src - OpenBSD base system

diff options


context:
space:
mode:

author	Markus Friedl <markus@cvs.openbsd.org>	2003-02-16 17:09:58 +0000
committer	Markus Friedl <markus@cvs.openbsd.org>	2003-02-16 17:09:58 +0000
commit	52725cc052c8e3c683c9a2a37c806f62af96c935 (patch)
tree	e7d9b22066ddc1e1f2ad1d87509b46308d39af9a /usr.bin
parent	2c4652ebc4632408ae93de2b8e96802680063c04 (diff)

split kex into client and server code, no need to link

server code into the client; ok provos@

Diffstat (limited to 'usr.bin')

-rw-r--r--

usr.bin/ssh/kex.c

-rw-r--r--

usr.bin/ssh/kex.h

-rw-r--r--

usr.bin/ssh/kexdh.c

234

-rw-r--r--

usr.bin/ssh/kexdhc.c

137

-rw-r--r--

usr.bin/ssh/kexdhs.c

138

-rw-r--r--

usr.bin/ssh/kexgex.c

328

-rw-r--r--

usr.bin/ssh/kexgexc.c

189

-rw-r--r--

usr.bin/ssh/kexgexs.c

186

-rw-r--r--

usr.bin/ssh/lib/Makefile

-rw-r--r--

usr.bin/ssh/ssh-keyscan.c

-rw-r--r--

usr.bin/ssh/sshconnect2.c

-rw-r--r--

usr.bin/ssh/sshd.c

12 files changed, 694 insertions, 583 deletions

diff --git a/usr.bin/ssh/kex.c b/usr.bin/ssh/kex.c
index 0a861fb976c..2c1cacfec83 100644
--- a/usr.bin/ssh/kex.c
+++ b/usr.bin/ssh/kex.c

@@ -23,7 +23,7 @@

#include "includes.h"

-RCSID("$OpenBSD: kex.c,v 1.53 2003/02/02 10:56:08 markus Exp $");

+RCSID("$OpenBSD: kex.c,v 1.54 2003/02/16 17:09:57 markus Exp $");

#include <openssl/crypto.h>

@@ -44,11 +44,6 @@ RCSID("$OpenBSD: kex.c,v 1.53 2003/02/02 10:56:08 markus Exp $");

#define KEX_COOKIE_LEN 16

-/* Use privilege separation for sshd */

-int use_privsep;

-struct monitor *pmonitor;

/* prototype */

static void kex_kexinit_finish(Kex *);

static void kex_choose_conf(Kex *);

@@ -237,14 +232,10 @@ kex_kexinit_finish(Kex *kex)

kex_choose_conf(kex);

- switch (kex->kex_type) {

- case DH_GRP1_SHA1:

- kexdh(kex);

- break;

- case DH_GEX_SHA1:

- kexgex(kex);

- break;

- default:

+ if (kex->kex_type >= 0 && kex->kex_type < KEX_MAX &&

+ kex->kex[kex->kex_type] != NULL) {

+ (kex->kex[kex->kex_type])(kex);

+ } else {

fatal("Unsupported key exchange %d", kex->kex_type);

}

@@ -301,9 +292,9 @@ choose_kex(Kex *k, char *client, char *server)

if (k->name == NULL)

fatal("no kex alg");

if (strcmp(k->name, KEX_DH1) == 0) {

- k->kex_type = DH_GRP1_SHA1;

+ k->kex_type = KEX_DH_GRP1_SHA1;

} else if (strcmp(k->name, KEX_DHGEX) == 0) {

- k->kex_type = DH_GEX_SHA1;

+ k->kex_type = KEX_DH_GEX_SHA1;

} else

fatal("bad kex alg %s", k->name);

}

diff --git a/usr.bin/ssh/kex.h b/usr.bin/ssh/kex.h
index 93a529e125b..52d442e9a7d 100644
--- a/usr.bin/ssh/kex.h
+++ b/usr.bin/ssh/kex.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: kex.h,v 1.32 2002/09/09 14:54:14 markus Exp $ */

