nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-26 09:42:25 +00:00
Code Issues Projects Releases Wiki Activity

Attempt to get repeated key exchange working in SSH2. Still under

Browse Source 
test - might not be 100%. I think it _ought_ to work though.

[originally from svn r826]
This commit is contained in:
Simon Tatham 2000-12-18 09:20:08 +00:00
parent e89704fa9a
commit 7a580aa4d8
1 changed files with 22 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
ssh.c
View File

@ -231,7 +231,7 @@ struct Packet {
long maxlen; long maxlen;
}; };
static SHA_State exhash; static SHA_State exhash, exhashbase;
static Socket s = NULL; static Socket s = NULL;
@ -1043,12 +1043,12 @@ static int do_ssh_init(unsigned char c) {
* This is a v2 server. Begin v2 protocol. * This is a v2 server. Begin v2 protocol.
*/ */
char *verstring = "SSH-2.0-PuTTY"; char *verstring = "SSH-2.0-PuTTY";
SHA_Init(&exhash); SHA_Init(&exhashbase);
/* /*
* Hash our version string and their version string. * Hash our version string and their version string.
*/ */
sha_string(&exhash, verstring, strlen(verstring)); sha_string(&exhashbase, verstring, strlen(verstring));
sha_string(&exhash, vstring, strcspn(vstring, "\r\n")); sha_string(&exhashbase, vstring, strcspn(vstring, "\r\n"));
sprintf(vstring, "%s\n", verstring); sprintf(vstring, "%s\n", verstring);
sprintf(vlog, "We claim version: %s", verstring); sprintf(vlog, "We claim version: %s", verstring);
logevent(vlog); logevent(vlog);
@ -1993,9 +1993,11 @@ static int do_ssh2_transport(unsigned char *in, int inlen, int ispkt)
static unsigned char keyspace[40]; static unsigned char keyspace[40];
static const struct ssh_cipher *preferred_cipher; static const struct ssh_cipher *preferred_cipher;
static const struct ssh_compress *preferred_comp; static const struct ssh_compress *preferred_comp;
static int first_kex;
crBegin; crBegin;
random_init(); random_init();
first_kex = 1;
/* /*
* Set up the preferred cipher and compression. * Set up the preferred cipher and compression.
@ -2099,7 +2101,10 @@ static int do_ssh2_transport(unsigned char *in, int inlen, int ispkt)
ssh2_pkt_addbool(FALSE); ssh2_pkt_addbool(FALSE);
/* Reserved. */ /* Reserved. */
ssh2_pkt_adduint32(0); ssh2_pkt_adduint32(0);
exhash = exhashbase;
sha_string(&exhash, pktout.data+5, pktout.length-5); sha_string(&exhash, pktout.data+5, pktout.length-5);
ssh2_pkt_send(); ssh2_pkt_send();
if (!ispkt) crWaitUntil(ispkt); if (!ispkt) crWaitUntil(ispkt);
@ -2274,6 +2279,19 @@ static int do_ssh2_transport(unsigned char *in, int inlen, int ispkt)
ssh2_mkkey(K, exchange_hash, 'E', keyspace); csmac->setcskey(keyspace); ssh2_mkkey(K, exchange_hash, 'E', keyspace); csmac->setcskey(keyspace);
ssh2_mkkey(K, exchange_hash, 'F', keyspace); scmac->setsckey(keyspace); ssh2_mkkey(K, exchange_hash, 'F', keyspace); scmac->setsckey(keyspace);
/*
* If this is the first key exchange phase, we must pass the
* SSH2_MSG_NEWKEYS packet to the next layer, not because it
* wants to see it but because it will need time to initialise
* itself before it sees an actual packet. In subsequent key
* exchange phases, we don't pass SSH2_MSG_NEWKEYS on, because
* it would only confuse the layer above.
*/
if (!first_kex) {
crReturn(0);
}
first_kex = 0;
/* /*
* Now we're encrypting. Begin returning 1 to the protocol main * Now we're encrypting. Begin returning 1 to the protocol main
* function so that other things can run on top of the * function so that other things can run on top of the