- deraadt@cvs.openbsd.org 2001/03/18 23:30:55

[openssh.git] / sshd.c

diff --git a/sshd.c b/sshd.c
index 2669a935e064296791fd1a3420bfaa14a148e5bb..384d4082dcc09e24ed7f2eebc8cfa256db7c3493 100644 (file)
--- a/sshd.c
+++ b/sshd.c
@@ -40,7 +40,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.169 2001/02/23 18:15:13 markus Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.175 2001/03/18 23:30:55 deraadt Exp $");
 
 #include <openssl/dh.h>
 #include <openssl/bn.h>
@@ -149,7 +149,7 @@ char *server_version_string = NULL;
  * not very useful.  Currently, memory locking is not implemented.
  */
 struct {
-       Key     *server_key;            /* empheral server key */
+       Key     *server_key;            /* ephemeral server key */
        Key     *ssh1_host_key;         /* ssh1 host key */
        Key     **host_keys;            /* all private host keys */
        int     have_ssh1_key;
@@ -273,7 +273,7 @@ grace_alarm_handler(int sig)
  * problems.
  */
 void
-generate_empheral_server_key(void)
+generate_ephemeral_server_key(void)
 {
        u_int32_t rand = 0;
        int i;
@@ -381,6 +381,12 @@ sshd_exchange_identification(int sock_in, int sock_out)
 
        compat_datafellows(remote_version);
 
+       if (datafellows & SSH_BUG_SCANNER) {
+               log("scanned from %s with %s.  Don't panic.",
+                   get_remote_ipaddr(), client_version_string);
+               fatal_cleanup();
+       }
+
        mismatch = 0;
        switch(remote_major) {
        case 1:
@@ -687,6 +693,8 @@ main(int ac, char **av)
            options.log_facility == -1 ? SYSLOG_FACILITY_AUTH : options.log_facility,
            !inetd_flag);
 
+       seed_rng();
+
        /* Read server configuration options from the configuration file. */
        read_server_config(&options, config_file_name);
 
@@ -738,7 +746,7 @@ main(int ac, char **av)
                options.protocol &= ~SSH_PROTO_2;
        }
        if (!(options.protocol & (SSH_PROTO_1|SSH_PROTO_2))) {
-               log("sshd: no hostkeys available -- exiting.\n");
+               log("sshd: no hostkeys available -- exiting.");
                exit(1);
        }
 
@@ -820,7 +828,7 @@ main(int ac, char **av)
                 */
                debug("inetd sockets after dupping: %d, %d", sock_in, sock_out);
                if (options.protocol & SSH_PROTO_1)
-                       generate_empheral_server_key();
+                       generate_ephemeral_server_key();
        } else {
                for (ai = options.listen_addrs; ai; ai = ai->ai_next) {
                        if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
@@ -898,7 +906,7 @@ main(int ac, char **av)
                        }
                }
                if (options.protocol & SSH_PROTO_1)
-                       generate_empheral_server_key();
+                       generate_ephemeral_server_key();
 
                /* Arrange to restart on SIGHUP.  The handler needs listen_sock. */
                signal(SIGHUP, sighup_handler);
@@ -944,7 +952,7 @@ main(int ac, char **av)
                        if (ret < 0 && errno != EINTR)
                                error("select: %.100s", strerror(errno));
                        if (key_used && key_do_regen) {
-                               generate_empheral_server_key();
+                               generate_ephemeral_server_key();
                                key_used = 0;
                                key_do_regen = 0;
                        }
@@ -1397,6 +1405,8 @@ do_ssh1_kex(void)
                MD5_Final(session_key + 16, &md);
                memset(buf, 0, bytes);
                xfree(buf);
+               for (i = 0; i < 16; i++)
+                       session_id[i] = session_key[i] ^ session_key[i + 16];
        }
        /* Destroy the private and public keys.  They will no longer be needed. */
        destroy_sensitive_data();
@@ -1517,7 +1527,7 @@ ssh_dh1_server(Kex *kex, Buffer *client_kexinit, Buffer *server_kexinit)
 /* KEXDH */
        /* generate DH key */
        dh = dh_new_group1();                   /* XXX depends on 'kex' */
-       dh_gen_key(dh);
+       dh_gen_key(dh, kex->we_need * 8);
 
        debug("Wait SSH2_MSG_KEXDH_INIT.");
        packet_read_expect(&payload_len, SSH2_MSG_KEXDH_INIT);
@@ -1660,7 +1670,7 @@ ssh_dhgex_server(Kex *kex, Buffer *client_kexinit, Buffer *server_kexinit)
 
        /* Compute our exchange value in parallel with the client */
 
-       dh_gen_key(dh);
+       dh_gen_key(dh, kex->we_need * 8);
 
        debug("Wait SSH2_MSG_KEX_DH_GEX_INIT.");
        packet_read_expect(&payload_len, SSH2_MSG_KEX_DH_GEX_INIT);