Commit 66c86bc8 authored by Niels Möller's avatar Niels Möller
Browse files

* src/connection.h (ssh_connection): Renamed established attribute

to keyexchange_done.

* src/connection.c (make_ssh_connection): Deleted the continuation
argument.
(connection_after_keyexchange): New function.

* src/keyexchange.c (keyexchange_finish): Moved invocation of
connection->established...
* src/connection.c (connection_send_kex_end): ...to here.

Rev: src/connection.c:1.70
Rev: src/connection.h:1.64
Rev: src/keyexchange.c:1.84
parent d963aa95
...@@ -336,7 +336,6 @@ struct ssh_connection * ...@@ -336,7 +336,6 @@ struct ssh_connection *
make_ssh_connection(enum connection_flag flags, make_ssh_connection(enum connection_flag flags,
struct address_info *peer, struct address_info *peer,
const char *debug_comment, const char *debug_comment,
struct command_continuation *c,
struct exception_handler *e) struct exception_handler *e)
{ {
int i; int i;
...@@ -353,7 +352,7 @@ make_ssh_connection(enum connection_flag flags, ...@@ -353,7 +352,7 @@ make_ssh_connection(enum connection_flag flags,
* protocol errors */ * protocol errors */
connection->e = make_exc_connection_handler(connection, e, HANDLER_CONTEXT); connection->e = make_exc_connection_handler(connection, e, HANDLER_CONTEXT);
connection->established = c; connection->keyexchange_done = NULL;
/* Initialize instance variables */ /* Initialize instance variables */
...@@ -457,6 +456,13 @@ connection_init_io(struct ssh_connection *connection, ...@@ -457,6 +456,13 @@ connection_init_io(struct ssh_connection *connection,
: ssh_format("Sent"))); : ssh_format("Sent")));
} }
void
connection_after_keyexchange(struct ssh_connection *self,
struct command_continuation *c)
{
assert(!self->keyexchange_done);
self->keyexchange_done = c;
}
/* GABA: /* GABA:
(class (class
...@@ -522,7 +528,13 @@ connection_send_kex_end(struct ssh_connection *self) ...@@ -522,7 +528,13 @@ connection_send_kex_end(struct ssh_connection *self)
self->send_kex_only = 0; self->send_kex_only = 0;
/* FIXME: Restart channels */ if (self->keyexchange_done)
{
struct command_continuation *c = self->keyexchange_done;
self->keyexchange_done = NULL;
COMMAND_RETURN(c, self);
}
} }
/* Serialization. */ /* Serialization. */
......
...@@ -202,9 +202,11 @@ do_##NAME(struct packet_handler *s UNUSED, \ ...@@ -202,9 +202,11 @@ do_##NAME(struct packet_handler *s UNUSED, \
(key_expire object resource) (key_expire object resource)
(sent_data . UINT32) (sent_data . UINT32)
; What to do once the connection is established ; Invoked at the end of keyexchange.
(established object command_continuation) ; Automatically reset to zero after each invocation.
; Gets the connection as argument.
(keyexchange_done object command_continuation)
(kexinits array (object kexinit) 2) (kexinits array (object kexinit) 2)
(literal_kexinits array (string) 2) (literal_kexinits array (string) 2)
...@@ -232,13 +234,17 @@ struct ssh_connection * ...@@ -232,13 +234,17 @@ struct ssh_connection *
make_ssh_connection(enum connection_flag flags, make_ssh_connection(enum connection_flag flags,
struct address_info *peer, struct address_info *peer,
const char *id_comment, const char *id_comment,
struct command_continuation *c,
struct exception_handler *e); struct exception_handler *e);
void connection_init_io(struct ssh_connection *connection, void connection_init_io(struct ssh_connection *connection,
struct abstract_write *raw, struct abstract_write *raw,
struct randomness *r); struct randomness *r);
void
connection_after_keyexchange(struct ssh_connection *self,
struct command_continuation *c);
struct lsh_callback * struct lsh_callback *
make_connection_close_handler(struct ssh_connection *c); make_connection_close_handler(struct ssh_connection *c);
......
...@@ -47,6 +47,11 @@ ...@@ -47,6 +47,11 @@
#include "keyexchange.c.x" #include "keyexchange.c.x"
/* Define this to get very frequent re-exchanges */
#ifndef STRESS_KEYEXCHANGE
# define STRESS_KEYEXCHANGE 0
#endif
/* GABA: /* GABA:
(class (class
(name kexinit_handler) (name kexinit_handler)
...@@ -613,10 +618,15 @@ set_reexchange_timeout(struct ssh_connection *connection, ...@@ -613,10 +618,15 @@ set_reexchange_timeout(struct ssh_connection *connection,
/* Maximum lifetime for the session keys. Use longer timeout on /* Maximum lifetime for the session keys. Use longer timeout on
* the server side. */ * the server side. */
#if STRESS_KEYEXCHANGE
# define SESSION_KEY_LIFETIME_CLIENT 4
# define SESSION_KEY_LIFETIME_SERVER 14
#else
/* 40 minutes */ /* 40 minutes */
#define SESSION_KEY_LIFETIME_CLIENT 2400 # define SESSION_KEY_LIFETIME_CLIENT 2400
/* 90 minutes */ /* 90 minutes */
#define SESSION_KEY_LIFETIME_SERVER 5400 # define SESSION_KEY_LIFETIME_SERVER 5400
#endif
static void static void
do_handle_newkeys(struct packet_handler *c, do_handle_newkeys(struct packet_handler *c,
...@@ -905,26 +915,4 @@ keyexchange_finish(struct ssh_connection *connection, ...@@ -905,26 +915,4 @@ keyexchange_finish(struct ssh_connection *connection,
connection_send_kex_end(connection); connection_send_kex_end(connection);
connection->read_kex_state = KEX_STATE_NEWKEYS; connection->read_kex_state = KEX_STATE_NEWKEYS;
#if 0
/* This message is rather pointless, and some implementations don't
* handle it properly. */
#if DATAFELLOWS_WORKAROUNDS
if (! (connection->peer_flags & PEER_SEND_NO_DEBUG))
#endif
send_verbose(connection->write, "Key exchange successful!", 0);
#endif
/* FIXME: If we have stopped readin channel sources during the key
* exchange, we must get them started again, perhaps by calling
* CHANNEL_ADJUST(channel, 0) for all channels. Can we reuse the
* connection->established hook for that? */
if (connection->established)
{
struct command_continuation *c = connection->established;
connection->established = NULL;
COMMAND_RETURN(c, connection);
}
} }
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment