Commit 06a8d730 authored by Niels Möller's avatar Niels Möller
Browse files

Initialize some service when keyexchange is complete (even though this

is not a "service" in the same sense as SSH_MSG_SERVICE_REQUEST).

Rev: src/client_keyexchange.c:1.13
Rev: src/keyexchange.h:1.17
Rev: src/server_keyexchange.c:1.11
parent dee7bbe3
......@@ -44,6 +44,8 @@ struct dh_client
struct diffie_hellman_instance dh;
struct lookup_verifier *verifier;
struct install_keys *install;
struct ssh_service *finished;
};
static int do_handle_dh_reply(struct packet_handler *c,
......@@ -100,18 +102,24 @@ static int do_handle_dh_reply(struct packet_handler *c,
HASH_UPDATE(hash, s->length, s->data);
lsh_string_free(s);
res = INSTALL_KEYS(closure->install, connection, hash);
/* FIXME: Return value is ignored */
(void) INSTALL_KEYS(closure->install, connection, hash);
lsh_free(hash);
connection->dispatch[SSH_MSG_KEXDH_REPLY] = connection->fail;
connection->kex_state = KEX_STATE_NEWKEYS;
return send_verbose(connection->write, "Key exchange successful!", 0);
res = send_verbose(connection->write, "Key exchange successful!", 0);
if (LSH_PROBLEMP(res))
return res;
return SERVICE_INIT(closure->finished, connection);
}
static int do_init_dh(struct keyexchange_algorithm *c,
struct ssh_connection *connection,
struct ssh_service *finished,
int hostkey_algorithm_atom,
struct signature_algorithm *ignored,
void **algorithms)
......@@ -134,8 +142,8 @@ static int do_init_dh(struct keyexchange_algorithm *c,
init_diffie_hellman_instance(closure->dh, &dh->dh, connection);
dh->verifier = closure->verifier;
dh->install = make_client_install_keys(algorithms);
dh->finished = finished;
/* Send client's message */
res = A_WRITE(connection->write, dh_make_client_msg(&dh->dh));
......
......@@ -30,6 +30,7 @@
#include "abstract_io.h"
#include "alist.h"
#include "connection.h"
#include "service.h"
#define KEX_ENCRYPTION_CLIENT_TO_SERVER 0
#define KEX_ENCRYPTION_SERVER_TO_CLIENT 1
......@@ -54,6 +55,19 @@
* nothing else. */
#define KEX_STATE_NEWKEYS 3
#if 0
/* Use the service struct instead */
struct keyexchange_finished
{
struct lsh_object header;
int (*finished)(struct keyexchange_finished *closure,
struct ssh_connection *connection);
};
#define KEYEXCHANGE_FINISHED(f, c) ((f)->finished((f), (c)))
#endif
/* algorithms is an array indexed by the KEX_* values above */
struct keyexchange_algorithm
{
......@@ -61,13 +75,14 @@ struct keyexchange_algorithm
int (*init)(struct keyexchange_algorithm *closure,
struct ssh_connection *connection,
struct ssh_service *finished;
int hostkey_algorithm_atom,
struct signature_algorithm *hostkey_algorithm,
void **algorithms);
};
#define KEYEXCHANGE_INIT(kex, connection, ha, h, a) \
((kex)->init((kex), (connection), (ha), (h), (a)))
#define KEYEXCHANGE_INIT(kex, connection, f, ha, h, a) \
((kex)->init((kex), (connection), (f), (ha), (h), (a)))
struct kexinit
{
......
......@@ -46,6 +46,8 @@ struct dh_server
/* struct lsh_string *server_key; */
struct signer *signer;
struct install_keys *install;
struct ssh_service *finished;
};
static int do_handle_dh_init(struct packet_handler *c,
......@@ -94,19 +96,25 @@ static int do_handle_dh_init(struct packet_handler *c,
s = ssh_format("%n", closure->dh.K);
HASH_UPDATE(hash, s->length, s->data);
lsh_string_free(s);
res = INSTALL_KEYS(closure->install, connection, hash);
/* FIXME: Return value is ignored */
(void) INSTALL_KEYS(closure->install, connection, hash);
lsh_free(hash);
connection->kex_state = KEX_STATE_NEWKEYS;
connection->dispatch[SSH_MSG_KEXDH_INIT] = connection->fail;
res = send_verbose(connection->write, "Key exchange successful!", 0);
if (LSH_PROBLEMP(res))
return res;
return send_verbose(connection->write, "Key exchange successful!", 0);
return SERVICE_INIT(closure->finished, connection);
}
static int do_init_dh(struct keyexchange_algorithm *c,
struct ssh_connection *connection,
struct ssh_service *finished,
int hostkey_algorithm_atom,
struct signature_algorithm *ignored,
void **algorithms)
......@@ -126,9 +134,9 @@ static int do_init_dh(struct keyexchange_algorithm *c,
dh->dh.server_key = closure->server_key;
dh->signer = closure->signer;
dh->install = make_server_install_keys(algorithms);
dh->finished = finished;
/* Generate server's secret exponent */
dh_make_server_secret(&dh->dh);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment