Commit 53ffa108 authored by Niels Möller's avatar Niels Möller
Browse files

Use the connection->kex_state variable.

Rev: src/client_keyexchange.c:1.7
Rev: src/client_keyexchange.h:1.5
Rev: src/keyexchange.c:1.12
Rev: src/keyexchange.h:1.13
Rev: src/server_keyexchange.c:1.4
Rev: src/server_keyexchange.h:1.3
parent 1eed66d0
......@@ -87,8 +87,8 @@ static int do_handle_dh_reply(struct packet_handler *c,
lsh_free(hash);
/* Reinstall keyexchange handler */
connection->dispatch[SSH_MSG_KEXINIT] = closure->saved_kexinit_handler;
connection->dispatch[SSH_MSG_KEXDH_REPLY] = connection->fail;
connection->kex_state = KEX_STATE_NEWKEYS;
return res;
}
......@@ -124,11 +124,9 @@ static int do_init_dh(struct keyexchange_algorithm *c,
/* Install handler */
connection->dispatch[SSH_MSG_KEXDH_REPLY] = &dh->super;
/* Disable kexinit handler */
dh->saved_kexinit_handler = connection->dispatch[SSH_MSG_KEXINIT];
connection->dispatch[SSH_MSG_KEXINIT] = connection->fail;
connection->kex_state = KEX_STATE_IN_PROGRESS;
return WRITE_OK;
}
......
......@@ -56,7 +56,6 @@ struct dh_client
struct diffie_hellman_instance dh;
struct lookup_verifier *verifier;
struct install_keys *install;
struct packet_handler *saved_kexinit_handler;
};
struct keyexchange_algorithm *
......
......@@ -95,19 +95,6 @@ struct kexinit *parse_kexinit(struct lsh_string *packet)
return res;
}
#if 0
struct abstract_write *make_packet_kexinit(struct handle_kexinit *handler)
{
struct handle_kexinit_packet *closure
= xalloc(sizeof(struct handle_kexinit_packet));
closure->super.write = do_handle_kexinit;
closure->handler = handler;
return &closure->super;
}
#endif
struct lsh_string *format_kex(struct kexinit *kex)
{
return ssh_format("%c%ls%A%A%A%A%A%A%A%A%A%A%c%i",
......@@ -228,7 +215,7 @@ static int do_handle_kexinit(struct packet_handler *c,
if (msg->first_kex_packet_follows)
{
/* Wrong guess */
connection->ignore_one_packet = 1;
connection->kex_state = KEX_STATE_IGNORE;
}
/* FIXME: Ignores that some keyechange algorithms require
* certain features of the host key algorithms. */
......@@ -416,6 +403,8 @@ static int do_handle_newkeys(struct packet_handler *c,
connection->rec_crypto = closure->crypto;
connection->rec_mac = closure->mac;
connection->kex_state = KEX_STATE_INIT;
connection->dispatch[SSH_MSG_NEWKEYS] = NULL;
lsh_free(closure);
......
......@@ -40,6 +40,20 @@
#define KEX_PARAMETERS 6
/* A KEX_INIT msg can be accepted. This is true, most of the time. */
#define KEX_STATE_INIT 0
/* Ignore next packet */
#define KEX_STATE_IGNORE 1
/* Key exchange is in progress. Neither KEX_INIT or NEWKEYS messages
* can be recieved */
#define KEX_STATE_IN_PROGRESS 2
/* Key exchange is finished. A NEWKEYS message should be recieved, and
* nothing else. */
#define KEX_STATE_NEWKEYS 3
/* algorithms is an array indexed by the KEX_* values above */
struct keyexchange_algorithm
{
......
......@@ -48,22 +48,6 @@ static int do_handle_dh_init(struct packet_handler *c,
return WRITE_CLOSED;
}
#if 0
signer = LOOKUP_SIGNER(closure->signer, closure->dh.server_host_key);
if (!signer)
/* FIXME: Use a more appropriate error code. Should probably have
* a separate file for sending and recieving various types of
* disconnects. */
return disconnect_kex_failed(connection, "Bad server host key\r\n");
#endif
#if 0
if (!dh_verify_server_msg(&closure->dh, v))
/* FIXME: Same here */
return disconnect_kex_failed(connection, "Bad server host key\r\n");
#endif
/* Send server's message, to complete key exchange */
res = A_WRITE(connection->write, dh_make_server_msg(&closure->dh,
closure->signer));
......@@ -96,8 +80,8 @@ static int do_handle_dh_init(struct packet_handler *c,
lsh_free(hash);
/* Reinstall keyexchange handler */
connection->dispatch[SSH_MSG_KEXINIT] = closure->saved_kexinit_handler;
connection->kex_state = KEX_STATE_NEWKEYS;
connection->dispatch[SSH_MSG_KEXDH_INIT] = connection->fail;
return res;
}
......@@ -124,16 +108,10 @@ static int do_init_dh(struct keyexchange_algorithm *c,
dh->install = make_server_install_keys(algorithms);
#if 0
/* Send server's message */
A_WRITE(connection->write, dh_make_server_msg(&dh->dh));
#endif
/* Install handler */
connection->dispatch[SSH_MSG_KEXDH_INIT] = &dh->super;
/* Disable kexinit handler */
dh->saved_kexinit_handler = connection->dispatch[SSH_MSG_KEXINIT];
connection->dispatch[SSH_MSG_KEXINIT] = connection->fail;
connection->kex_state = KEX_STATE_IN_PROGRESS;
return WRITE_OK;
}
......
......@@ -45,7 +45,6 @@ struct dh_server
struct lsh_string *server_key;
struct signer *signer;
struct install_keys *install;
struct packet_handler *saved_kexinit_handler;
};
struct keyexchange_algorithm *
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment