Commit 63b9fa5b authored by Niels Möller's avatar Niels Möller
Browse files

*** empty log message ***

Rev: src/client_keyexchange.c:1.6
Rev: src/client_keyexchange.h:1.4
Rev: src/connection.c:1.8
Rev: src/connection.h:1.14
Rev: src/crypto.c:1.5
parent 2719cd8e
......@@ -41,6 +41,8 @@ static int do_handle_dh_reply(struct packet_handler *c,
struct lsh_string *s;
int res;
verbose("handle_dh_reply()\n");
if (!dh_process_server_msg(&closure->dh, packet))
{
disconnect_kex_failed(connection, "Bad dh-reply\r\n");
......@@ -50,9 +52,7 @@ static int do_handle_dh_reply(struct packet_handler *c,
v = LOOKUP_VERIFIER(closure->verifier, closure->dh.server_key);
if (!v)
/* FIXME: Use a more appropriate error code. Should probably have
* a separate file for sending and recieving various types of
* disconnects. */
/* FIXME: Use a more appropriate error code? */
{
disconnect_kex_failed(connection, "Bad server host key\r\n");
return WRITE_CLOSED;
......@@ -102,6 +102,8 @@ static int do_init_dh(struct keyexchange_algorithm *c,
struct dh_client_exchange *closure = (struct dh_client_exchange *) c;
struct dh_client *dh = xalloc(sizeof(struct dh_client));
int res;
/* FIXME: Use this value to choose a verifier function */
if (hostkey_algorithm_atom != ATOM_SSH_DSS)
fatal("Internal error\n");
......@@ -115,7 +117,10 @@ static int do_init_dh(struct keyexchange_algorithm *c,
dh->install = make_client_install_keys(algorithms);
/* Send client's message */
A_WRITE(connection->write, dh_make_client_msg(&dh->dh));
res = A_WRITE(connection->write, dh_make_client_msg(&dh->dh));
if (res != WRITE_OK)
return res;
/* Install handler */
connection->dispatch[SSH_MSG_KEXDH_REPLY] = &dh->super;
......
......@@ -33,10 +33,11 @@
* algorithm and some method to determine the authenticity of the key.
* Returns NULL If the key is invalid or not trusted. */
/* FIXME: This function needs the hostname we are connecting to. */
struct lookup_verifier
{
struct verifier * (*lookup)(struct lookup_verifier *closure,
struct lsh_string *);
struct lsh_string *key);
};
#define LOOKUP_VERIFIER(l, key) ((l)->lookup((l), (key)))
......@@ -58,4 +59,8 @@ struct dh_client
struct packet_handler *saved_kexinit_handler;
};
struct keyexchange_algorithm *
make_dh_client(struct diffie_hellman_method *dh,
struct lookup_verifier *verifier);
#endif /* LSH_CLIENT_KEYEXCHANGE_H_INCLUDED */
......@@ -27,8 +27,11 @@ static int handle_connection(struct abstract_write **w,
msg = packet->data[0];
debug("handle_connection: Recieved packet of type %d\n", msg);
if (closure->ignore_one_packet)
{
debug("handle_connection: Ignoring packet %d\n", msg);
closure->ignore_one_packet = 0;
lsh_string_free(packet);
return WRITE_OK;
......@@ -67,6 +70,9 @@ static int do_unimplemented(struct packet_handler *closure,
ssh_format("%c%i",
SSH_MSG_UNIMPLEMENTED,
packet->sequence_number));
verbose("Recieved packet of unimplemented type %d.\n",
packet->data[0]);
lsh_string_free(packet);
return res;
}
......
......@@ -38,7 +38,9 @@ struct ssh_connection
* inside the newkeys-handler? */
#endif
#if 0
int type; /* CONNECTION_SERVER or CONNECTION_CLIENT */
#endif
/* Sent and recieved version strings */
struct lsh_string *client_version;
......@@ -69,8 +71,11 @@ struct ssh_connection
struct packet_handler *fail;
/* Key exchange */
/* int kex_state; */
#if 0
int kex_state;
struct make_kexinit *make_kexinit;
#endif
/* First element is the kexinit sent by the server */
struct kexinit *kexinits[2];
struct lsh_string *literal_kexinits[2];
......
......@@ -129,7 +129,7 @@ static struct hash_instance *make_sha_instance(struct hash_algorithm *ignored)
struct hash_algorithm sha_algorithm =
{ SHA_DATASIZE, SHA_DIGESTSIZE, make_sha_instance };
/* HMAC */
/* HMAC (rfc-2104) */
struct hmac_algorithm
{
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment