- andreas@cvs.openbsd.org 2009/10/24 11:13:54
[sshconnect2.c kex.h kex.c] Let the client detect if the server supports roaming by looking for the resume@appgate.com kex algorithm. ok markus@
This commit is contained in:
parent
b7b17be4c0
commit
36331b5d6c
|
@ -4,6 +4,11 @@
|
|||
[roaming.h]
|
||||
Declarations needed for upcoming changes.
|
||||
ok markus@
|
||||
- andreas@cvs.openbsd.org 2009/10/24 11:13:54
|
||||
[sshconnect2.c kex.h kex.c]
|
||||
Let the client detect if the server supports roaming by looking
|
||||
for the resume@appgate.com kex algorithm.
|
||||
ok markus@
|
||||
|
||||
20091226
|
||||
- (tim) [contrib/cygwin/Makefile] Install ssh-copy-id and ssh-copy-id.1
|
||||
|
|
13
kex.c
13
kex.c
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: kex.c,v 1.81 2009/05/27 06:34:36 andreas Exp $ */
|
||||
/* $OpenBSD: kex.c,v 1.82 2009/10/24 11:13:54 andreas Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
|
||||
*
|
||||
|
@ -48,6 +48,7 @@
|
|||
#include "match.h"
|
||||
#include "dispatch.h"
|
||||
#include "monitor.h"
|
||||
#include "roaming.h"
|
||||
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x00907000L
|
||||
# if defined(HAVE_EVP_SHA256)
|
||||
|
@ -386,6 +387,16 @@ kex_choose_conf(Kex *kex)
|
|||
sprop=peer;
|
||||
}
|
||||
|
||||
/* Check whether server offers roaming */
|
||||
if (!kex->server) {
|
||||
char *roaming;
|
||||
roaming = match_list(KEX_RESUME, peer[PROPOSAL_KEX_ALGS], NULL);
|
||||
if (roaming) {
|
||||
kex->roaming = 1;
|
||||
xfree(roaming);
|
||||
}
|
||||
}
|
||||
|
||||
/* Algorithm Negotiation */
|
||||
for (mode = 0; mode < MODE_MAX; mode++) {
|
||||
newkeys = xcalloc(1, sizeof(*newkeys));
|
||||
|
|
4
kex.h
4
kex.h
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: kex.h,v 1.47 2009/05/27 06:34:36 andreas Exp $ */
|
||||
/* $OpenBSD: kex.h,v 1.48 2009/10/24 11:13:54 andreas Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
|
||||
|
@ -36,6 +36,7 @@
|
|||
#define KEX_DH14 "diffie-hellman-group14-sha1"
|
||||
#define KEX_DHGEX_SHA1 "diffie-hellman-group-exchange-sha1"
|
||||
#define KEX_DHGEX_SHA256 "diffie-hellman-group-exchange-sha256"
|
||||
#define KEX_RESUME "resume@appgate.com"
|
||||
|
||||
#define COMP_NONE 0
|
||||
#define COMP_ZLIB 1
|
||||
|
@ -116,6 +117,7 @@ struct Kex {
|
|||
char *name;
|
||||
int hostkey_type;
|
||||
int kex_type;
|
||||
int roaming;
|
||||
Buffer my;
|
||||
Buffer peer;
|
||||
sig_atomic_t done;
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: sshconnect2.c,v 1.172 2009/10/23 01:57:11 djm Exp $ */
|
||||
/* $OpenBSD: sshconnect2.c,v 1.173 2009/10/24 11:13:54 andreas Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2000 Markus Friedl. All rights reserved.
|
||||
* Copyright (c) 2008 Damien Miller. All rights reserved.
|
||||
|
@ -152,6 +152,11 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
|
|||
|
||||
dispatch_run(DISPATCH_BLOCK, &kex->done, kex);
|
||||
|
||||
if (options.use_roaming && !kex->roaming) {
|
||||
debug("Roaming not allowed by server");
|
||||
options.use_roaming = 0;
|
||||
}
|
||||
|
||||
session_id2 = kex->session_id;
|
||||
session_id2_len = kex->session_id_len;
|
||||
|
||||
|
|
Loading…
Reference in New Issue