From: jbasney Date: Mon, 7 Apr 2003 18:10:04 +0000 (+0000) Subject: - OpenSSH 3.6.1p1 merge X-Git-Tag: OPENSSH_3_6_1P1_GSSAPI_20030408~6 X-Git-Url: http://andersk.mit.edu/gitweb/gssapi-openssh.git/commitdiff_plain/8afc6a66eb06d5a6da3778cc1e5a8248b25c3a2d - OpenSSH 3.6.1p1 merge - kexgss() split into kexgss_client() and kexgss_server() like other kex functions in OpenSSH 3.6 --- diff --git a/openssh/kex.c b/openssh/kex.c index 7b87aa3..3269d26 100644 --- a/openssh/kex.c +++ b/openssh/kex.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: kex.c,v 1.51 2002/06/24 14:55:38 markus Exp $"); +RCSID("$OpenBSD: kex.c,v 1.55 2003/04/01 10:31:26 markus Exp $"); #include @@ -48,11 +48,6 @@ RCSID("$OpenBSD: kex.c,v 1.51 2002/06/24 14:55:38 markus Exp $"); #define KEX_COOKIE_LEN 16 -/* Use privilege separation for sshd */ -int use_privsep; -struct monitor *pmonitor; - - /* prototype */ static void kex_kexinit_finish(Kex *); static void kex_choose_conf(Kex *); @@ -78,7 +73,7 @@ kex_prop2buf(Buffer *b, char *proposal[PROPOSAL_MAX]) /* parse buffer and return algorithm proposal */ static char ** -kex_buf2prop(Buffer *raw) +kex_buf2prop(Buffer *raw, int *first_kex_follows) { Buffer b; int i; @@ -98,6 +93,8 @@ kex_buf2prop(Buffer *raw) } /* first kex follows / reserved */ i = buffer_get_char(&b); + if (first_kex_follows != NULL) + *first_kex_follows = i; debug2("kex_parse_kexinit: first_kex_follows %d ", i); i = buffer_get_int(&b); debug2("kex_parse_kexinit: reserved %d ", i); @@ -139,7 +136,7 @@ kex_finish(Kex *kex) /* packet_write_wait(); */ debug("SSH2_MSG_NEWKEYS sent"); - debug("waiting for SSH2_MSG_NEWKEYS"); + debug("expecting SSH2_MSG_NEWKEYS"); packet_read_expect(SSH2_MSG_NEWKEYS); packet_check_eom(); debug("SSH2_MSG_NEWKEYS received"); @@ -239,19 +236,10 @@ kex_kexinit_finish(Kex *kex) kex_choose_conf(kex); - switch (kex->kex_type) { - case DH_GRP1_SHA1: - kexdh(kex); - break; - case DH_GEX_SHA1: - kexgex(kex); - break; -#ifdef GSSAPI - case GSS_GRP1_SHA1: - kexgss(kex); - break; -#endif - default: + if (kex->kex_type >= 0 && kex->kex_type < KEX_MAX && + kex->kex[kex->kex_type] != NULL) { + (kex->kex[kex->kex_type])(kex); + } else { fatal("Unsupported key exchange %d", kex->kex_type); } } @@ -308,12 +296,13 @@ choose_kex(Kex *k, char *client, char *server) if (k->name == NULL) fatal("No key exchange algorithm"); if (strcmp(k->name, KEX_DH1) == 0) { - k->kex_type = DH_GRP1_SHA1; + k->kex_type = KEX_DH_GRP1_SHA1; } else if (strcmp(k->name, KEX_DHGEX) == 0) { - k->kex_type = DH_GEX_SHA1; + k->kex_type = KEX_DH_GEX_SHA1; #ifdef GSSAPI - } else if (strncmp(k->name, KEX_GSS_SHA1, sizeof(KEX_GSS_SHA1)-1) == 0) { - k->kex_type = GSS_GRP1_SHA1; + } else if (strncmp(k->name, KEX_GSS_SHA1, + sizeof(KEX_GSS_SHA1)-1) == 0) { + k->kex_type = KEX_GSS_GRP1_SHA1; #endif } else fatal("bad kex alg %s", k->name); @@ -330,6 +319,30 @@ choose_hostkeyalg(Kex *k, char *client, char *server) xfree(hostkeyalg); } +static int +proposals_match(char *my[PROPOSAL_MAX], char *peer[PROPOSAL_MAX]) +{ + static int check[] = { + PROPOSAL_KEX_ALGS, PROPOSAL_SERVER_HOST_KEY_ALGS, -1 + }; + int *idx; + char *p; + + for (idx = &check[0]; *idx != -1; idx++) { + if ((p = strchr(my[*idx], ',')) != NULL) + *p = '\0'; + if ((p = strchr(peer[*idx], ',')) != NULL) + *p = '\0'; + if (strcmp(my[*idx], peer[*idx]) != 0) { + debug2("proposal mismatch: my %s peer %s", + my[*idx], peer[*idx]); + return (0); + } + } + debug2("proposals match"); + return (1); +} + static void kex_choose_conf(Kex *kex) { @@ -340,9 +353,10 @@ kex_choose_conf(Kex *kex) int mode; int ctos; /* direction: if true client-to-server */ int need; + int first_kex_follows, type; - my = kex_buf2prop(&kex->my); - peer = kex_buf2prop(&kex->peer); + my = kex_buf2prop(&kex->my, NULL); + peer = kex_buf2prop(&kex->peer, &first_kex_follows); if (kex->server) { cprop=peer; @@ -386,6 +400,13 @@ kex_choose_conf(Kex *kex) /* XXX need runden? */ kex->we_need = need; + /* ignore the next message if the proposals do not match */ + if (first_kex_follows && !proposals_match(my, peer) && + !(datafellows & SSH_BUG_FIRSTKEX)) { + type = packet_read(); + debug2("skipping next packet (type %u)", type); + } + kex_prop_free(my); kex_prop_free(peer); } @@ -446,7 +467,7 @@ kex_derive_keys(Kex *kex, u_char *hash, BIGNUM *shared_secret) for (i = 0; i < NKEYS; i++) keys[i] = derive_key(kex, 'A'+i, kex->we_need, hash, shared_secret); - debug("kex_derive_keys"); + debug2("kex_derive_keys"); for (mode = 0; mode < MODE_MAX; mode++) { current_keys[mode] = kex->newkeys[mode]; kex->newkeys[mode] = NULL; diff --git a/openssh/kex.h b/openssh/kex.h index 98e13d9..90a0a2d 100644 --- a/openssh/kex.h +++ b/openssh/kex.h @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.h,v 1.32 2002/09/09 14:54:14 markus Exp $ */ +/* $OpenBSD: kex.h,v 1.33 2003/02/16 17:09:57 markus Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -55,9 +55,10 @@ enum kex_modes { }; enum kex_exchange { - DH_GRP1_SHA1, - DH_GEX_SHA1, - GSS_GRP1_SHA1 + KEX_DH_GRP1_SHA1, + KEX_DH_GEX_SHA1, + KEX_GSS_GRP1_SHA1, + KEX_MAX }; #define KEX_INIT_SENT 0x0001 @@ -120,6 +121,7 @@ struct Kex { Key *(*load_host_key)(int); int (*host_key_index)(Key *); struct KexOptions options; + void (*kex[KEX_MAX])(Kex *); }; Kex *kex_setup(char *[PROPOSAL_MAX]); @@ -129,13 +131,30 @@ void kex_send_kexinit(Kex *); void kex_input_kexinit(int, u_int32_t, void *); void kex_derive_keys(Kex *, u_char *, BIGNUM *); -void kexdh(Kex *); -void kexgex(Kex *); +Newkeys *kex_get_newkeys(int); + +void kexdh_client(Kex *); +void kexdh_server(Kex *); +void kexgex_client(Kex *); +void kexgex_server(Kex *); +void kexgex_client(Kex *); +void kexgex_server(Kex *); #ifdef GSSAPI -void kexgss(Kex *); +void kexgss_client(Kex *); +void kexgss_server(Kex *); #endif -Newkeys *kex_get_newkeys(int); +u_char * +kex_dh_hash(char *, char *, char *, int, char *, int, u_char *, int, + BIGNUM *, BIGNUM *, BIGNUM *); +u_char * +kexgex_hash(char *, char *, char *, int, char *, int, u_char *, int, + int, int, int, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *); +u_char * +#ifdef GSSAPI +kex_gssapi_hash(char *, char *, char *, int, char *, int, u_char *, int, + BIGNUM *, BIGNUM *, BIGNUM *); +#endif #if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) void dump_digest(char *, u_char *, int);