1
0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-10 09:58:01 +00:00

Further progress in the direction of variable exchange hashes -- stash the

outgoing KEXINIT, and only start generating the exchange hash once we know
which KEX method we're using.

[originally from svn r6242]
This commit is contained in:
Ben Harris 2005-08-30 22:39:35 +00:00
parent ef630659dd
commit 7cceb6eeae

20
ssh.c
View File

@ -4979,6 +4979,8 @@ static int do_ssh2_transport(Ssh ssh, void *vin, int inlen,
struct do_ssh2_transport_state {
int nbits, pbits, warn_kex, warn_cscipher, warn_sccipher;
Bignum p, g, e, f, K;
void *our_kexinit;
int our_kexinitlen;
int kex_init_value, kex_reply_value;
const struct ssh_mac **maclist;
int nmacs;
@ -5202,17 +5204,14 @@ static int do_ssh2_transport(Ssh ssh, void *vin, int inlen,
ssh2_pkt_adduint32(s->pktout, 0);
}
SHA_Init(&ssh->exhash);
sha_string(&ssh->exhash, ssh->v_c, strlen(ssh->v_c));
sha_string(&ssh->exhash, ssh->v_s, strlen(ssh->v_s));
sha_string(&ssh->exhash, s->pktout->data + 5, s->pktout->length - 5);
s->our_kexinitlen = s->pktout->length - 5;
s->our_kexinit = snewn(s->our_kexinitlen, unsigned char);
memcpy(s->our_kexinit, s->pktout->data + 5, s->our_kexinitlen);
ssh2_pkt_send_noqueue(ssh, s->pktout);
if (!pktin)
crWaitUntil(pktin);
if (pktin->length > 5)
sha_string(&ssh->exhash, pktin->data + 5, pktin->length - 5);
/*
* Now examine the other side's KEXINIT to see what we're up
@ -5426,6 +5425,15 @@ static int do_ssh2_transport(Ssh ssh, void *vin, int inlen,
}
}
SHA_Init(&ssh->exhash);
sha_string(&ssh->exhash, ssh->v_c, strlen(ssh->v_c));
sha_string(&ssh->exhash, ssh->v_s, strlen(ssh->v_s));
sha_string(&ssh->exhash, s->our_kexinit, s->our_kexinitlen);
sfree(s->our_kexinit);
if (pktin->length > 5)
sha_string(&ssh->exhash, pktin->data + 5, pktin->length - 5);
if (s->ignorepkt) /* first_kex_packet_follows */
crWaitUntil(pktin); /* Ignore packet */
}