1/*
2 * Author: Tatu Ylonen <ylo@cs.hut.fi>
3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4 * All rights reserved
5 * Created: Fri Mar 17 17:09:28 1995 ylo
6 * This program is the ssh daemon. It listens for connections from clients, and
7 * performs authentication, executes use commands or shell, and forwards
8 * information to/from the application to the user client over an encrypted
9 * connection. This can also handle forwarding of X11, TCP/IP, and authentication
10 * agent connections.
11 *
12 * SSH2 implementation,
13 * Copyright (c) 2000 Markus Friedl. All rights reserved.
14 *
15 * $FreeBSD: head/crypto/openssh/sshd.c 61212 2000-06-03 09:58:15Z kris $
16 */
17
18#include "includes.h"
19RCSID("$OpenBSD: sshd.c,v 1.118 2000/05/25 20:45:20 markus Exp $");
20
21#include "xmalloc.h"
22#include "rsa.h"
23#include "ssh.h"
24#include "pty.h"
25#include "packet.h"
26#include "cipher.h"
27#include "mpaux.h"
--- 259 unchanged lines hidden (view full) ---
287 log("RSA key generation complete.");
288 }
289 /* Reschedule the alarm. */
290 signal(SIGALRM, key_regeneration_alarm);
291 alarm(options.key_regeneration_time);
292 errno = save_errno;
293}
294
295void
296sshd_exchange_identification(int sock_in, int sock_out)
297{
298 int i, mismatch;
299 int remote_major, remote_minor;
300 int major, minor;
301 char *s;
302 char buf[256]; /* Must not be larger than remote_version. */
--- 111 unchanged lines hidden (view full) ---
414 packet_set_ssh2_format();
415}
416
417
418void
419destroy_sensitive_data(void)
420{
421 /* Destroy the private and public keys. They will no longer be needed. */
422 if (public_key)
423 RSA_free(public_key);
424 if (sensitive_data.private_key)
425 RSA_free(sensitive_data.private_key);
426 if (sensitive_data.host_key)
427 RSA_free(sensitive_data.host_key);
428 if (sensitive_data.dsa_host_key != NULL)
429 key_free(sensitive_data.dsa_host_key);
430}
431
432/*
433 * Main program for the daemon.
434 */
435int
--- 786 unchanged lines hidden (view full) ---
1222void
1223do_ssh2_kex()
1224{
1225 Buffer *server_kexinit;
1226 Buffer *client_kexinit;
1227 int payload_len, dlen;
1228 int slen;
1229 unsigned int klen, kout;
1230 unsigned char *signature = NULL;
1231 unsigned char *server_host_key_blob = NULL;
1232 unsigned int sbloblen;
1233 DH *dh;
1234 BIGNUM *dh_client_pub = 0;
1235 BIGNUM *shared_secret = 0;
1236 int i;
1237 unsigned char *kbuf;
1238 unsigned char *hash;
1239 Kex *kex;
1240 char *cprop[PROPOSAL_MAX];
1241
1242/* KEXINIT */
1243
1244 if (options.ciphers != NULL) {
1245 myproposal[PROPOSAL_ENC_ALGS_CTOS] =
1246 myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers;
1247 }
1248 server_kexinit = kex_init(myproposal);
1249 client_kexinit = xmalloc(sizeof(*client_kexinit));
1250 buffer_init(client_kexinit);
1251
1252 /* algorithm negotiation */
1253 kex_exchange_kexinit(server_kexinit, client_kexinit, cprop);
1254 kex = kex_choose_conf(cprop, myproposal, 1);
1255 for (i = 0; i < PROPOSAL_MAX; i++)
1256 xfree(cprop[i]);
1257
1258/* KEXDH */
1259
1260 debug("Wait SSH2_MSG_KEXDH_INIT.");
1261 packet_read_expect(&payload_len, SSH2_MSG_KEXDH_INIT);
1262
1263 /* key, cert */
1264 dh_client_pub = BN_new();
1265 if (dh_client_pub == NULL)
--- 113 unchanged lines hidden ---
2 * Author: Tatu Ylonen <ylo@cs.hut.fi>
3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4 * All rights reserved
5 * Created: Fri Mar 17 17:09:28 1995 ylo
6 * This program is the ssh daemon. It listens for connections from clients, and
7 * performs authentication, executes use commands or shell, and forwards
8 * information to/from the application to the user client over an encrypted
9 * connection. This can also handle forwarding of X11, TCP/IP, and authentication
10 * agent connections.
