Mercurial > dropbear
comparison svr-kex.c @ 847:f4bb964c8678 keyondemand
Add '-R' for delayed hostkey option
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Thu, 07 Nov 2013 23:49:37 +0800 |
| parents | b298bb438625 |
| children | 754d7bee1068 |
comparison
equal
deleted
inserted
replaced
| 846:b298bb438625 | 847:f4bb964c8678 |
|---|---|
| 75 ses.requirenext[0] = SSH_MSG_NEWKEYS; | 75 ses.requirenext[0] = SSH_MSG_NEWKEYS; |
| 76 ses.requirenext[1] = 0; | 76 ses.requirenext[1] = 0; |
| 77 TRACE(("leave recv_msg_kexdh_init")) | 77 TRACE(("leave recv_msg_kexdh_init")) |
| 78 } | 78 } |
| 79 | 79 |
| 80 #ifdef DROPBEAR_DELAY_HOSTKEY | |
| 80 static void svr_ensure_hostkey() { | 81 static void svr_ensure_hostkey() { |
| 81 | 82 |
| 82 const char* fn = NULL; | 83 const char* fn = NULL; |
| 83 char *fn_temp = NULL; | 84 char *fn_temp = NULL; |
| 84 enum signkey_type type = ses.newkeys->algo_hostkey; | 85 enum signkey_type type = ses.newkeys->algo_hostkey; |
| 139 m_free(fn_temp); | 140 m_free(fn_temp); |
| 140 } | 141 } |
| 141 | 142 |
| 142 if (ret == DROPBEAR_FAILURE) | 143 if (ret == DROPBEAR_FAILURE) |
| 143 { | 144 { |
| 144 dropbear_exit("Couldn't read or generate hostkey"); | 145 dropbear_exit("Couldn't read or generate hostkey %s", fn); |
| 145 } | 146 } |
| 146 | 147 |
| 147 // directory for keys. | 148 // directory for keys. |
| 148 | 149 |
| 149 // Create lockfile first, or wait if it exists. PID! | 150 // Create lockfile first, or wait if it exists. PID! |
| 150 // Generate key | 151 // Generate key |
| 151 // write it, load to memory | 152 // write it, load to memory |
| 152 // atomic rename, done. | 153 // atomic rename, done. |
| 153 | 154 |
| 154 } | 155 } |
| 156 #endif | |
| 155 | 157 |
| 156 /* Generate our side of the diffie-hellman key exchange value (dh_f), and | 158 /* Generate our side of the diffie-hellman key exchange value (dh_f), and |
| 157 * calculate the session key using the diffie-hellman algorithm. Following | 159 * calculate the session key using the diffie-hellman algorithm. Following |
| 158 * that, the session hash is calculated, and signed with RSA or DSS. The | 160 * that, the session hash is calculated, and signed with RSA or DSS. The |
| 159 * result is sent to the client. | 161 * result is sent to the client. |
| 163 static void send_msg_kexdh_reply(mp_int *dh_e, buffer *ecdh_qs) { | 165 static void send_msg_kexdh_reply(mp_int *dh_e, buffer *ecdh_qs) { |
| 164 TRACE(("enter send_msg_kexdh_reply")) | 166 TRACE(("enter send_msg_kexdh_reply")) |
| 165 | 167 |
| 166 /* we can start creating the kexdh_reply packet */ | 168 /* we can start creating the kexdh_reply packet */ |
| 167 CHECKCLEARTOWRITE(); | 169 CHECKCLEARTOWRITE(); |
| 168 | 170 |
| 169 svr_ensure_hostkey(); | 171 #ifdef DROPBEAR_DELAY_HOSTKEY |
| 172 if (svr_opts.delay_hostkey) | |
| 173 { | |
| 174 svr_ensure_hostkey(); | |
| 175 } | |
| 176 #endif | |
| 170 | 177 |
| 171 buf_putbyte(ses.writepayload, SSH_MSG_KEXDH_REPLY); | 178 buf_putbyte(ses.writepayload, SSH_MSG_KEXDH_REPLY); |
| 172 buf_put_pub_key(ses.writepayload, svr_opts.hostkey, | 179 buf_put_pub_key(ses.writepayload, svr_opts.hostkey, |
| 173 ses.newkeys->algo_hostkey); | 180 ses.newkeys->algo_hostkey); |
| 174 | 181 |