Commit 63b9fa5b authored by Niels Möller's avatar Niels Möller
Browse files

*** empty log message ***

Rev: src/client_keyexchange.c:1.6
Rev: src/client_keyexchange.h:1.4
Rev: src/connection.c:1.8
Rev: src/connection.h:1.14
Rev: src/crypto.c:1.5
parent 2719cd8e
...@@ -32,14 +32,16 @@ ...@@ -32,14 +32,16 @@
struct install_keys *make_client_install_keys(void **algorithms); struct install_keys *make_client_install_keys(void **algorithms);
static int do_handle_dh_reply(struct packet_handler *c, static int do_handle_dh_reply(struct packet_handler *c,
struct ssh_connection *connection, struct ssh_connection *connection,
struct lsh_string *packet) struct lsh_string *packet)
{ {
struct dh_client *closure = (struct dh_client *) c; struct dh_client *closure = (struct dh_client *) c;
struct verifier *v; struct verifier *v;
struct hash_instance *hash; struct hash_instance *hash;
struct lsh_string *s; struct lsh_string *s;
int res; int res;
verbose("handle_dh_reply()\n");
if (!dh_process_server_msg(&closure->dh, packet)) if (!dh_process_server_msg(&closure->dh, packet))
{ {
...@@ -50,9 +52,7 @@ static int do_handle_dh_reply(struct packet_handler *c, ...@@ -50,9 +52,7 @@ static int do_handle_dh_reply(struct packet_handler *c,
v = LOOKUP_VERIFIER(closure->verifier, closure->dh.server_key); v = LOOKUP_VERIFIER(closure->verifier, closure->dh.server_key);
if (!v) if (!v)
/* FIXME: Use a more appropriate error code. Should probably have /* FIXME: Use a more appropriate error code? */
* a separate file for sending and recieving various types of
* disconnects. */
{ {
disconnect_kex_failed(connection, "Bad server host key\r\n"); disconnect_kex_failed(connection, "Bad server host key\r\n");
return WRITE_CLOSED; return WRITE_CLOSED;
...@@ -102,6 +102,8 @@ static int do_init_dh(struct keyexchange_algorithm *c, ...@@ -102,6 +102,8 @@ static int do_init_dh(struct keyexchange_algorithm *c,
struct dh_client_exchange *closure = (struct dh_client_exchange *) c; struct dh_client_exchange *closure = (struct dh_client_exchange *) c;
struct dh_client *dh = xalloc(sizeof(struct dh_client)); struct dh_client *dh = xalloc(sizeof(struct dh_client));
int res;
/* FIXME: Use this value to choose a verifier function */ /* FIXME: Use this value to choose a verifier function */
if (hostkey_algorithm_atom != ATOM_SSH_DSS) if (hostkey_algorithm_atom != ATOM_SSH_DSS)
fatal("Internal error\n"); fatal("Internal error\n");
...@@ -115,7 +117,10 @@ static int do_init_dh(struct keyexchange_algorithm *c, ...@@ -115,7 +117,10 @@ static int do_init_dh(struct keyexchange_algorithm *c,
dh->install = make_client_install_keys(algorithms); dh->install = make_client_install_keys(algorithms);
/* Send client's message */ /* Send client's message */
A_WRITE(connection->write, dh_make_client_msg(&dh->dh)); res = A_WRITE(connection->write, dh_make_client_msg(&dh->dh));
if (res != WRITE_OK)
return res;
/* Install handler */ /* Install handler */
connection->dispatch[SSH_MSG_KEXDH_REPLY] = &dh->super; connection->dispatch[SSH_MSG_KEXDH_REPLY] = &dh->super;
...@@ -153,8 +158,8 @@ struct client_install_keys ...@@ -153,8 +158,8 @@ struct client_install_keys
}; };
static int do_install(struct install_keys *c, static int do_install(struct install_keys *c,
struct ssh_connection *connection, struct ssh_connection *connection,
struct hash_instance *secret) struct hash_instance *secret)
{ {
/* FIXME: For DES, instantiating a crypto may fail, if the key /* FIXME: For DES, instantiating a crypto may fail, if the key
* happens to be weak. */ * happens to be weak. */
......
...@@ -33,10 +33,11 @@ ...@@ -33,10 +33,11 @@
* algorithm and some method to determine the authenticity of the key. * algorithm and some method to determine the authenticity of the key.
* Returns NULL If the key is invalid or not trusted. */ * Returns NULL If the key is invalid or not trusted. */
/* FIXME: This function needs the hostname we are connecting to. */
struct lookup_verifier struct lookup_verifier
{ {
struct verifier * (*lookup)(struct lookup_verifier *closure, struct verifier * (*lookup)(struct lookup_verifier *closure,
struct lsh_string *); struct lsh_string *key);
}; };
#define LOOKUP_VERIFIER(l, key) ((l)->lookup((l), (key))) #define LOOKUP_VERIFIER(l, key) ((l)->lookup((l), (key)))
...@@ -58,4 +59,8 @@ struct dh_client ...@@ -58,4 +59,8 @@ struct dh_client
struct packet_handler *saved_kexinit_handler; struct packet_handler *saved_kexinit_handler;
}; };
struct keyexchange_algorithm *
make_dh_client(struct diffie_hellman_method *dh,
struct lookup_verifier *verifier);
#endif /* LSH_CLIENT_KEYEXCHANGE_H_INCLUDED */ #endif /* LSH_CLIENT_KEYEXCHANGE_H_INCLUDED */
...@@ -18,7 +18,7 @@ static int handle_connection(struct abstract_write **w, ...@@ -18,7 +18,7 @@ static int handle_connection(struct abstract_write **w,
{ {
struct ssh_connection *closure = (struct ssh_connection *) *w; struct ssh_connection *closure = (struct ssh_connection *) *w;
UINT8 msg; UINT8 msg;
if (!packet->length) if (!packet->length)
{ {
werror("connection.c: Recieved empty packet!\n"); werror("connection.c: Recieved empty packet!\n");
...@@ -27,8 +27,11 @@ static int handle_connection(struct abstract_write **w, ...@@ -27,8 +27,11 @@ static int handle_connection(struct abstract_write **w,
msg = packet->data[0]; msg = packet->data[0];
debug("handle_connection: Recieved packet of type %d\n", msg);
if (closure->ignore_one_packet) if (closure->ignore_one_packet)
{ {
debug("handle_connection: Ignoring packet %d\n", msg);
closure->ignore_one_packet = 0; closure->ignore_one_packet = 0;
lsh_string_free(packet); lsh_string_free(packet);
return WRITE_OK; return WRITE_OK;
...@@ -67,6 +70,9 @@ static int do_unimplemented(struct packet_handler *closure, ...@@ -67,6 +70,9 @@ static int do_unimplemented(struct packet_handler *closure,
ssh_format("%c%i", ssh_format("%c%i",
SSH_MSG_UNIMPLEMENTED, SSH_MSG_UNIMPLEMENTED,
packet->sequence_number)); packet->sequence_number));
verbose("Recieved packet of unimplemented type %d.\n",
packet->data[0]);
lsh_string_free(packet); lsh_string_free(packet);
return res; return res;
} }
......
...@@ -26,7 +26,7 @@ struct packet_handler ...@@ -26,7 +26,7 @@ struct packet_handler
#define CONNECTION_SERVER 0 #define CONNECTION_SERVER 0
#define CONNECTION_CLIENT 1 #define CONNECTION_CLIENT 1
struct ssh_connection struct ssh_connection
{ {
struct abstract_write super; struct abstract_write super;
...@@ -38,7 +38,9 @@ struct ssh_connection ...@@ -38,7 +38,9 @@ struct ssh_connection
* inside the newkeys-handler? */ * inside the newkeys-handler? */
#endif #endif
#if 0
int type; /* CONNECTION_SERVER or CONNECTION_CLIENT */ int type; /* CONNECTION_SERVER or CONNECTION_CLIENT */
#endif
/* Sent and recieved version strings */ /* Sent and recieved version strings */
struct lsh_string *client_version; struct lsh_string *client_version;
...@@ -69,8 +71,11 @@ struct ssh_connection ...@@ -69,8 +71,11 @@ struct ssh_connection
struct packet_handler *fail; struct packet_handler *fail;
/* Key exchange */ /* Key exchange */
/* int kex_state; */
#if 0
int kex_state;
struct make_kexinit *make_kexinit;
#endif
/* First element is the kexinit sent by the server */ /* First element is the kexinit sent by the server */
struct kexinit *kexinits[2]; struct kexinit *kexinits[2];
struct lsh_string *literal_kexinits[2]; struct lsh_string *literal_kexinits[2];
......
...@@ -129,7 +129,7 @@ static struct hash_instance *make_sha_instance(struct hash_algorithm *ignored) ...@@ -129,7 +129,7 @@ static struct hash_instance *make_sha_instance(struct hash_algorithm *ignored)
struct hash_algorithm sha_algorithm = struct hash_algorithm sha_algorithm =
{ SHA_DATASIZE, SHA_DIGESTSIZE, make_sha_instance }; { SHA_DATASIZE, SHA_DIGESTSIZE, make_sha_instance };
/* HMAC */ /* HMAC (rfc-2104) */
struct hmac_algorithm struct hmac_algorithm
{ {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment