diff options
-rw-r--r-- | src/dh.c | 2 | ||||
-rw-r--r-- | src/ecdh.c | 10 | ||||
-rw-r--r-- | src/pki.c | 10 | ||||
-rw-r--r-- | src/server.c | 46 |
4 files changed, 31 insertions, 37 deletions
@@ -828,7 +828,7 @@ int make_sessionid(ssh_session session) { session->next_crypto->digest_len); } #ifdef DEBUG_CRYPTO - printf("Session hash: "); + printf("Session hash: \n"); ssh_print_hexa("secret hash", session->next_crypto->secret_hash, session->next_crypto->digest_len); ssh_print_hexa("session id", session->next_crypto->session_id, session->next_crypto->digest_len); #endif @@ -312,16 +312,6 @@ int ssh_server_ecdh_init(ssh_session session, ssh_buffer packet){ return SSH_ERROR; } - /* Free private keys as they should not be readable after this point */ - if (session->srv.rsa_key) { - ssh_key_free(session->srv.rsa_key); - session->srv.rsa_key = NULL; - } - if (session->srv.dsa_key) { - ssh_key_free(session->srv.dsa_key); - session->srv.dsa_key = NULL; - } - ssh_log(session,SSH_LOG_PROTOCOL, "SSH_MSG_KEXDH_REPLY sent"); rc = packet_send(session); if (rc == SSH_ERROR) { @@ -1381,18 +1381,18 @@ ssh_string ssh_srv_pki_do_sign_sessionid(ssh_session session, if (session == NULL || privkey == NULL || !ssh_key_is_private(privkey)) { return NULL; } - crypto = session->current_crypto ? session->current_crypto : - session->next_crypto; + crypto = session->next_crypto ? session->next_crypto : + session->current_crypto; ctx = sha1_init(); if (ctx == NULL) { return NULL; } - if (crypto->session_id == NULL){ - ssh_set_error(session,SSH_FATAL,"Missing session_id"); + if (crypto->secret_hash == NULL){ + ssh_set_error(session,SSH_FATAL,"Missing secret_hash"); return NULL; } - sha1_update(ctx, crypto->session_id, crypto->digest_len); + sha1_update(ctx, crypto->secret_hash, crypto->digest_len); sha1_final(hash, ctx); #ifdef DEBUG_CRYPTO diff --git a/src/server.c b/src/server.c index cea3025..5db33ba 100644 --- a/src/server.c +++ b/src/server.c @@ -278,22 +278,6 @@ static int dh_handshake_server(ssh_session session) { return -1; } - /* Free private keys as they should not be readable after this point */ - if (session->srv.rsa_key) { - ssh_key_free(session->srv.rsa_key); - session->srv.rsa_key = NULL; - } - if (session->srv.dsa_key) { - ssh_key_free(session->srv.dsa_key); - session->srv.dsa_key = NULL; - } -#ifdef HAVE_ECC - if (session->srv.ecdsa_key) { - ssh_key_free(session->srv.ecdsa_key); - session->srv.ecdsa_key = NULL; - } -#endif - if (buffer_add_u8(session->out_buffer, SSH2_MSG_KEXDH_REPLY) < 0 || buffer_add_ssh_string(session->out_buffer, session->next_crypto->server_pubkey) < 0 || @@ -400,6 +384,13 @@ static void ssh_server_connection_callback(ssh_session session){ break; case SSH_SESSION_STATE_KEXINIT_RECEIVED: set_status(session,0.6f); + if(session->next_crypto->server_kex.methods[0]==NULL){ + if(server_set_kex(session) == SSH_ERROR) + goto error; + /* We are in a rekeying, so we need to send the server kex */ + if(ssh_send_kex(session, 1) < 0) + goto error; + } ssh_list_kex(session, &session->next_crypto->client_kex); // log client kex if (ssh_kex_select_methods(session) < 0) { goto error; @@ -429,10 +420,20 @@ static void ssh_server_connection_callback(ssh_session session){ if (session->next_crypto == NULL) { goto error; } - set_status(session,1.0f); - session->connected = 1; - session->session_state=SSH_SESSION_STATE_AUTHENTICATING; - } + session->next_crypto->session_id = malloc(session->current_crypto->digest_len); + if (session->next_crypto->session_id == NULL) { + ssh_set_error_oom(session); + goto error; + } + memcpy(session->next_crypto->session_id, session->current_crypto->session_id, + session->current_crypto->digest_len); + + set_status(session,1.0f); + session->connected = 1; + session->session_state=SSH_SESSION_STATE_AUTHENTICATING; + if (session->flags & SSH_SESSION_FLAG_AUTHENTICATED) + session->session_state = SSH_SESSION_STATE_AUTHENTICATED; + } break; case SSH_SESSION_STATE_AUTHENTICATING: break; @@ -561,7 +562,7 @@ int ssh_handle_key_exchange(ssh_session session) { pending: rc = ssh_handle_packets_termination(session, SSH_TIMEOUT_USER, ssh_server_kex_termination,session); - ssh_log(session,SSH_LOG_PACKET, "ssh_handle_key_exchange: Actual state : %d", + ssh_log(session,SSH_LOG_PACKET, "ssh_handle_key_exchange: current state : %d", session->session_state); if (rc != SSH_OK) return rc; @@ -1032,6 +1033,9 @@ int ssh_auth_reply_success(ssh_session session, int partial) { if (partial) { return ssh_auth_reply_default(session, partial); } + + session->session_state = SSH_SESSION_STATE_AUTHENTICATED; + session->flags |= SSH_SESSION_FLAG_AUTHENTICATED; if (buffer_add_u8(session->out_buffer,SSH2_MSG_USERAUTH_SUCCESS) < 0) { return SSH_ERROR; |