aboutsummaryrefslogtreecommitdiff
path: root/src/packet_cb.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/packet_cb.c')
-rw-r--r--src/packet_cb.c37
1 files changed, 33 insertions, 4 deletions
diff --git a/src/packet_cb.c b/src/packet_cb.c
index 4fe6402a..0024b72a 100644
--- a/src/packet_cb.c
+++ b/src/packet_cb.c
@@ -93,12 +93,14 @@ SSH_PACKET_CALLBACK(ssh_packet_ignore_callback){
}
SSH_PACKET_CALLBACK(ssh_packet_dh_reply){
+ enum ssh_dh_state_e dh_handshake_state = DH_STATE_NEWKEYS_SENT;
int rc;
(void)type;
(void)user;
- SSH_LOG(SSH_LOG_PROTOCOL,"Received SSH_KEXDH_REPLY");
+ SSH_LOG(SSH_LOG_PROTOCOL,"Received SSH_MSG_KEXDH_REPLY");
if (session->session_state != SSH_SESSION_STATE_DH ||
- session->dh_handshake_state != DH_STATE_INIT_SENT){
+ (session->dh_handshake_state != DH_STATE_GEX_REQUEST_SENT ||
+ session->dh_handshake_state != DH_STATE_INIT_SENT)){
ssh_set_error(session,SSH_FATAL,"ssh_packet_dh_reply called in wrong state : %d:%d",
session->session_state,session->dh_handshake_state);
goto error;
@@ -106,7 +108,12 @@ SSH_PACKET_CALLBACK(ssh_packet_dh_reply){
switch(session->next_crypto->kex_type){
case SSH_KEX_DH_GROUP1_SHA1:
case SSH_KEX_DH_GROUP14_SHA1:
- rc=ssh_client_dh_reply(session, packet);
+ rc = ssh_client_dh_reply(session, packet);
+ break;
+ case SSH_KEX_DH_GROUP_SHA1:
+ case SSH_KEX_DH_GROUP_SHA256:
+ rc = ssh_client_dh_gex_reply(session, packet);
+ dh_handshake_state = DH_STATE_INIT_SENT;
break;
#ifdef HAVE_ECDH
case SSH_KEX_ECDH_SHA2_NISTP256:
@@ -123,7 +130,7 @@ SSH_PACKET_CALLBACK(ssh_packet_dh_reply){
goto error;
}
if(rc==SSH_OK) {
- session->dh_handshake_state = DH_STATE_NEWKEYS_SENT;
+ session->dh_handshake_state = dh_handshake_state;
return SSH_PACKET_USED;
}
error:
@@ -131,6 +138,28 @@ error:
return SSH_PACKET_USED;
}
+SSH_PACKET_CALLBACK(ssh_packet_dh_gex_reply)
+{
+ int rc;
+ (void)type;
+ (void)user;
+ SSH_LOG(SSH_LOG_PROTOCOL,"Received SSH2_MSG_KEX_DH_GEX_REPLY");
+ if (session->session_state!= SSH_SESSION_STATE_DH &&
+ session->dh_handshake_state != DH_STATE_INIT_SENT) {
+ ssh_set_error(session,SSH_FATAL,"ssh_packet_dh_gex_reply called in wrong state : %d:%d",
+ session->session_state,session->dh_handshake_state);
+ goto error;
+ }
+ rc = ssh_client_dh_reply(session, packet);
+ if (rc == SSH_OK) {
+ session->dh_handshake_state = DH_STATE_NEWKEYS_SENT;
+ return SSH_PACKET_USED;
+ }
+error:
+ session->session_state = SSH_SESSION_STATE_ERROR;
+ return SSH_PACKET_USED;
+}
+
SSH_PACKET_CALLBACK(ssh_packet_newkeys){
ssh_string sig_blob = NULL;
int rc;