Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / 0a843d9a0e805f14653a555f5c7a8ba99d62c12d^! / . / kex.h
commit0a843d9a0e805f14653a555f5c7a8ba99d62c12d[log] [tgz]
authordjm@openbsd.org <djm@openbsd.org>Thu Dec 27 03:25:24 2018 +0000
committerDamien Miller <djm@mindrot.org>Thu Dec 27 14:38:22 2018 +1100
tree481f36e9fd1918be5449e369a97c086a1a8d2432
parent434b587afe41c19391821e7392005068fda76248 [diff] [blame]
upstream: move client/server SSH-* banners to buffers under

ssh->kex and factor out the banner exchange. This eliminates some common code
from the client and server.

Also be more strict about handling \r characters - these should only
be accepted immediately before \n (pointed out by Jann Horn).

Inspired by a patch from Markus Schmidt.
(lots of) feedback and ok markus@

OpenBSD-Commit-ID: 1cc7885487a6754f63641d7d3279b0941890275b

diff --git a/kex.h b/kex.h
index 0f67f58..9ba8609 100644
--- a/kex.h
+++ b/kex.h

@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.h,v 1.92 2018/12/07 03:39:40 djm Exp $ */
+/* $OpenBSD: kex.h,v 1.93 2018/12/27 03:25:25 djm Exp $ */
 
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
@@ -145,12 +145,12 @@
 	int	ext_info_c;
 	struct sshbuf *my;
 	struct sshbuf *peer;
+	struct sshbuf *client_version;
+	struct sshbuf *server_version;
 	sig_atomic_t done;
 	u_int	flags;
 	int	hash_alg;
 	int	ec_nid;
-	char	*client_version_string;
-	char	*server_version_string;
 	char	*failed_choice;
 	int	(*verify_host_key)(struct sshkey *, struct ssh *);
 	struct sshkey *(*load_host_public_key)(int, int, struct ssh *);
@@ -173,7 +173,10 @@
 char	*kex_names_cat(const char *, const char *);
 int	 kex_assemble_names(char **, const char *, const char *);
 
-int	 kex_new(struct ssh *, char *[PROPOSAL_MAX], struct kex **);
+int	 kex_exchange_identification(struct ssh *, int, const char *);
+
+struct kex *kex_new(void);
+int	 kex_ready(struct ssh *, char *[PROPOSAL_MAX]);
 int	 kex_setup(struct ssh *, char *[PROPOSAL_MAX]);
 void	 kex_free_newkeys(struct newkeys *);
 void	 kex_free(struct kex *);
@@ -199,22 +202,23 @@
 int	 kexc25519_client(struct ssh *);
 int	 kexc25519_server(struct ssh *);
 
-int	 kex_dh_hash(int, const char *, const char *,
+int	 kex_dh_hash(int, const struct sshbuf *, const struct sshbuf *,
     const u_char *, size_t, const u_char *, size_t, const u_char *, size_t,
     const BIGNUM *, const BIGNUM *, const BIGNUM *, u_char *, size_t *);
 
-int	 kexgex_hash(int, const char *, const char *,
+int	 kexgex_hash(int, const struct sshbuf *, const struct sshbuf *,
     const u_char *, size_t, const u_char *, size_t, const u_char *, size_t,
     int, int, int,
     const BIGNUM *, const BIGNUM *, const BIGNUM *,
     const BIGNUM *, const BIGNUM *,
     u_char *, size_t *);
 
-int kex_ecdh_hash(int, const EC_GROUP *, const char *, const char *,
+int kex_ecdh_hash(int, const EC_GROUP *,
+    const struct sshbuf *, const struct sshbuf *,
     const u_char *, size_t, const u_char *, size_t, const u_char *, size_t,
     const EC_POINT *, const EC_POINT *, const BIGNUM *, u_char *, size_t *);
 
-int	 kex_c25519_hash(int, const char *, const char *,
+int	 kex_c25519_hash(int, const struct sshbuf *, const struct sshbuf *,
     const u_char *, size_t, const u_char *, size_t,
     const u_char *, size_t, const u_char *, const u_char *,
     const u_char *, size_t, u_char *, size_t *);