Server: fix rekeying
Этот коммит содержится в:
родитель
3b81da21c2
Коммит
dd6a0b51ac
2
src/dh.c
2
src/dh.c
@ -828,7 +828,7 @@ int make_sessionid(ssh_session session) {
|
||||
session->next_crypto->digest_len);
|
||||
}
|
||||
#ifdef DEBUG_CRYPTO
|
||||
printf("Session hash: ");
|
||||
printf("Session hash: \n");
|
||||
ssh_print_hexa("secret hash", session->next_crypto->secret_hash, session->next_crypto->digest_len);
|
||||
ssh_print_hexa("session id", session->next_crypto->session_id, session->next_crypto->digest_len);
|
||||
#endif
|
||||
|
10
src/ecdh.c
10
src/ecdh.c
@ -312,16 +312,6 @@ int ssh_server_ecdh_init(ssh_session session, ssh_buffer packet){
|
||||
return SSH_ERROR;
|
||||
}
|
||||
|
||||
/* Free private keys as they should not be readable after this point */
|
||||
if (session->srv.rsa_key) {
|
||||
ssh_key_free(session->srv.rsa_key);
|
||||
session->srv.rsa_key = NULL;
|
||||
}
|
||||
if (session->srv.dsa_key) {
|
||||
ssh_key_free(session->srv.dsa_key);
|
||||
session->srv.dsa_key = NULL;
|
||||
}
|
||||
|
||||
ssh_log(session,SSH_LOG_PROTOCOL, "SSH_MSG_KEXDH_REPLY sent");
|
||||
rc = packet_send(session);
|
||||
if (rc == SSH_ERROR) {
|
||||
|
10
src/pki.c
10
src/pki.c
@ -1381,18 +1381,18 @@ ssh_string ssh_srv_pki_do_sign_sessionid(ssh_session session,
|
||||
if (session == NULL || privkey == NULL || !ssh_key_is_private(privkey)) {
|
||||
return NULL;
|
||||
}
|
||||
crypto = session->current_crypto ? session->current_crypto :
|
||||
session->next_crypto;
|
||||
crypto = session->next_crypto ? session->next_crypto :
|
||||
session->current_crypto;
|
||||
|
||||
ctx = sha1_init();
|
||||
if (ctx == NULL) {
|
||||
return NULL;
|
||||
}
|
||||
if (crypto->session_id == NULL){
|
||||
ssh_set_error(session,SSH_FATAL,"Missing session_id");
|
||||
if (crypto->secret_hash == NULL){
|
||||
ssh_set_error(session,SSH_FATAL,"Missing secret_hash");
|
||||
return NULL;
|
||||
}
|
||||
sha1_update(ctx, crypto->session_id, crypto->digest_len);
|
||||
sha1_update(ctx, crypto->secret_hash, crypto->digest_len);
|
||||
sha1_final(hash, ctx);
|
||||
|
||||
#ifdef DEBUG_CRYPTO
|
||||
|
46
src/server.c
46
src/server.c
@ -278,22 +278,6 @@ static int dh_handshake_server(ssh_session session) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* Free private keys as they should not be readable after this point */
|
||||
if (session->srv.rsa_key) {
|
||||
ssh_key_free(session->srv.rsa_key);
|
||||
session->srv.rsa_key = NULL;
|
||||
}
|
||||
if (session->srv.dsa_key) {
|
||||
ssh_key_free(session->srv.dsa_key);
|
||||
session->srv.dsa_key = NULL;
|
||||
}
|
||||
#ifdef HAVE_ECC
|
||||
if (session->srv.ecdsa_key) {
|
||||
ssh_key_free(session->srv.ecdsa_key);
|
||||
session->srv.ecdsa_key = NULL;
|
||||
}
|
||||
#endif
|
||||
|
||||
if (buffer_add_u8(session->out_buffer, SSH2_MSG_KEXDH_REPLY) < 0 ||
|
||||
buffer_add_ssh_string(session->out_buffer,
|
||||
session->next_crypto->server_pubkey) < 0 ||
|
||||
@ -400,6 +384,13 @@ static void ssh_server_connection_callback(ssh_session session){
|
||||
break;
|
||||
case SSH_SESSION_STATE_KEXINIT_RECEIVED:
|
||||
set_status(session,0.6f);
|
||||
if(session->next_crypto->server_kex.methods[0]==NULL){
|
||||
if(server_set_kex(session) == SSH_ERROR)
|
||||
goto error;
|
||||
/* We are in a rekeying, so we need to send the server kex */
|
||||
if(ssh_send_kex(session, 1) < 0)
|
||||
goto error;
|
||||
}
|
||||
ssh_list_kex(session, &session->next_crypto->client_kex); // log client kex
|
||||
if (ssh_kex_select_methods(session) < 0) {
|
||||
goto error;
|
||||
@ -429,10 +420,20 @@ static void ssh_server_connection_callback(ssh_session session){
|
||||
if (session->next_crypto == NULL) {
|
||||
goto error;
|
||||
}
|
||||
set_status(session,1.0f);
|
||||
session->connected = 1;
|
||||
session->session_state=SSH_SESSION_STATE_AUTHENTICATING;
|
||||
}
|
||||
session->next_crypto->session_id = malloc(session->current_crypto->digest_len);
|
||||
if (session->next_crypto->session_id == NULL) {
|
||||
ssh_set_error_oom(session);
|
||||
goto error;
|
||||
}
|
||||
memcpy(session->next_crypto->session_id, session->current_crypto->session_id,
|
||||
session->current_crypto->digest_len);
|
||||
|
||||
set_status(session,1.0f);
|
||||
session->connected = 1;
|
||||
session->session_state=SSH_SESSION_STATE_AUTHENTICATING;
|
||||
if (session->flags & SSH_SESSION_FLAG_AUTHENTICATED)
|
||||
session->session_state = SSH_SESSION_STATE_AUTHENTICATED;
|
||||
}
|
||||
break;
|
||||
case SSH_SESSION_STATE_AUTHENTICATING:
|
||||
break;
|
||||
@ -561,7 +562,7 @@ int ssh_handle_key_exchange(ssh_session session) {
|
||||
pending:
|
||||
rc = ssh_handle_packets_termination(session, SSH_TIMEOUT_USER,
|
||||
ssh_server_kex_termination,session);
|
||||
ssh_log(session,SSH_LOG_PACKET, "ssh_handle_key_exchange: Actual state : %d",
|
||||
ssh_log(session,SSH_LOG_PACKET, "ssh_handle_key_exchange: current state : %d",
|
||||
session->session_state);
|
||||
if (rc != SSH_OK)
|
||||
return rc;
|
||||
@ -1032,6 +1033,9 @@ int ssh_auth_reply_success(ssh_session session, int partial) {
|
||||
if (partial) {
|
||||
return ssh_auth_reply_default(session, partial);
|
||||
}
|
||||
|
||||
session->session_state = SSH_SESSION_STATE_AUTHENTICATED;
|
||||
session->flags |= SSH_SESSION_FLAG_AUTHENTICATED;
|
||||
|
||||
if (buffer_add_u8(session->out_buffer,SSH2_MSG_USERAUTH_SUCCESS) < 0) {
|
||||
return SSH_ERROR;
|
||||
|
Загрузка…
Ссылка в новой задаче
Block a user