+/* $OpenBSD: kex.h,v 1.33 2003/02/16 17:09:57 markus Exp $ */

@@ -55,8 +55,9 @@ enum kex_modes {

};

enum kex_exchange {

- DH_GRP1_SHA1,

- DH_GEX_SHA1

+ KEX_DH_GRP1_SHA1,

+ KEX_DH_GEX_SHA1,

+ KEX_MAX

};

#define KEX_INIT_SENT 0x0001

@@ -112,6 +113,7 @@ struct Kex {

int (*verify_host_key)(Key *);

Key *(*load_host_key)(int);

int (*host_key_index)(Key *);

+ void (*kex[KEX_MAX])(Kex *);

};

Kex *kex_setup(char *[PROPOSAL_MAX]);

@@ -121,11 +123,20 @@ void kex_send_kexinit(Kex *);

void kex_input_kexinit(int, u_int32_t, void *);

void kex_derive_keys(Kex *, u_char *, BIGNUM *);

-void kexdh(Kex *);

-void kexgex(Kex *);

Newkeys *kex_get_newkeys(int);

+void kexdh_client(Kex *);

+void kexdh_server(Kex *);

+void kexgex_client(Kex *);

+void kexgex_server(Kex *);

+u_char *

+kex_dh_hash(char *, char *, char *, int, char *, int, u_char *, int,

+ BIGNUM *, BIGNUM *, BIGNUM *);

+u_char *

+kexgex_hash(char *, char *, char *, int, char *, int, u_char *, int,

+ int, int, int, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *);

#if defined(DEBUG_KEX) || defined(DEBUG_KEXDH)

void dump_digest(char *, u_char *, int);

#endif

diff --git a/usr.bin/ssh/kexdh.c b/usr.bin/ssh/kexdh.c
index 1e91e255022..4bbb7d1dba9 100644
--- a/usr.bin/ssh/kexdh.c
+++ b/usr.bin/ssh/kexdh.c

@@ -23,23 +23,16 @@

#include "includes.h"

-RCSID("$OpenBSD: kexdh.c,v 1.18 2002/03/18 17:50:31 provos Exp $");

+RCSID("$OpenBSD: kexdh.c,v 1.19 2003/02/16 17:09:57 markus Exp $");

-#include <openssl/crypto.h>

-#include <openssl/bn.h>

+#include <openssl/evp.h>

-#include "xmalloc.h"

#include "buffer.h"

#include "bufaux.h"

-#include "key.h"

-#include "kex.h"

-#include "log.h"

-#include "packet.h"

-#include "dh.h"

#include "ssh2.h"

-#include "monitor_wrap.h"

+#include "kex.h"

-static u_char *

+u_char *

kex_dh_hash(

char *client_version_string,

char *server_version_string,

@@ -86,222 +79,3 @@ kex_dh_hash(

#endif

return digest;

}

-/* client */

-static void

-kexdh_client(Kex *kex)

- BIGNUM *dh_server_pub = NULL, *shared_secret = NULL;

- DH *dh;

- Key *server_host_key;

- u_char *server_host_key_blob = NULL, *signature = NULL;

- u_char *kbuf, *hash;

- u_int klen, kout, slen, sbloblen;

- /* generate and send 'e', client DH public key */

- dh = dh_new_group1();

- dh_gen_key(dh, kex->we_need * 8);

- packet_start(SSH2_MSG_KEXDH_INIT);

- packet_put_bignum2(dh->pub_key);

- packet_send();

- debug("sending SSH2_MSG_KEXDH_INIT");

-#ifdef DEBUG_KEXDH

- DHparams_print_fp(stderr, dh);

- fprintf(stderr, "pub= ");

- BN_print_fp(stderr, dh->pub_key);

- fprintf(stderr, "\n");

-#endif

- debug("expecting SSH2_MSG_KEXDH_REPLY");

- packet_read_expect(SSH2_MSG_KEXDH_REPLY);

- /* key, cert */

- server_host_key_blob = packet_get_string(&sbloblen);

- server_host_key = key_from_blob(server_host_key_blob, sbloblen);

- if (server_host_key == NULL)

- fatal("cannot decode server_host_key_blob");

- if (server_host_key->type != kex->hostkey_type)

- fatal("type mismatch for decoded server_host_key_blob");

- if (kex->verify_host_key == NULL)

- fatal("cannot verify server_host_key");

- if (kex->verify_host_key(server_host_key) == -1)

- fatal("server_host_key verification failed");

- /* DH paramter f, server public DH key */

- if ((dh_server_pub = BN_new()) == NULL)

- fatal("dh_server_pub == NULL");

- packet_get_bignum2(dh_server_pub);

-#ifdef DEBUG_KEXDH

- fprintf(stderr, "dh_server_pub= ");

- BN_print_fp(stderr, dh_server_pub);

- fprintf(stderr, "\n");

- debug("bits %d", BN_num_bits(dh_server_pub));

-#endif

- /* signed H */

- signature = packet_get_string(&slen);

- packet_check_eom();

- if (!dh_pub_is_valid(dh, dh_server_pub))

- packet_disconnect("bad server public DH value");

- klen = DH_size(dh);

- kbuf = xmalloc(klen);

- kout = DH_compute_key(kbuf, dh_server_pub, dh);

-#ifdef DEBUG_KEXDH

- dump_digest("shared secret", kbuf, kout);

-#endif

- if ((shared_secret = BN_new()) == NULL)

- fatal("kexdh_client: BN_new failed");

- BN_bin2bn(kbuf, kout, shared_secret);

- memset(kbuf, 0, klen);

- xfree(kbuf);

- /* calc and verify H */

- hash = kex_dh_hash(

- kex->client_version_string,

- kex->server_version_string,

- buffer_ptr(&kex->my), buffer_len(&kex->my),

- buffer_ptr(&kex->peer), buffer_len(&kex->peer),

- server_host_key_blob, sbloblen,

- dh->pub_key,

- dh_server_pub,

- shared_secret

- );

- xfree(server_host_key_blob);

- BN_clear_free(dh_server_pub);

- DH_free(dh);

- if (key_verify(server_host_key, signature, slen, hash, 20) != 1)

- fatal("key_verify failed for server_host_key");

- key_free(server_host_key);

- xfree(signature);

- /* save session id */

- if (kex->session_id == NULL) {

- kex->session_id_len = 20;

- kex->session_id = xmalloc(kex->session_id_len);

- memcpy(kex->session_id, hash, kex->session_id_len);

- }

- kex_derive_keys(kex, hash, shared_secret);

- BN_clear_free(shared_secret);

- kex_finish(kex);

-/* server */

-static void

-kexdh_server(Kex *kex)

- BIGNUM *shared_secret = NULL, *dh_client_pub = NULL;

- DH *dh;

- Key *server_host_key;

- u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL;

- u_int sbloblen, klen, kout;

- u_int slen;

- /* generate server DH public key */

- dh = dh_new_group1();

- dh_gen_key(dh, kex->we_need * 8);

- debug("expecting SSH2_MSG_KEXDH_INIT");

- packet_read_expect(SSH2_MSG_KEXDH_INIT);

- if (kex->load_host_key == NULL)

- fatal("Cannot load hostkey");

- server_host_key = kex->load_host_key(kex->hostkey_type);

- if (server_host_key == NULL)

- fatal("Unsupported hostkey type %d", kex->hostkey_type);

- /* key, cert */

- if ((dh_client_pub = BN_new()) == NULL)

- fatal("dh_client_pub == NULL");

- packet_get_bignum2(dh_client_pub);

- packet_check_eom();

-#ifdef DEBUG_KEXDH

- fprintf(stderr, "dh_client_pub= ");

- BN_print_fp(stderr, dh_client_pub);

- fprintf(stderr, "\n");

- debug("bits %d", BN_num_bits(dh_client_pub));

