows"))
49 49 } else {
50 gen_kexdh_vals(cli_ses.dh_e, cli_ses.dh_x); 50 if (!cli_ses.dh_e || !cli_ses.dh_e) {
51 cli_ses.dh_e = (mp_int*)m_malloc(sizeof(mp_int));
52 cli_ses.dh_x = (mp_int*)m_malloc(sizeof(mp_int));
53 m_mp_init_multi(cli_ses.dh_e, cli_ses.dh_x, NULL);
54 }
55
56 gen_kexdh_vals(cli_ses.dh_e, cli_ses.dh_x);
57 cli_ses.dh_val_algo = ses.newkeys->algo_kex;
58 }
51 59
52 CHECKCLEARTOWRITE(); 60 CHECKCLEARTOWRITE();
53 buf_putbyte(ses.writepayload, SSH_MSG_KEXDH_INIT); 61 buf_putbyte(ses.writepayload, SSH_MSG_KEXDH_INIT);
54 buf_putmpint(ses.writepayload, cli_ses.dh_e); 62 buf_putmpint(ses.writepayload, cli_ses.dh_e);
55 encrypt_packet(); 63 encrypt_packet();
56 ses.requirenext = SSH_MSG_KEXDH_REPLY; 64 // XXX fixme
65 //ses.requirenext = SSH_MSG_KEXDH_REPLY;
57 } 66 }
58 67
59 /* Handle a diffie-hellman key exchange reply. */ 68 /* Handle a diffie-hellman key exchange reply. */
60 void recv_msg_kexdh_reply() { 69 void recv_msg_kexdh_reply() {
61 70
96 kexdh_comb_key(cli_ses.dh_e, cli_ses.dh_x, &dh_f, hostkey); 105 kexdh_comb_key(cli_ses.dh_e, cli_ses.dh_x, &dh_f, hostkey);
97 mp_clear(&dh_f); 106 mp_clear(&dh_f);
98 mp_clear_multi(cli_ses.dh_e, cli_ses.dh_x, NULL); 107 mp_clear_multi(cli_ses.dh_e, cli_ses.dh_x, NULL);
99 m_free(cli_ses.dh_e); 108 m_free(cli_ses.dh_e);
100 m_free(cli_ses.dh_x); 109 m_free(cli_ses.dh_x);
110 cli_ses.dh_val_algo = DROPBEAR_KEX_NONE;
101 111
102 if (buf_verify(ses.payload, hostkey, ses.hash, SHA1_HASH_SIZE) 112 if (buf_verify(ses.payload, hostkey, ses.hash, SHA1_HASH_SIZE)
103 != DROPBEAR_SUCCESS) { 113 != DROPBEAR_SUCCESS) {
104 dropbear_exit("Bad hostkey signature"); 114 dropbear_exit("Bad hostkey signature");
105 } 115 }
249 } 259 }
250 260
251 /* Compare hostnames */ 261 /* Compare hostnames */
252 if (strncmp(cli_opts.remotehost, buf_getptr(line, hostlen), 262 if (strncmp(cli_opts.remotehost, buf_getptr(line, hostlen),
253 hostlen) != 0) { 263 hostlen) != 0) {
254 TRACE(("hosts don't match"))
255 continue; 264 continue;
256 } 265 }
257 266
258 buf_incrpos(line, hostlen); 267 buf_incrpos(line, hostlen);
259 if (buf_getbyte(line) != ' ') { 268 if (buf_getbyte(line) != ' ') {
312 buf_putbytes(line, cli_opts.remotehost, hostlen); 321 buf_putbytes(line, cli_opts.remotehost, hostlen);
313 buf_putbyte(line, ' '); 322 buf_putbyte(line, ' ');
314 buf_putbytes(line, algoname, algolen); 323 buf_putbytes(line, algoname, algolen);
315 buf_putbyte(line, ' '); 324 buf_putbyte(line, ' ');
316 len = line->size - line->pos; 325 len = line->size - line->pos;
317 TRACE(("keybloblen %d, len %d", keybloblen, len))
318 /* The only failure with base64 is buffer_overflow, but buf_getwriteptr 326 /* The only failure with base64 is buffer_overflow, but buf_getwriteptr
319 * will die horribly in the case anyway */ 327 * will die horribly in the case anyway */
320 base64_encode(keyblob, keybloblen, buf_getwriteptr(line, len), &len); 328 base64_encode(keyblob, keybloblen, buf_getwriteptr(line, len), &len);
321 buf_incrwritepos(line, len); 329 buf_incrwritepos(line, len);
322 buf_putbyte(line, '\n'); 330 buf_putbyte(line, '\n');