From 86e44d39884a31a4724e48ca7050c8b4894bb0e0 Mon Sep 17 00:00:00 2001
From: Mark Tolley <xmt@users.noreply.github.com>
Date: Sun, 18 Nov 2018 13:39:46 +0000
Subject: [PATCH] Add more verbose logging during DH key exchange.

The event log messages generated during DH key exchange now include both the
modulus size and hash algorithm used as well as whether the DH parameters
are from one of the standardized groups or were supplied by the server
during Group Exchange.
---
 ssh.h            |  1 +
 ssh2kex-client.c | 11 ++++++++---
 sshdh.c          |  8 ++++++++
 3 files changed, 17 insertions(+), 3 deletions(-)

diff --git a/ssh.h b/ssh.h
index da98b7c8..9aae2a5d 100644
--- a/ssh.h
+++ b/ssh.h
@@ -1086,6 +1086,7 @@ bool dh_is_gex(const struct ssh_kex *kex);
 struct dh_ctx;
 struct dh_ctx *dh_setup_group(const struct ssh_kex *kex);
 struct dh_ctx *dh_setup_gex(Bignum pval, Bignum gval);
+int dh_modulus_bit_size(const struct dh_ctx *ctx);
 void dh_cleanup(struct dh_ctx *);
 Bignum dh_create_e(struct dh_ctx *, int nbits);
 const char *dh_validate_f(struct dh_ctx *, Bignum f);
diff --git a/ssh2kex-client.c b/ssh2kex-client.c
index bff5b284..701d5fb7 100644
--- a/ssh2kex-client.c
+++ b/ssh2kex-client.c
@@ -87,17 +87,22 @@ void ssh2kex_coroutine(struct ssh2_transport_state *s)
             s->dh_ctx = dh_setup_gex(s->p, s->g);
             s->kex_init_value = SSH2_MSG_KEX_DH_GEX_INIT;
             s->kex_reply_value = SSH2_MSG_KEX_DH_GEX_REPLY;
+
+            ppl_logevent(("Doing Diffie-Hellman key exchange using %d bit modulus and hash %s with a server supplied group",
+                          dh_modulus_bit_size(s->dh_ctx),
+                          s->kex_alg->hash->text_name));
         } else {
             s->ppl.bpp->pls->kctx = SSH2_PKTCTX_DHGROUP;
             s->dh_ctx = dh_setup_group(s->kex_alg);
             s->kex_init_value = SSH2_MSG_KEXDH_INIT;
             s->kex_reply_value = SSH2_MSG_KEXDH_REPLY;
-            ppl_logevent(("Using Diffie-Hellman with standard group \"%s\"",
+
+            ppl_logevent(("Doing Diffie-Hellman key exchange using %d bit modulus and hash %s with standard group \"%s\"",
+                          dh_modulus_bit_size(s->dh_ctx),
+                          s->kex_alg->hash->text_name,
                           s->kex_alg->groupname));
         }
 
-        ppl_logevent(("Doing Diffie-Hellman key exchange with hash %s",
-                      s->kex_alg->hash->text_name));
         /*
          * Now generate and send e for Diffie-Hellman.
          */
diff --git a/sshdh.c b/sshdh.c
index 84173e80..1bd226a0 100644
--- a/sshdh.c
+++ b/sshdh.c
@@ -209,6 +209,14 @@ struct dh_ctx *dh_setup_gex(Bignum pval, Bignum gval)
     return ctx;
 }
 
+/*
+ * Return size of DH modulus p.
+ */
+int dh_modulus_bit_size(const struct dh_ctx *ctx)
+{
+    return bignum_bitcount(ctx->p);
+}
+
 /*
  * Clean up and free a context.
  */