*/
#include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.30 2000/12/03 11:15:04 markus Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.37 2001/01/21 19:06:00 markus Exp $");
#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/dsa.h>
#include <openssl/md5.h>
#include <openssl/dh.h>
#include <openssl/hmac.h>
#include "ssh.h"
+#include "ssh2.h"
#include "xmalloc.h"
#include "rsa.h"
#include "buffer.h"
#include "packet.h"
#include "uidswap.h"
#include "compat.h"
-#include "readconf.h"
#include "bufaux.h"
-#include "ssh2.h"
+#include "cipher.h"
#include "kex.h"
#include "myproposal.h"
#include "key.h"
#include "cli.h"
#include "dispatch.h"
#include "authfd.h"
+#include "log.h"
+#include "readconf.h"
+#include "readpass.h"
void ssh_dh1_client(Kex *, char *, struct sockaddr *, Buffer *, Buffer *);
void ssh_dhgex_client(Kex *, char *, struct sockaddr *, Buffer *, Buffer *);
* SSH2 key exchange
*/
-unsigned char *session_id2 = NULL;
+u_char *session_id2 = NULL;
int session_id2_len = 0;
void
int i;
#endif
int plen, dlen;
- unsigned int klen, kout;
+ u_int klen, kout;
char *signature = NULL;
- unsigned int slen;
+ u_int slen;
char *server_host_key_blob = NULL;
Key *server_host_key;
- unsigned int sbloblen;
+ u_int sbloblen;
DH *dh;
BIGNUM *dh_server_pub = 0;
BIGNUM *shared_secret = 0;
- unsigned char *kbuf;
- unsigned char *hash;
+ u_char *kbuf;
+ u_char *hash;
debug("Sending SSH2_MSG_KEXDH_INIT.");
/* generate and send 'e', client DH public key */
dh = dh_new_group1();
+ dh_gen_key(dh);
packet_start(SSH2_MSG_KEXDH_INIT);
packet_put_bignum2(dh->pub_key);
packet_send();
fprintf(stderr, "%02x", (hash[i])&0xff);
fprintf(stderr, "\n");
#endif
- if (key_verify(server_host_key, (unsigned char *)signature, slen, hash, 20) != 1)
+ if (key_verify(server_host_key, (u_char *)signature, slen, hash, 20) != 1)
fatal("key_verify failed for server_host_key");
key_free(server_host_key);
int i;
#endif
int plen, dlen;
- unsigned int klen, kout;
+ u_int klen, kout;
char *signature = NULL;
- unsigned int slen, nbits;
+ u_int slen, nbits;
char *server_host_key_blob = NULL;
Key *server_host_key;
- unsigned int sbloblen;
+ u_int sbloblen;
DH *dh;
BIGNUM *dh_server_pub = 0;
BIGNUM *shared_secret = 0;
BIGNUM *p = 0, *g = 0;
- unsigned char *kbuf;
- unsigned char *hash;
+ u_char *kbuf;
+ u_char *hash;
nbits = dh_estimate(kex->enc[MODE_OUT].cipher->key_len * 8);
if ((g = BN_new()) == NULL)
fatal("BN_new");
packet_get_bignum2(g, &dlen);
- if ((dh = dh_new_group(g, p)) == NULL)
- fatal("dh_new_group");
+ dh = dh_new_group(g, p);
+
+ dh_gen_key(dh);
#ifdef DEBUG_KEXDH
fprintf(stderr, "\np= ");
fprintf(stderr, "%02x", (hash[i])&0xff);
fprintf(stderr, "\n");
#endif
- if (key_verify(server_host_key, (unsigned char *)signature, slen, hash, 20) != 1)
+ if (key_verify(server_host_key, (u_char *)signature, slen, hash, 20) != 1)
fatal("key_verify failed for server_host_key");
key_free(server_host_key);
typedef int sign_cb_fn(
Authctxt *authctxt, Key *key,
- unsigned char **sigp, int *lenp, unsigned char *data, int datalen);
+ u_char **sigp, int *lenp, u_char *data, int datalen);
struct Authctxt {
const char *server_user;
void input_userauth_success(int type, int plen, void *ctxt);
void input_userauth_failure(int type, int plen, void *ctxt);
+void input_userauth_banner(int type, int plen, void *ctxt);
void input_userauth_error(int type, int plen, void *ctxt);
void input_userauth_info_req(int type, int plen, void *ctxt);
int userauth_passwd(Authctxt *authctxt);
int userauth_kbdint(Authctxt *authctxt);
-void authmethod_clear();
+void authmethod_clear(void);
Authmethod *authmethod_get(char *authlist);
Authmethod *authmethod_lookup(const char *name);
dispatch_init(&input_userauth_error);
dispatch_set(SSH2_MSG_USERAUTH_SUCCESS, &input_userauth_success);
dispatch_set(SSH2_MSG_USERAUTH_FAILURE, &input_userauth_failure);
+ dispatch_set(SSH2_MSG_USERAUTH_BANNER, &input_userauth_banner);
dispatch_run(DISPATCH_BLOCK, &authctxt.success, &authctxt); /* loop until success */
if (authctxt.agent != NULL)
ssh_close_authentication_connection(authctxt.agent);
- debug("ssh-userauth2 successfull: method %s", authctxt.method->name);
+ debug("ssh-userauth2 successful: method %s", authctxt.method->name);
}
void
input_userauth_error(int type, int plen, void *ctxt)
{
- fatal("input_userauth_error: bad message during authentication");
+ fatal("input_userauth_error: bad message during authentication: "
+ "type %d", type);
+}
+void
+input_userauth_banner(int type, int plen, void *ctxt)
+{
+ char *msg, *lang;
+ debug3("input_userauth_banner");
+ msg = packet_get_string(NULL);
+ lang = packet_get_string(NULL);
+ fprintf(stderr, "%s", msg);
+ xfree(msg);
+ xfree(lang);
}
void
input_userauth_success(int type, int plen, void *ctxt)
sign_and_send_pubkey(Authctxt *authctxt, Key *k, sign_cb_fn *sign_callback)
{
Buffer b;
- unsigned char *blob, *signature;
+ u_char *blob, *signature;
int bloblen, slen;
int skip = 0;
int ret = -1;
}
/* sign callback */
-int key_sign_cb(Authctxt *authctxt, Key *key, unsigned char **sigp, int *lenp,
- unsigned char *data, int datalen)
+int key_sign_cb(Authctxt *authctxt, Key *key, u_char **sigp, int *lenp,
+ u_char *data, int datalen)
{
return key_sign(key, sigp, lenp, data, datalen);
}
}
/* sign callback */
-int agent_sign_cb(Authctxt *authctxt, Key *key, unsigned char **sigp, int *lenp,
- unsigned char *data, int datalen)
+int agent_sign_cb(Authctxt *authctxt, Key *key, u_char **sigp, int *lenp,
+ u_char *data, int datalen)
{
return ssh_agent_sign(authctxt->agent, key, sigp, lenp, data, datalen);
}
char *lang = NULL;
char *prompt = NULL;
char *response = NULL;
- unsigned int num_prompts, i;
+ u_int num_prompts, i;
int echo = 0;
debug2("input_userauth_info_req");
* finished processing server list to free resources.
*/
void
-authmethod_clear()
+authmethod_clear(void)
{
if (authlist_current != NULL) {
xfree(authlist_current);