Commit 95fafbdd authored by Niels Möller's avatar Niels Möller
Browse files

* src/keyexchange.c (send_kexinit): Renamed from

initiate_keyexchange. Updated callers. Disable the key re-exchange
timer.
(do_handle_kexinit): Call send_kexinit, instead of duplicating
it.

Rev: src/handshake.c:1.10
Rev: src/keyexchange.c:1.82
Rev: src/keyexchange.h:1.54
parent ae198b99
...@@ -188,7 +188,7 @@ do_line(struct line_handler **h, ...@@ -188,7 +188,7 @@ do_line(struct line_handler **h,
assert(mode == CONNECTION_SERVER); assert(mode == CONNECTION_SERVER);
/* Sending keyexchange packet was delayed. Do it now */ /* Sending keyexchange packet was delayed. Do it now */
initiate_keyexchange(connection); send_kexinit(connection);
} }
#endif /* WITH_SSH1_FALLBACK */ #endif /* WITH_SSH1_FALLBACK */
...@@ -430,5 +430,5 @@ DEFINE_COMMAND4(handshake_command) ...@@ -430,5 +430,5 @@ DEFINE_COMMAND4(handshake_command)
A_WRITE(connection->raw, A_WRITE(connection->raw,
ssh_format("%lS\r\n", version)); ssh_format("%lS\r\n", version));
initiate_keyexchange(connection); send_kexinit(connection);
} }
...@@ -146,7 +146,7 @@ format_kex(struct kexinit *kex) ...@@ -146,7 +146,7 @@ format_kex(struct kexinit *kex)
} }
void void
initiate_keyexchange(struct ssh_connection *connection) send_kexinit(struct ssh_connection *connection)
{ {
struct lsh_string *s; struct lsh_string *s;
int mode = connection->flags & CONNECTION_MODE; int mode = connection->flags & CONNECTION_MODE;
...@@ -156,11 +156,15 @@ initiate_keyexchange(struct ssh_connection *connection) ...@@ -156,11 +156,15 @@ initiate_keyexchange(struct ssh_connection *connection)
assert(kex->first_kex_packet_follows == !!kex->first_kex_packet); assert(kex->first_kex_packet_follows == !!kex->first_kex_packet);
assert(connection->read_kex_state == KEX_STATE_INIT); assert(connection->read_kex_state == KEX_STATE_INIT);
/* First, disable any key reexchange timer */
if (connection->key_expire)
KILL_RESOURCE(connection->key_expire);
s = format_kex(kex); s = format_kex(kex);
/* Save value for later signing */ /* Save value for later signing */
#if 0 #if 0
debug("initiate_keyexchange: Storing literal_kexinits[%i]\n", mode); debug("send_kexinit: Storing literal_kexinits[%i]\n", mode);
#endif #endif
connection->literal_kexinits[mode] = s; connection->literal_kexinits[mode] = s;
...@@ -168,6 +172,8 @@ initiate_keyexchange(struct ssh_connection *connection) ...@@ -168,6 +172,8 @@ initiate_keyexchange(struct ssh_connection *connection)
C_WRITE_NOW(connection, lsh_string_dup(s)); C_WRITE_NOW(connection, lsh_string_dup(s));
/* NOTE: This feature isn't fully implemented, as we won't tell
* the selected key exchange method if the guess was "right". */
if (kex->first_kex_packet_follows) if (kex->first_kex_packet_follows)
{ {
s = kex->first_kex_packet; s = kex->first_kex_packet;
...@@ -259,6 +265,9 @@ do_handle_kexinit(struct packet_handler *c, ...@@ -259,6 +265,9 @@ do_handle_kexinit(struct packet_handler *c,
/* Have we sent a kexinit message already? */ /* Have we sent a kexinit message already? */
if (!connection->kexinits[mode]) if (!connection->kexinits[mode])
{ {
connection->kexinits[mode] = MAKE_KEXINIT(closure->init);
send_kexinit(connection);
#if 0
struct lsh_string *packet; struct lsh_string *packet;
struct kexinit *sent = MAKE_KEXINIT(closure->init); struct kexinit *sent = MAKE_KEXINIT(closure->init);
connection->kexinits[mode] = sent; connection->kexinits[mode] = sent;
...@@ -270,6 +279,7 @@ do_handle_kexinit(struct packet_handler *c, ...@@ -270,6 +279,7 @@ do_handle_kexinit(struct packet_handler *c,
connection_send_kex_start(connection); connection_send_kex_start(connection);
C_WRITE_NOW(connection, packet); C_WRITE_NOW(connection, packet);
#endif
} }
/* Select key exchange algorithms */ /* Select key exchange algorithms */
...@@ -867,6 +877,8 @@ keyexchange_finish(struct ssh_connection *connection, ...@@ -867,6 +877,8 @@ keyexchange_finish(struct ssh_connection *connection,
send_verbose(connection->write, "Key exchange successful!", 0); send_verbose(connection->write, "Key exchange successful!", 0);
#endif #endif
/* FIXME: This is the time for installing the key_expire timer. */
/* FIXME: If we have stopped readin channel sources during the key /* FIXME: If we have stopped readin channel sources during the key
* exchange, we must get them started again, perhaps by calling * exchange, we must get them started again, perhaps by calling
* CHANNEL_ADJUST(channel, 0) for all channels. Can we reuse the * CHANNEL_ADJUST(channel, 0) for all channels. Can we reuse the
......
...@@ -132,7 +132,10 @@ make_simple_kexinit(struct randomness *r, ...@@ -132,7 +132,10 @@ make_simple_kexinit(struct randomness *r,
extern struct command_2 kexinit_filter; extern struct command_2 kexinit_filter;
#define KEXINIT_FILTER (&kexinit_filter.super.super) #define KEXINIT_FILTER (&kexinit_filter.super.super)
void initiate_keyexchange(struct ssh_connection *connection); /* Sends the keyexchange message, which must already be stored in
* connection->kexinits[connection->flags & CONNECTION_MODE]
*/
void send_kexinit(struct ssh_connection *connection);
struct packet_handler * struct packet_handler *
make_kexinit_handler(struct make_kexinit *init, make_kexinit_handler(struct make_kexinit *init,
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment