*/
#include "includes.h"
-RCSID("$OpenBSD: kexgex.c,v 1.2 2001/04/03 23:32:12 markus Exp $");
+RCSID("$OpenBSD: kexgex.c,v 1.6 2001/06/07 20:23:04 markus Exp $");
#include <openssl/bn.h>
EVP_MD_CTX md;
buffer_init(&b);
- buffer_put_string(&b, client_version_string, strlen(client_version_string));
- buffer_put_string(&b, server_version_string, strlen(server_version_string));
+ buffer_put_cstring(&b, client_version_string);
+ buffer_put_cstring(&b, server_version_string);
/* kexinit messages: fake header: len+SSH2_MSG_KEXINIT */
buffer_put_int(&b, ckexinitlen+1);
buffer_append(&b, skexinit, skexinitlen);
buffer_put_string(&b, serverhostkeyblob, sbloblen);
- if (min == -1 || max == -1)
+ if (min == -1 || max == -1)
buffer_put_int(&b, wantbits);
else {
buffer_put_int(&b, min);
kbuf = xmalloc(klen);
kout = DH_compute_key(kbuf, dh_server_pub, dh);
#ifdef DEBUG_KEXDH
- dump_digest("shared secret", kbuf, kout);
+ dump_digest("shared secret", kbuf, kout);
#endif
shared_secret = BN_new();
BN_bin2bn(kbuf, kout, shared_secret);
dh_server_pub,
shared_secret
);
+ /* have keys, free DH */
+ DH_free(dh);
xfree(server_host_key_blob);
BN_free(dh_server_pub);
kex->session_id = xmalloc(kex->session_id_len);
memcpy(kex->session_id, hash, kex->session_id_len);
}
-
kex_derive_keys(kex, hash, shared_secret);
BN_clear_free(shared_secret);
- kex_send_newkeys();
-
- /* have keys, free DH */
- DH_free(dh);
+ kex_finish(kex);
}
/* server */
/* unused for old GEX */
break;
default:
- fatal("protocol error during kex, no DH_GEX_REQUEST");
+ fatal("protocol error during kex, no DH_GEX_REQUEST: %d", type);
}
packet_done();
kbuf = xmalloc(klen);
kout = DH_compute_key(kbuf, dh_client_pub, dh);
#ifdef DEBUG_KEXDH
- dump_digest("shared secret", kbuf, kout);
+ dump_digest("shared secret", kbuf, kout);
#endif
shared_secret = BN_new();
BN_bin2bn(kbuf, kout, shared_secret);
packet_send();
xfree(signature);
xfree(server_host_key_blob);
+ /* have keys, free DH */
+ DH_free(dh);
kex_derive_keys(kex, hash, shared_secret);
BN_clear_free(shared_secret);
- kex_send_newkeys();
-
- /* have keys, free DH */
- DH_free(dh);
+ kex_finish(kex);
}
void