-#endif

-#ifdef DEBUG_KEXDH

- DHparams_print_fp(stderr, dh);

- fprintf(stderr, "pub= ");

- BN_print_fp(stderr, dh->pub_key);

- fprintf(stderr, "\n");

-#endif

- if (!dh_pub_is_valid(dh, dh_client_pub))

- packet_disconnect("bad client public DH value");

- klen = DH_size(dh);

- kbuf = xmalloc(klen);

- kout = DH_compute_key(kbuf, dh_client_pub, dh);

-#ifdef DEBUG_KEXDH

- dump_digest("shared secret", kbuf, kout);

-#endif

- if ((shared_secret = BN_new()) == NULL)

- fatal("kexdh_server: BN_new failed");

- BN_bin2bn(kbuf, kout, shared_secret);

- memset(kbuf, 0, klen);

- xfree(kbuf);

- key_to_blob(server_host_key, &server_host_key_blob, &sbloblen);

- /* calc H */

- hash = kex_dh_hash(

- kex->client_version_string,

- kex->server_version_string,

- buffer_ptr(&kex->peer), buffer_len(&kex->peer),

- buffer_ptr(&kex->my), buffer_len(&kex->my),

- server_host_key_blob, sbloblen,

- dh_client_pub,

- dh->pub_key,

- shared_secret

- );

- BN_clear_free(dh_client_pub);

- /* save session id := H */

- /* XXX hashlen depends on KEX */

- if (kex->session_id == NULL) {

- kex->session_id_len = 20;

- kex->session_id = xmalloc(kex->session_id_len);

- memcpy(kex->session_id, hash, kex->session_id_len);

- }

- /* sign H */

- /* XXX hashlen depends on KEX */

- PRIVSEP(key_sign(server_host_key, &signature, &slen, hash, 20));

- /* destroy_sensitive_data(); */

- /* send server hostkey, DH pubkey 'f' and singed H */

- packet_start(SSH2_MSG_KEXDH_REPLY);

- packet_put_string(server_host_key_blob, sbloblen);

- packet_put_bignum2(dh->pub_key); /* f */

- packet_put_string(signature, slen);

- packet_send();

- xfree(signature);

- xfree(server_host_key_blob);

- /* have keys, free DH */

- DH_free(dh);

- kex_derive_keys(kex, hash, shared_secret);

- BN_clear_free(shared_secret);

- kex_finish(kex);

-void

-kexdh(Kex *kex)

- if (kex->server)

- kexdh_server(kex);

- else

- kexdh_client(kex);

diff --git a/usr.bin/ssh/kexdhc.c b/usr.bin/ssh/kexdhc.c
new file mode 100644
index 00000000000..fe6dc53f859
--- /dev/null
+++ b/usr.bin/ssh/kexdhc.c

@@ -0,0 +1,137 @@

+/*

+ *

+ * Redistribution and use in source and binary forms, with or without

+ * modification, are permitted provided that the following conditions

+ * are met:

+ * 1. Redistributions of source code must retain the above copyright

+ * notice, this list of conditions and the following disclaimer.

+ * 2. Redistributions in binary form must reproduce the above copyright

+ * notice, this list of conditions and the following disclaimer in the

+ * documentation and/or other materials provided with the distribution.

+ *

+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR

+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES

+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.

+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,

+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT

+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,

+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY

+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT

+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF

+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

+ */

+#include "includes.h"

+RCSID("$OpenBSD: kexdhc.c,v 1.1 2003/02/16 17:09:57 markus Exp $");

+#include "xmalloc.h"

+#include "key.h"

+#include "kex.h"

+#include "log.h"

+#include "packet.h"

+#include "dh.h"

+#include "ssh2.h"

+void

+kexdh_client(Kex *kex)

+ BIGNUM *dh_server_pub = NULL, *shared_secret = NULL;

+ DH *dh;

+ Key *server_host_key;

+ u_char *server_host_key_blob = NULL, *signature = NULL;

+ u_char *kbuf, *hash;

