mirror of
https://git.tartarus.org/simon/putty.git
synced 2025-01-25 09:12:24 +00:00
Further progress in the direction of variable exchange hashes -- stash the
outgoing KEXINIT, and only start generating the exchange hash once we know which KEX method we're using. [originally from svn r6242]
This commit is contained in:
parent
ef630659dd
commit
7cceb6eeae
20
ssh.c
20
ssh.c
@ -4979,6 +4979,8 @@ static int do_ssh2_transport(Ssh ssh, void *vin, int inlen,
|
||||
struct do_ssh2_transport_state {
|
||||
int nbits, pbits, warn_kex, warn_cscipher, warn_sccipher;
|
||||
Bignum p, g, e, f, K;
|
||||
void *our_kexinit;
|
||||
int our_kexinitlen;
|
||||
int kex_init_value, kex_reply_value;
|
||||
const struct ssh_mac **maclist;
|
||||
int nmacs;
|
||||
@ -5202,17 +5204,14 @@ static int do_ssh2_transport(Ssh ssh, void *vin, int inlen,
|
||||
ssh2_pkt_adduint32(s->pktout, 0);
|
||||
}
|
||||
|
||||
SHA_Init(&ssh->exhash);
|
||||
sha_string(&ssh->exhash, ssh->v_c, strlen(ssh->v_c));
|
||||
sha_string(&ssh->exhash, ssh->v_s, strlen(ssh->v_s));
|
||||
sha_string(&ssh->exhash, s->pktout->data + 5, s->pktout->length - 5);
|
||||
s->our_kexinitlen = s->pktout->length - 5;
|
||||
s->our_kexinit = snewn(s->our_kexinitlen, unsigned char);
|
||||
memcpy(s->our_kexinit, s->pktout->data + 5, s->our_kexinitlen);
|
||||
|
||||
ssh2_pkt_send_noqueue(ssh, s->pktout);
|
||||
|
||||
if (!pktin)
|
||||
crWaitUntil(pktin);
|
||||
if (pktin->length > 5)
|
||||
sha_string(&ssh->exhash, pktin->data + 5, pktin->length - 5);
|
||||
|
||||
/*
|
||||
* Now examine the other side's KEXINIT to see what we're up
|
||||
@ -5426,6 +5425,15 @@ static int do_ssh2_transport(Ssh ssh, void *vin, int inlen,
|
||||
}
|
||||
}
|
||||
|
||||
SHA_Init(&ssh->exhash);
|
||||
sha_string(&ssh->exhash, ssh->v_c, strlen(ssh->v_c));
|
||||
sha_string(&ssh->exhash, ssh->v_s, strlen(ssh->v_s));
|
||||
sha_string(&ssh->exhash, s->our_kexinit, s->our_kexinitlen);
|
||||
sfree(s->our_kexinit);
|
||||
if (pktin->length > 5)
|
||||
sha_string(&ssh->exhash, pktin->data + 5, pktin->length - 5);
|
||||
|
||||
|
||||
if (s->ignorepkt) /* first_kex_packet_follows */
|
||||
crWaitUntil(pktin); /* Ignore packet */
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user