diff options
| author | Andreas Gunnarsson <andreas@cvs.openbsd.org> | 2009-10-24 11:13:55 +0000 |
|---|---|---|
| committer | Andreas Gunnarsson <andreas@cvs.openbsd.org> | 2009-10-24 11:13:55 +0000 |
| commit | e4134ba32930da714d7b5b73be87ff8303cb872a (patch) | |
| tree | 9ef77c969a5284069702b64fd5165f823869bb2f /usr.bin | |
| parent | 554435969f9a5148bbff1261bfd518da82f23f2f (diff) | |
Let the client detect if the server supports roaming by looking
for the resume@appgate.com kex algorithm.
ok markus@
Diffstat (limited to 'usr.bin')
| -rw-r--r-- | usr.bin/ssh/kex.c | 13 | ||||
| -rw-r--r-- | usr.bin/ssh/kex.h | 4 | ||||
| -rw-r--r-- | usr.bin/ssh/sshconnect2.c | 7 |
3 files changed, 21 insertions, 3 deletions
diff --git a/usr.bin/ssh/kex.c b/usr.bin/ssh/kex.c index 9e2a81242e5..e7bd7a48a9f 100644 --- a/usr.bin/ssh/kex.c +++ b/usr.bin/ssh/kex.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.c,v 1.81 2009/05/27 06:34:36 andreas Exp $ */ +/* $OpenBSD: kex.c,v 1.82 2009/10/24 11:13:54 andreas Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * @@ -45,6 +45,7 @@ #include "match.h" #include "dispatch.h" #include "monitor.h" +#include "roaming.h" /* prototype */ static void kex_kexinit_finish(Kex *); @@ -373,6 +374,16 @@ kex_choose_conf(Kex *kex) sprop=peer; } + /* Check whether server offers roaming */ + if (!kex->server) { + char *roaming; + roaming = match_list(KEX_RESUME, peer[PROPOSAL_KEX_ALGS], NULL); + if (roaming) { + kex->roaming = 1; + xfree(roaming); + } + } + /* Algorithm Negotiation */ for (mode = 0; mode < MODE_MAX; mode++) { newkeys = xcalloc(1, sizeof(*newkeys)); diff --git a/usr.bin/ssh/kex.h b/usr.bin/ssh/kex.h index ba2529925be..6f904186567 100644 --- a/usr.bin/ssh/kex.h +++ b/usr.bin/ssh/kex.h @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.h,v 1.47 2009/05/27 06:34:36 andreas Exp $ */ +/* $OpenBSD: kex.h,v 1.48 2009/10/24 11:13:54 andreas Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -35,6 +35,7 @@ #define KEX_DH14 "diffie-hellman-group14-sha1" #define KEX_DHGEX_SHA1 "diffie-hellman-group-exchange-sha1" #define KEX_DHGEX_SHA256 "diffie-hellman-group-exchange-sha256" +#define KEX_RESUME "resume@appgate.com" #define COMP_NONE 0 #define COMP_ZLIB 1 @@ -115,6 +116,7 @@ struct Kex { char *name; int hostkey_type; int kex_type; + int roaming; Buffer my; Buffer peer; sig_atomic_t done; diff --git a/usr.bin/ssh/sshconnect2.c b/usr.bin/ssh/sshconnect2.c index cb0ce0915e2..0445a0fb0e6 100644 --- a/usr.bin/ssh/sshconnect2.c +++ b/usr.bin/ssh/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.172 2009/10/23 01:57:11 djm Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.173 2009/10/24 11:13:54 andreas Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -146,6 +146,11 @@ ssh_kex2(char *host, struct sockaddr *hostaddr) dispatch_run(DISPATCH_BLOCK, &kex->done, kex); + if (options.use_roaming && !kex->roaming) { + debug("Roaming not allowed by server"); + options.use_roaming = 0; + } + session_id2 = kex->session_id; session_id2_len = kex->session_id_len; |