diff options
| author | Ben Lindstrom <mouring@eviladmin.org> | 2001-04-04 17:57:54 +0000 |
|---|---|---|
| committer | Ben Lindstrom <mouring@eviladmin.org> | 2001-04-04 17:57:54 +0000 |
| commit | 8ac9106c3dfbc1f02ddf237067cccd54ffac4e8d (patch) | |
| tree | f7ec941db419252643adbf7a1b13895c92bca0d9 /kex.c | |
| parent | 238abf6a14d6ed038918fa35f618089230e68fd6 (diff) | |
- markus@cvs.openbsd.org 2001/04/04 14:34:58
[clientloop.c kex.c kex.h serverloop.c sshconnect2.c sshd.c]
enable server side rekeying + some rekey related clientup.
todo: we should not send any non-KEX messages after we send KEXINIT
Diffstat (limited to 'kex.c')
| -rw-r--r-- | kex.c | 31 |
1 files changed, 22 insertions, 9 deletions
@@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: kex.c,v 1.28 2001/04/04 09:48:34 markus Exp $"); +RCSID("$OpenBSD: kex.c,v 1.29 2001/04/04 14:34:58 markus Exp $"); #include <openssl/crypto.h> @@ -112,9 +112,21 @@ kex_protocol_error(int type, int plen, void *ctxt) } void +kex_clear_dispatch(void) +{ + int i; + + /* Numbers 30-49 are used for kex packets */ + for (i = 30; i <= 49; i++) + dispatch_set(i, &kex_protocol_error); +} + +void kex_finish(Kex *kex) { - int i, plen; + int plen; + + kex_clear_dispatch(); packet_start(SSH2_MSG_NEWKEYS); packet_send(); @@ -125,8 +137,6 @@ kex_finish(Kex *kex) packet_read_expect(&plen, SSH2_MSG_NEWKEYS); debug("SSH2_MSG_NEWKEYS received"); kex->newkeys = 1; - for (i = 30; i <= 49; i++) - dispatch_set(i, &kex_protocol_error); buffer_clear(&kex->peer); /* buffer_clear(&kex->my); */ kex->flags &= ~KEX_INIT_SENT; @@ -135,6 +145,10 @@ kex_finish(Kex *kex) void kex_send_kexinit(Kex *kex) { + if (kex == NULL) { + error("kex_send_kexinit: no kex, cannot rekey"); + return; + } if (kex->flags & KEX_INIT_SENT) { debug("KEX_INIT_SENT"); return; @@ -154,6 +168,8 @@ kex_input_kexinit(int type, int plen, void *ctxt) Kex *kex = (Kex *)ctxt; debug("SSH2_MSG_KEXINIT received"); + if (kex == NULL) + fatal("kex_input_kexinit: no kex, cannot rekey"); ptr = packet_get_raw(&dlen); buffer_append(&kex->peer, ptr, dlen); @@ -165,7 +181,6 @@ Kex * kex_setup(char *proposal[PROPOSAL_MAX]) { Kex *kex; - int i; kex = xmalloc(sizeof(*kex)); memset(kex, 0, sizeof(*kex)); @@ -175,11 +190,9 @@ kex_setup(char *proposal[PROPOSAL_MAX]) kex->newkeys = 0; kex_send_kexinit(kex); /* we start */ - /* Numbers 30-49 are used for kex packets */ - for (i = 30; i <= 49; i++) - dispatch_set(i, kex_protocol_error); - + kex_clear_dispatch(); dispatch_set(SSH2_MSG_KEXINIT, &kex_input_kexinit); + return kex; } |