summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/dh.c2
-rw-r--r--src/ecdh.c10
-rw-r--r--src/pki.c10
-rw-r--r--src/server.c46
4 files changed, 31 insertions, 37 deletions
diff --git a/src/dh.c b/src/dh.c
index c56b42c..254b7c9 100644
--- a/src/dh.c
+++ b/src/dh.c
@@ -828,7 +828,7 @@ int make_sessionid(ssh_session session) {
session->next_crypto->digest_len);
}
#ifdef DEBUG_CRYPTO
- printf("Session hash: ");
+ printf("Session hash: \n");
ssh_print_hexa("secret hash", session->next_crypto->secret_hash, session->next_crypto->digest_len);
ssh_print_hexa("session id", session->next_crypto->session_id, session->next_crypto->digest_len);
#endif
diff --git a/src/ecdh.c b/src/ecdh.c
index 075810a..bd46264 100644
--- a/src/ecdh.c
+++ b/src/ecdh.c
@@ -312,16 +312,6 @@ int ssh_server_ecdh_init(ssh_session session, ssh_buffer packet){
return SSH_ERROR;
}
- /* Free private keys as they should not be readable after this point */
- if (session->srv.rsa_key) {
- ssh_key_free(session->srv.rsa_key);
- session->srv.rsa_key = NULL;
- }
- if (session->srv.dsa_key) {
- ssh_key_free(session->srv.dsa_key);
- session->srv.dsa_key = NULL;
- }
-
ssh_log(session,SSH_LOG_PROTOCOL, "SSH_MSG_KEXDH_REPLY sent");
rc = packet_send(session);
if (rc == SSH_ERROR) {
diff --git a/src/pki.c b/src/pki.c
index a3616c2..1099827 100644
--- a/src/pki.c
+++ b/src/pki.c
@@ -1381,18 +1381,18 @@ ssh_string ssh_srv_pki_do_sign_sessionid(ssh_session session,
if (session == NULL || privkey == NULL || !ssh_key_is_private(privkey)) {
return NULL;
}
- crypto = session->current_crypto ? session->current_crypto :
- session->next_crypto;
+ crypto = session->next_crypto ? session->next_crypto :
+ session->current_crypto;
ctx = sha1_init();
if (ctx == NULL) {
return NULL;
}
- if (crypto->session_id == NULL){
- ssh_set_error(session,SSH_FATAL,"Missing session_id");
+ if (crypto->secret_hash == NULL){
+ ssh_set_error(session,SSH_FATAL,"Missing secret_hash");
return NULL;
}
- sha1_update(ctx, crypto->session_id, crypto->digest_len);
+ sha1_update(ctx, crypto->secret_hash, crypto->digest_len);
sha1_final(hash, ctx);
#ifdef DEBUG_CRYPTO
diff --git a/src/server.c b/src/server.c
index cea3025..5db33ba 100644
--- a/src/server.c
+++ b/src/server.c
@@ -278,22 +278,6 @@ static int dh_handshake_server(ssh_session session) {
return -1;
}
- /* Free private keys as they should not be readable after this point */
- if (session->srv.rsa_key) {
- ssh_key_free(session->srv.rsa_key);
- session->srv.rsa_key = NULL;
- }
- if (session->srv.dsa_key) {
- ssh_key_free(session->srv.dsa_key);
- session->srv.dsa_key = NULL;
- }
-#ifdef HAVE_ECC
- if (session->srv.ecdsa_key) {
- ssh_key_free(session->srv.ecdsa_key);
- session->srv.ecdsa_key = NULL;
- }
-#endif
-
if (buffer_add_u8(session->out_buffer, SSH2_MSG_KEXDH_REPLY) < 0 ||
buffer_add_ssh_string(session->out_buffer,
session->next_crypto->server_pubkey) < 0 ||
@@ -400,6 +384,13 @@ static void ssh_server_connection_callback(ssh_session session){
break;
case SSH_SESSION_STATE_KEXINIT_RECEIVED:
set_status(session,0.6f);
+ if(session->next_crypto->server_kex.methods[0]==NULL){
+ if(server_set_kex(session) == SSH_ERROR)
+ goto error;
+ /* We are in a rekeying, so we need to send the server kex */
+ if(ssh_send_kex(session, 1) < 0)
+ goto error;
+ }
ssh_list_kex(session, &session->next_crypto->client_kex); // log client kex
if (ssh_kex_select_methods(session) < 0) {
goto error;
@@ -429,10 +420,20 @@ static void ssh_server_connection_callback(ssh_session session){
if (session->next_crypto == NULL) {
goto error;
}
- set_status(session,1.0f);
- session->connected = 1;
- session->session_state=SSH_SESSION_STATE_AUTHENTICATING;
- }
+ session->next_crypto->session_id = malloc(session->current_crypto->digest_len);
+ if (session->next_crypto->session_id == NULL) {
+ ssh_set_error_oom(session);
+ goto error;
+ }
+ memcpy(session->next_crypto->session_id, session->current_crypto->session_id,
+ session->current_crypto->digest_len);
+
+ set_status(session,1.0f);
+ session->connected = 1;
+ session->session_state=SSH_SESSION_STATE_AUTHENTICATING;
+ if (session->flags & SSH_SESSION_FLAG_AUTHENTICATED)
+ session->session_state = SSH_SESSION_STATE_AUTHENTICATED;
+ }
break;
case SSH_SESSION_STATE_AUTHENTICATING:
break;
@@ -561,7 +562,7 @@ int ssh_handle_key_exchange(ssh_session session) {
pending:
rc = ssh_handle_packets_termination(session, SSH_TIMEOUT_USER,
ssh_server_kex_termination,session);
- ssh_log(session,SSH_LOG_PACKET, "ssh_handle_key_exchange: Actual state : %d",
+ ssh_log(session,SSH_LOG_PACKET, "ssh_handle_key_exchange: current state : %d",
session->session_state);
if (rc != SSH_OK)
return rc;
@@ -1032,6 +1033,9 @@ int ssh_auth_reply_success(ssh_session session, int partial) {
if (partial) {
return ssh_auth_reply_default(session, partial);
}
+
+ session->session_state = SSH_SESSION_STATE_AUTHENTICATED;
+ session->flags |= SSH_SESSION_FLAG_AUTHENTICATED;
if (buffer_add_u8(session->out_buffer,SSH2_MSG_USERAUTH_SUCCESS) < 0) {
return SSH_ERROR;
generated by cgit (git 2.34.1) at 2024-05-31 22:03:35 +0000