Commit 95fafbdd authored by Niels Möller's avatar Niels Möller
Browse files

* src/keyexchange.c (send_kexinit): Renamed from

initiate_keyexchange. Updated callers. Disable the key re-exchange
timer.
(do_handle_kexinit): Call send_kexinit, instead of duplicating
it.

Rev: src/handshake.c:1.10
Rev: src/keyexchange.c:1.82
Rev: src/keyexchange.h:1.54
parent ae198b99
......@@ -188,7 +188,7 @@ do_line(struct line_handler **h,
assert(mode == CONNECTION_SERVER);
/* Sending keyexchange packet was delayed. Do it now */
initiate_keyexchange(connection);
send_kexinit(connection);
}
#endif /* WITH_SSH1_FALLBACK */
......@@ -430,5 +430,5 @@ DEFINE_COMMAND4(handshake_command)
A_WRITE(connection->raw,
ssh_format("%lS\r\n", version));
initiate_keyexchange(connection);
send_kexinit(connection);
}
......@@ -146,21 +146,25 @@ format_kex(struct kexinit *kex)
}
void
initiate_keyexchange(struct ssh_connection *connection)
send_kexinit(struct ssh_connection *connection)
{
struct lsh_string *s;
int mode = connection->flags & CONNECTION_MODE;
struct kexinit *kex = connection->kexinits[mode];
struct kexinit *kex = connection->kexinits[mode];
assert(kex->first_kex_packet_follows == !!kex->first_kex_packet);
assert(connection->read_kex_state == KEX_STATE_INIT);
/* First, disable any key reexchange timer */
if (connection->key_expire)
KILL_RESOURCE(connection->key_expire);
s = format_kex(kex);
/* Save value for later signing */
#if 0
debug("initiate_keyexchange: Storing literal_kexinits[%i]\n", mode);
debug("send_kexinit: Storing literal_kexinits[%i]\n", mode);
#endif
connection->literal_kexinits[mode] = s;
......@@ -168,6 +172,8 @@ initiate_keyexchange(struct ssh_connection *connection)
C_WRITE_NOW(connection, lsh_string_dup(s));
/* NOTE: This feature isn't fully implemented, as we won't tell
* the selected key exchange method if the guess was "right". */
if (kex->first_kex_packet_follows)
{
s = kex->first_kex_packet;
......@@ -259,6 +265,9 @@ do_handle_kexinit(struct packet_handler *c,
/* Have we sent a kexinit message already? */
if (!connection->kexinits[mode])
{
connection->kexinits[mode] = MAKE_KEXINIT(closure->init);
send_kexinit(connection);
#if 0
struct lsh_string *packet;
struct kexinit *sent = MAKE_KEXINIT(closure->init);
connection->kexinits[mode] = sent;
......@@ -270,6 +279,7 @@ do_handle_kexinit(struct packet_handler *c,
connection_send_kex_start(connection);
C_WRITE_NOW(connection, packet);
#endif
}
/* Select key exchange algorithms */
......@@ -867,6 +877,8 @@ keyexchange_finish(struct ssh_connection *connection,
send_verbose(connection->write, "Key exchange successful!", 0);
#endif
/* FIXME: This is the time for installing the key_expire timer. */
/* FIXME: If we have stopped readin channel sources during the key
* exchange, we must get them started again, perhaps by calling
* CHANNEL_ADJUST(channel, 0) for all channels. Can we reuse the
......
......@@ -132,7 +132,10 @@ make_simple_kexinit(struct randomness *r,
extern struct command_2 kexinit_filter;
#define KEXINIT_FILTER (&kexinit_filter.super.super)
void initiate_keyexchange(struct ssh_connection *connection);
/* Sends the keyexchange message, which must already be stored in
* connection->kexinits[connection->flags & CONNECTION_MODE]
*/
void send_kexinit(struct ssh_connection *connection);
struct packet_handler *
make_kexinit_handler(struct make_kexinit *init,
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment