diff options
Diffstat (limited to 'src/packet_cb.c')
-rw-r--r-- | src/packet_cb.c | 37 |
1 files changed, 33 insertions, 4 deletions
diff --git a/src/packet_cb.c b/src/packet_cb.c index 4fe6402a..0024b72a 100644 --- a/src/packet_cb.c +++ b/src/packet_cb.c @@ -93,12 +93,14 @@ SSH_PACKET_CALLBACK(ssh_packet_ignore_callback){ } SSH_PACKET_CALLBACK(ssh_packet_dh_reply){ + enum ssh_dh_state_e dh_handshake_state = DH_STATE_NEWKEYS_SENT; int rc; (void)type; (void)user; - SSH_LOG(SSH_LOG_PROTOCOL,"Received SSH_KEXDH_REPLY"); + SSH_LOG(SSH_LOG_PROTOCOL,"Received SSH_MSG_KEXDH_REPLY"); if (session->session_state != SSH_SESSION_STATE_DH || - session->dh_handshake_state != DH_STATE_INIT_SENT){ + (session->dh_handshake_state != DH_STATE_GEX_REQUEST_SENT || + session->dh_handshake_state != DH_STATE_INIT_SENT)){ ssh_set_error(session,SSH_FATAL,"ssh_packet_dh_reply called in wrong state : %d:%d", session->session_state,session->dh_handshake_state); goto error; @@ -106,7 +108,12 @@ SSH_PACKET_CALLBACK(ssh_packet_dh_reply){ switch(session->next_crypto->kex_type){ case SSH_KEX_DH_GROUP1_SHA1: case SSH_KEX_DH_GROUP14_SHA1: - rc=ssh_client_dh_reply(session, packet); + rc = ssh_client_dh_reply(session, packet); + break; + case SSH_KEX_DH_GROUP_SHA1: + case SSH_KEX_DH_GROUP_SHA256: + rc = ssh_client_dh_gex_reply(session, packet); + dh_handshake_state = DH_STATE_INIT_SENT; break; #ifdef HAVE_ECDH case SSH_KEX_ECDH_SHA2_NISTP256: @@ -123,7 +130,7 @@ SSH_PACKET_CALLBACK(ssh_packet_dh_reply){ goto error; } if(rc==SSH_OK) { - session->dh_handshake_state = DH_STATE_NEWKEYS_SENT; + session->dh_handshake_state = dh_handshake_state; return SSH_PACKET_USED; } error: @@ -131,6 +138,28 @@ error: return SSH_PACKET_USED; } +SSH_PACKET_CALLBACK(ssh_packet_dh_gex_reply) +{ + int rc; + (void)type; + (void)user; + SSH_LOG(SSH_LOG_PROTOCOL,"Received SSH2_MSG_KEX_DH_GEX_REPLY"); + if (session->session_state!= SSH_SESSION_STATE_DH && + session->dh_handshake_state != DH_STATE_INIT_SENT) { + ssh_set_error(session,SSH_FATAL,"ssh_packet_dh_gex_reply called in wrong state : %d:%d", + session->session_state,session->dh_handshake_state); + goto error; + } + rc = ssh_client_dh_reply(session, packet); + if (rc == SSH_OK) { + session->dh_handshake_state = DH_STATE_NEWKEYS_SENT; + return SSH_PACKET_USED; + } +error: + session->session_state = SSH_SESSION_STATE_ERROR; + return SSH_PACKET_USED; +} + SSH_PACKET_CALLBACK(ssh_packet_newkeys){ ssh_string sig_blob = NULL; int rc; |