67 static int kex_choose_conf(struct ssh *);
321 	struct ssh *ssh = active_state; /* XXX */
325 	if ((r = sshpkt_start(ssh, SSH2_MSG_UNIMPLEMENTED)) != 0 ||
326 	    (r = sshpkt_put_u32(ssh, seq)) != 0 ||
327 	    (r = sshpkt_send(ssh)) != 0)
333 kex_reset_dispatch(struct ssh *ssh)
335 	ssh_dispatch_range(ssh, SSH2_MSG_TRANSPORT_MIN,
337 	ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_input_kexinit);
341 kex_send_ext_info(struct ssh *ssh)
345 	if ((r = sshpkt_start(ssh, SSH2_MSG_EXT_INFO)) != 0 ||
346 	    (r = sshpkt_put_u32(ssh, 1)) != 0 ||
347 	    (r = sshpkt_put_cstring(ssh, "server-sig-algs")) != 0 ||
348 	    (r = sshpkt_put_cstring(ssh, "rsa-sha2-256,rsa-sha2-512")) != 0 ||
349 	    (r = sshpkt_send(ssh)) != 0)
355 kex_send_newkeys(struct ssh *ssh)
359 	kex_reset_dispatch(ssh);
360 	if ((r = sshpkt_start(ssh, SSH2_MSG_NEWKEYS)) != 0 ||
361 	    (r = sshpkt_send(ssh)) != 0)
365 	ssh_dispatch_set(ssh, SSH2_MSG_NEWKEYS, &kex_input_newkeys);
366 	if (ssh->kex->ext_info_c)
367 		if ((r = kex_send_ext_info(ssh)) != 0)
375 	struct ssh *ssh = ctxt;
376 	struct kex *kex = ssh->kex;
382 	ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, &kex_protocol_error);
383 	if ((r = sshpkt_get_u32(ssh, &ninfo)) != 0)
386 		if ((r = sshpkt_get_cstring(ssh, &name, NULL)) != 0)
388 		if ((r = sshpkt_get_cstring(ssh, &val, NULL)) != 0) {
408 	return sshpkt_get_end(ssh);
414 	struct ssh *ssh = ctxt;
415 	struct kex *kex = ssh->kex;
419 	ssh_dispatch_set(ssh, SSH2_MSG_NEWKEYS, &kex_protocol_error);
420 	if ((r = sshpkt_get_end(ssh)) != 0)
432 kex_send_kexinit(struct ssh *ssh)
435 	struct kex *kex = ssh->kex;
451 	if ((r = sshpkt_start(ssh, SSH2_MSG_KEXINIT)) != 0 ||
452 	    (r = sshpkt_putb(ssh, kex->my)) != 0 ||
453 	    (r = sshpkt_send(ssh)) != 0)
464 	struct ssh *ssh = ctxt;
465 	struct kex *kex = ssh->kex;
475 	ptr = sshpkt_ptr(ssh, &dlen);
481 		if ((r = sshpkt_get_u8(ssh, NULL)) != 0)
484 		if ((r = sshpkt_get_string(ssh, NULL, NULL)) != 0)
496 	if ((r = sshpkt_get_u8(ssh, NULL)) != 0 ||	/* first_kex_follows */
497 	    (r = sshpkt_get_u32(ssh, NULL)) != 0 ||	/* reserved */
498 	    (r = sshpkt_get_end(ssh)) != 0)
502 		if ((r = kex_send_kexinit(ssh)) != 0)
504 	if ((r = kex_choose_conf(ssh)) != 0)
508 		return (kex->kex[kex->kex_type])(ssh);
514 kex_new(struct ssh *ssh, char *proposal[PROPOSAL_MAX], struct kex **kexp)
530 	kex_reset_dispatch(ssh);
599 kex_setup(struct ssh *ssh, char *proposal[PROPOSAL_MAX])
603 	if ((r = kex_new(ssh, proposal, &ssh->kex)) != 0)
605 	if ((r = kex_send_kexinit(ssh)) != 0) {		/* we start */
606 		kex_free(ssh->kex);
607 		ssh->kex = NULL;
618 kex_start_rekex(struct ssh *ssh)
620 	if (ssh->kex == NULL) {
624 	if (ssh->kex->done == 0) {
628 	ssh->kex->done = 0;
629 	return kex_send_kexinit(ssh);
652 choose_mac(struct ssh *ssh, struct sshmac *mac, char *client, char *server)
661 	if (ssh->compat & SSH_BUG_HMAC)
748 kex_choose_conf(struct ssh *ssh)
750 	struct kex *kex = ssh->kex;
817 		    (r = choose_mac(ssh, &newkeys->mac, cprop[nmac],
853 	    !(ssh->compat & SSH_BUG_FIRSTKEX))
854 		ssh->dispatch_skip_packets = 1;
863 derive_key(struct ssh *ssh, int id, u_int need, u_char *hash, u_int hashlen,
866 	struct kex *kex = ssh->kex;
927 kex_derive_keys(struct ssh *ssh, u_char *hash, u_int hashlen,
930 	struct kex *kex = ssh->kex;
936 		if ((r = derive_key(ssh, 'A'+i, kex->we_need, hash, hashlen,
955 kex_derive_keys_bn(struct ssh *ssh, u_char *hash, u_int hashlen,
964 		r = kex_derive_keys(ssh, hash, hashlen, shared_secret);

Indexes created Tue Jun 18 09:53:56 MDT 2024