static void kex_choose_conf(Kex *);
/* put algorithm proposal into buffer */
+/* used in sshconnect.c as well as kex.c */
void
kex_prop2buf(Buffer *b, char *proposal[PROPOSAL_MAX])
{
u_int mode, ctos, need;
int first_kex_follows, type;
+ int auth_flag;
+
+ auth_flag = packet_authentication_state();
+
+ debug ("AUTH STATE IS %d", auth_flag);
+
my = kex_buf2prop(&kex->my, NULL);
peer = kex_buf2prop(&kex->peer, &first_kex_follows);
choose_enc (&newkeys->enc, cprop[nenc], sprop[nenc]);
choose_mac (&newkeys->mac, cprop[nmac], sprop[nmac]);
choose_comp(&newkeys->comp, cprop[ncomp], sprop[ncomp]);
+ debug("REQUESTED ENC.NAME is '%s'", newkeys->enc.name);
+ if (strcmp(newkeys->enc.name, "none") == 0) {
+ debug("Requesting NONE. Authflag is %d", auth_flag);
+ if (auth_flag == 1) {
+ debug("None requested post authentication.");
+ } else {
+ fatal("Pre-authentication none cipher requests are not allowed.");
+ }
+ }
debug("kex: %s %s %s %s",
ctos ? "client->server" : "server->client",
newkeys->enc.name,