11 *
12 * SSH2 implementation,
13 * Copyright (c) 2000 Markus Friedl. All rights reserved.
14 *
15 * $FreeBSD: head/crypto/openssh/sshd.c 61212 2000-06-03 09:58:15Z kris $
16 */
17
18#include "includes.h"
19RCSID("$OpenBSD: sshd.c,v 1.118 2000/05/25 20:45:20 markus Exp $");
20
21#include "xmalloc.h"
22#include "rsa.h"
23#include "ssh.h"
24#include "pty.h"
25#include "packet.h"
26#include "cipher.h"
27#include "mpaux.h"
--- 259 unchanged lines hidden (view full) ---
287 log("RSA key generation complete.");
288 }
289 /* Reschedule the alarm. */
290 signal(SIGALRM, key_regeneration_alarm);
291 alarm(options.key_regeneration_time);
292 errno = save_errno;
293}
294
295void
296sshd_exchange_identification(int sock_in, int sock_out)
297{
298 int i, mismatch;
299 int remote_major, remote_minor;
300 int major, minor;
301 char *s;
302 char buf[256]; /* Must not be larger than remote_version. */
--- 111 unchanged lines hidden (view full) ---
414 packet_set_ssh2_format();
415}
416
417
418void
419destroy_sensitive_data(void)
420{
421 /* Destroy the private and public keys. They will no longer be needed. */
422 if (public_key)
423 RSA_free(public_key);
424 if (sensitive_data.private_key)
425 RSA_free(sensitive_data.private_key);
426 if (sensitive_data.host_key)
427 RSA_free(sensitive_data.host_key);
428 if (sensitive_data.dsa_host_key != NULL)
429 key_free(sensitive_data.dsa_host_key);
430}
431
432/*
433 * Main program for the daemon.
434 */
435int
--- 786 unchanged lines hidden (view full) ---
1222void
1223do_ssh2_kex()
1224{
1225 Buffer *server_kexinit;
1226 Buffer *client_kexinit;
1227 int payload_len, dlen;
1228 int slen;
1229 unsigned int klen, kout;
1230 unsigned char *signature = NULL;
1231 unsigned char *server_host_key_blob = NULL;
1232 unsigned int sbloblen;
1233 DH *dh;
1234 BIGNUM *dh_client_pub = 0;
1235 BIGNUM *shared_secret = 0;
1236 int i;
1237 unsigned char *kbuf;
1238 unsigned char *hash;
1239 Kex *kex;
1240 char *cprop[PROPOSAL_MAX];
1241
1242/* KEXINIT */
1243
1244 if (options.ciphers != NULL) {
1245 myproposal[PROPOSAL_ENC_ALGS_CTOS] =
1246 myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers;
1247 }
1248 server_kexinit = kex_init(myproposal);
1249 client_kexinit = xmalloc(sizeof(*client_kexinit));
1250 buffer_init(client_kexinit);
1251
1252 /* algorithm negotiation */
1253 kex_exchange_kexinit(server_kexinit, client_kexinit, cprop);
1254 kex = kex_choose_conf(cprop, myproposal, 1);
1255 for (i = 0; i < PROPOSAL_MAX; i++)
1256 xfree(cprop[i]);
1257
1258/* KEXDH */
1259
1260 debug("Wait SSH2_MSG_KEXDH_INIT.");
1261 packet_read_expect(&payload_len, SSH2_MSG_KEXDH_INIT);
1262
1263 /* key, cert */
1264 dh_client_pub = BN_new();
1265 if (dh_client_pub == NULL)
--- 113 unchanged lines hidden ---