+ u_int klen, kout, slen, sbloblen;

+ /* generate and send 'e', client DH public key */

+ dh = dh_new_group1();

+ dh_gen_key(dh, kex->we_need * 8);

+ packet_start(SSH2_MSG_KEXDH_INIT);

+ packet_put_bignum2(dh->pub_key);

+ packet_send();

+ debug("sending SSH2_MSG_KEXDH_INIT");

+#ifdef DEBUG_KEXDH

+ DHparams_print_fp(stderr, dh);

+ fprintf(stderr, "pub= ");

+ BN_print_fp(stderr, dh->pub_key);

+ fprintf(stderr, "\n");

+#endif

+ debug("expecting SSH2_MSG_KEXDH_REPLY");

+ packet_read_expect(SSH2_MSG_KEXDH_REPLY);

+ /* key, cert */

+ server_host_key_blob = packet_get_string(&sbloblen);

+ server_host_key = key_from_blob(server_host_key_blob, sbloblen);

+ if (server_host_key == NULL)

+ fatal("cannot decode server_host_key_blob");

+ if (server_host_key->type != kex->hostkey_type)

+ fatal("type mismatch for decoded server_host_key_blob");

+ if (kex->verify_host_key == NULL)

+ fatal("cannot verify server_host_key");

+ if (kex->verify_host_key(server_host_key) == -1)

+ fatal("server_host_key verification failed");

+ /* DH paramter f, server public DH key */

+ if ((dh_server_pub = BN_new()) == NULL)

+ fatal("dh_server_pub == NULL");

+ packet_get_bignum2(dh_server_pub);

+#ifdef DEBUG_KEXDH

+ fprintf(stderr, "dh_server_pub= ");

+ BN_print_fp(stderr, dh_server_pub);

+ fprintf(stderr, "\n");

+ debug("bits %d", BN_num_bits(dh_server_pub));

+#endif

+ /* signed H */

+ signature = packet_get_string(&slen);

+ packet_check_eom();

+ if (!dh_pub_is_valid(dh, dh_server_pub))

+ packet_disconnect("bad server public DH value");

+ klen = DH_size(dh);

+ kbuf = xmalloc(klen);

+ kout = DH_compute_key(kbuf, dh_server_pub, dh);

+#ifdef DEBUG_KEXDH

+ dump_digest("shared secret", kbuf, kout);

+#endif

+ if ((shared_secret = BN_new()) == NULL)

+ fatal("kexdh_client: BN_new failed");

+ BN_bin2bn(kbuf, kout, shared_secret);

+ memset(kbuf, 0, klen);

+ xfree(kbuf);

+ /* calc and verify H */

+ hash = kex_dh_hash(

+ kex->client_version_string,

+ kex->server_version_string,

+ buffer_ptr(&kex->my), buffer_len(&kex->my),

+ buffer_ptr(&kex->peer), buffer_len(&kex->peer),

+ server_host_key_blob, sbloblen,

+ dh->pub_key,

+ dh_server_pub,

+ shared_secret

+ );

+ xfree(server_host_key_blob);

+ BN_clear_free(dh_server_pub);

+ DH_free(dh);

+ if (key_verify(server_host_key, signature, slen, hash, 20) != 1)

+ fatal("key_verify failed for server_host_key");

+ key_free(server_host_key);

+ xfree(signature);

+ /* save session id */

+ if (kex->session_id == NULL) {

+ kex->session_id_len = 20;

+ kex->session_id = xmalloc(kex->session_id_len);

+ memcpy(kex->session_id, hash, kex->session_id_len);

+ }

+ kex_derive_keys(kex, hash, shared_secret);

+ BN_clear_free(shared_secret);

+ kex_finish(kex);

diff --git a/usr.bin/ssh/kexdhs.c b/usr.bin/ssh/kexdhs.c
new file mode 100644
index 00000000000..f04bce8255c
--- /dev/null
+++ b/usr.bin/ssh/kexdhs.c

@@ -0,0 +1,138 @@