- provos@cvs.openbsd.org 2000/12/15 10:30:15

     [kex.c kex.h sshconnect2.c sshd.c]
     compute diffie-hellman in parallel between server and client. okay markus@

diff --git a/ChangeLog b/ChangeLog
index b62d32e477199e55c22f3664d8de5c9d3b6f6d9e..f38eb90bd45f5fc3833fc4d6531952c7e83998de 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -27,6 +27,9 @@
    - deraadt@cvs.openbsd.org 2000/12/11 10:27:33
      [scp.c]
      when copying 0-sized files, do not re-print ETA time at completion
+   - provos@cvs.openbsd.org 2000/12/15 10:30:15
+     [kex.c kex.h sshconnect2.c sshd.c]
+     compute diffie-hellman in parallel between server and client. okay markus@
 
 20001213
  - (djm) Make sure we reset the SIGPIPE disposition after we fork. Report

diff --git a/kex.c b/kex.c
index 2dbac9b13bdb1146e5d2670d23a94e4904c9ce9c..3a74fdac420b5aeba3649e16e5626df647c6044f 100644 (file)
--- a/kex.c
+++ b/kex.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: kex.c,v 1.13 2000/11/12 19:50:37 markus Exp $");
+RCSID("$OpenBSD: kex.c,v 1.14 2000/12/15 17:30:14 provos Exp $");
 
 #include "ssh.h"
 #include "ssh2.h"
@@ -139,7 +139,7 @@ dh_pub_is_valid(DH *dh, BIGNUM *dh_pub)
        return 0;
 }
 
-DH *
+void
 dh_gen_key(DH *dh)
 {
        int tries = 0;
@@ -150,7 +150,6 @@ dh_gen_key(DH *dh)
                if (tries++ > 10)
                        fatal("dh_new_group1: too many bad keys: giving up");
        } while (!dh_pub_is_valid(dh, dh->pub_key));
-       return dh;
 }
 
 DH *
@@ -168,9 +167,14 @@ dh_new_group_asc(const char *gen, const char *modulus)
        if ((ret = BN_hex2bn(&dh->g, gen)) < 0)
                fatal("BN_hex2bn g");
 
-       return (dh_gen_key(dh));
+       return (dh);
 }
 
+/*
+ * This just returns the group, we still need to generate the exchange
+ * value.
+ */
+
 DH *
 dh_new_group(BIGNUM *gen, BIGNUM *modulus)
 {
@@ -182,7 +186,7 @@ dh_new_group(BIGNUM *gen, BIGNUM *modulus)
        dh->p = modulus;
        dh->g = gen;
 
-       return (dh_gen_key(dh));
+       return (dh);
 }
 
 DH *

diff --git a/kex.h b/kex.h
index 1890fc025e15ba61c7d6cf6fd4c1fd7d212c187f..b445cee638793a645e153874f539766a82fa96f1 100644 (file)
--- a/kex.h
+++ b/kex.h
@@ -102,6 +102,7 @@ void        packet_set_kex(Kex *k);
 int    dh_pub_is_valid(DH *dh, BIGNUM *dh_pub);
 DH     *dh_new_group_asc(const char *, const char *);
 DH     *dh_new_group(BIGNUM *, BIGNUM *);
+void   dh_gen_key();
 DH     *dh_new_group1();
 
 unsigned char *

diff --git a/sshconnect2.c b/sshconnect2.c
index 036519fadf7431de5e99ac2a93b6008f8eb8a378..ea03622f46a45b04adf5f2414f65af483f2f0a39 100644 (file)
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.30 2000/12/03 11:15:04 markus Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.31 2000/12/15 17:30:14 provos Exp $");
 
 #include <openssl/bn.h>
 #include <openssl/rsa.h>
@@ -166,6 +166,7 @@ ssh_dh1_client(Kex *kex, char *host, struct sockaddr *hostaddr,
        debug("Sending SSH2_MSG_KEXDH_INIT.");
        /* generate and send 'e', client DH public key */
        dh = dh_new_group1();
+       dh_gen_key(dh);
        packet_start(SSH2_MSG_KEXDH_INIT);
        packet_put_bignum2(dh->pub_key);
        packet_send();
@@ -334,6 +335,8 @@ ssh_dhgex_client(Kex *kex, char *host, struct sockaddr *hostaddr,
        if ((dh = dh_new_group(g, p)) == NULL)
                fatal("dh_new_group");
 
+       dh_gen_key(dh);
+
 #ifdef DEBUG_KEXDH
        fprintf(stderr, "\np= ");
        BN_print_fp(stderr, dh->p);

diff --git a/sshd.c b/sshd.c
index 0c9cdead106964f00336709fdd2d2d71cf2d3581..b5d66acdb7a90d16dc556e033f8a1894e940ca45 100644 (file)
--- a/sshd.c
+++ b/sshd.c
@@ -40,7 +40,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.137 2000/12/12 21:45:21 markus Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.139 2000/12/15 17:30:14 provos Exp $");
 
 #include "xmalloc.h"
 #include "rsa.h"
@@ -1452,6 +1452,10 @@ ssh_dh1_server(Kex *kex, Buffer *client_kexinit, Buffer *server_kexinit)
                fatal("Unsupported hostkey type %d", kex->hostkey_type);
 
 /* KEXDH */
+       /* generate DH key */
+       dh = dh_new_group1();                   /* XXX depends on 'kex' */
+       dh_gen_key(dh);
+
        debug("Wait SSH2_MSG_KEXDH_INIT.");
        packet_read_expect(&payload_len, SSH2_MSG_KEXDH_INIT);
 
@@ -1468,9 +1472,6 @@ ssh_dh1_server(Kex *kex, Buffer *client_kexinit, Buffer *server_kexinit)
        debug("bits %d", BN_num_bits(dh_client_pub));
 #endif
 
-       /* generate DH key */
-       dh = dh_new_group1();                   /* XXX depends on 'kex' */
-
 #ifdef DEBUG_KEXDH
        fprintf(stderr, "\np= ");
        BN_print_fp(stderr, dh->p);
@@ -1592,6 +1593,10 @@ ssh_dhgex_server(Kex *kex, Buffer *client_kexinit, Buffer *server_kexinit)
        packet_send();
        packet_write_wait();
 
+       /* Compute our exchange value in parallel with the client */
+
+       dh_gen_key(dh);
+
        debug("Wait SSH2_MSG_KEX_DH_GEX_INIT.");
        packet_read_expect(&payload_len, SSH2_MSG_KEX_DH_GEX_INIT);