lib/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2025-12-20 06:58:48 +03:00
Code Activity

SSH1: fix kex bugs introduced in refactoring

Browse Source
This commit is contained in:
Aris Adamantiadis
2011-09-14 22:21:43 +02:00
parent af225e68cb
commit 714aeca91f
1 changed files with 28 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
src/kex1.c
View File

@@ -86,6 +86,13 @@ static int build_session_id1(ssh_session session, ssh_string servern,
md5_update(md5,ssh_string_data(hostn),ssh_string_len(hostn)); md5_update(md5,ssh_string_data(hostn),ssh_string_len(hostn));
md5_update(md5,ssh_string_data(servern),ssh_string_len(servern)); md5_update(md5,ssh_string_data(servern),ssh_string_len(servern));
md5_update(md5,session->server_kex.cookie,8); md5_update(md5,session->server_kex.cookie,8);
if(session->next_crypto->session_id != NULL)
SAFE_FREE(session->next_crypto->session_id);
session->next_crypto->session_id = malloc(MD5_DIGEST_LEN);
if(session->next_crypto->session_id == NULL){
ssh_set_error_oom(session);
return SSH_ERROR;
}
md5_final(session->next_crypto->session_id,md5); md5_final(session->next_crypto->session_id,md5);
#ifdef DEBUG_CRYPTO #ifdef DEBUG_CRYPTO
ssh_print_hexa("session_id",session->next_crypto->session_id,MD5_DIGEST_LEN); ssh_print_hexa("session_id",session->next_crypto->session_id,MD5_DIGEST_LEN);
@@ -196,11 +203,31 @@ static ssh_string encrypt_session_key(ssh_session session, ssh_public_key srvkey
int i; int i;
ssh_string data1 = NULL; ssh_string data1 = NULL;
ssh_string data2 = NULL; ssh_string data2 = NULL;
if(session->next_crypto->encryptkey != NULL)
SAFE_FREE(session->next_crypto->encryptkey);
if(session->next_crypto->decryptkey != NULL)
SAFE_FREE(session->next_crypto->decryptkey);
if(session->next_crypto->encryptIV != NULL)
SAFE_FREE(session->next_crypto->encryptIV);
if(session->next_crypto->decryptIV != NULL)
SAFE_FREE(session->next_crypto->decryptIV);
session->next_crypto->encryptkey = malloc(32);
session->next_crypto->decryptkey = malloc(32);
session->next_crypto->encryptIV = malloc(32);
session->next_crypto->decryptIV = malloc(32);
if(session->next_crypto->encryptkey == NULL ||
session->next_crypto->decryptkey == NULL ||
session->next_crypto->encryptIV == NULL ||
session->next_crypto->decryptIV == NULL){
ssh_set_error_oom(session);
return NULL;
}
/* first, generate a session key */ /* first, generate a session key */
ssh_get_random(session->next_crypto->encryptkey, 32, 1); ssh_get_random(session->next_crypto->encryptkey, 32, 1);
memcpy(buffer, session->next_crypto->encryptkey, 32); memcpy(buffer, session->next_crypto->encryptkey, 32);
memcpy(session->next_crypto->decryptkey, session->next_crypto->encryptkey, 32); memcpy(session->next_crypto->decryptkey, session->next_crypto->encryptkey, 32);
memset(session->next_crypto->encryptIV, 0, 32);
memset(session->next_crypto->decryptIV, 0, 32);
#ifdef DEBUG_CRYPTO #ifdef DEBUG_CRYPTO
ssh_print_hexa("session key",buffer,32); ssh_print_hexa("session key",buffer,32);