*/
#include "includes.h"
-RCSID("$OpenBSD: kex.c,v 1.53 2003/02/02 10:56:08 markus Exp $");
+RCSID("$OpenBSD: kex.c,v 1.56 2003/11/21 11:57:03 djm Exp $");
#include <openssl/crypto.h>
#define KEX_COOKIE_LEN 16
-/* Use privilege separation for sshd */
-int use_privsep;
-struct monitor *pmonitor;
-
-
/* prototype */
static void kex_kexinit_finish(Kex *);
static void kex_choose_conf(Kex *);
kex_choose_conf(kex);
- switch (kex->kex_type) {
- case DH_GRP1_SHA1:
- kexdh(kex);
- break;
- case DH_GEX_SHA1:
- kexgex(kex);
- break;
- default:
+ if (kex->kex_type >= 0 && kex->kex_type < KEX_MAX &&
+ kex->kex[kex->kex_type] != NULL) {
+ (kex->kex[kex->kex_type])(kex);
+ } else {
fatal("Unsupported key exchange %d", kex->kex_type);
}
}
if (k->name == NULL)
fatal("no kex alg");
if (strcmp(k->name, KEX_DH1) == 0) {
- k->kex_type = DH_GRP1_SHA1;
+ k->kex_type = KEX_DH_GRP1_SHA1;
} else if (strcmp(k->name, KEX_DHGEX) == 0) {
- k->kex_type = DH_GEX_SHA1;
+ k->kex_type = KEX_DH_GEX_SHA1;
} else
fatal("bad kex alg %s", k->name);
}
xfree(hostkeyalg);
}
-static int
+static int
proposals_match(char *my[PROPOSAL_MAX], char *peer[PROPOSAL_MAX])
{
static int check[] = {
kex->we_need = need;
/* ignore the next message if the proposals do not match */
- if (first_kex_follows && !proposals_match(my, peer)) {
+ if (first_kex_follows && !proposals_match(my, peer) &&
+ !(datafellows & SSH_BUG_FIRSTKEX)) {
type = packet_read();
debug2("skipping next packet (type %u)", type);
}
andersk / openssh.git / blobdiff