From f28f634a3ab81669c21fb078565c84410653b8b7 Mon Sep 17 00:00:00 2001
From: Ben Lindstrom <mouring@eviladmin.org>
Date: Wed, 4 Apr 2001 02:03:04 +0000
Subject: [PATCH] - markus@cvs.openbsd.org 2001/04/04 00:06:54
[clientloop.c sshconnect2.c] enable client rekeying (1) force
rekeying with ~R, or (2) if the server requests rekeying. works
against ssh-2.0.12/2.0.13/2.1.0/2.2.0/2.3.0/2.3.1/2.4.0
---
ChangeLog | 8 +++++++-
clientloop.c | 18 +++++++++++++++---
sshconnect2.c | 6 +++++-
3 files changed, 27 insertions(+), 5 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index df0829962..4b3c1f3d6 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -19,6 +19,12 @@
need dispatch-callbacks, since application data is delayed until
the keyexchange completes (if i understand the drafts correctly).
add some infrastructure for re-keying.
+ - markus@cvs.openbsd.org 2001/04/04 00:06:54
+ [clientloop.c sshconnect2.c]
+ enable client rekeying
+ (1) force rekeying with ~R, or
+ (2) if the server requests rekeying.
+ works against ssh-2.0.12/2.0.13/2.1.0/2.2.0/2.3.0/2.3.1/2.4.0
20010403
- OpenBSD CVS Sync
@@ -4829,4 +4835,4 @@
- Wrote replacements for strlcpy and mkdtemp
- Released 1.0pre1
-$Id: ChangeLog,v 1.1052 2001/04/04 02:00:54 mouring Exp $
+$Id: ChangeLog,v 1.1053 2001/04/04 02:03:04 mouring Exp $
diff --git a/clientloop.c b/clientloop.c
index 4805f3c83..1ed245e22 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -59,7 +59,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: clientloop.c,v 1.53 2001/03/06 01:08:27 millert Exp $");
+RCSID("$OpenBSD: clientloop.c,v 1.54 2001/04/04 00:06:53 markus Exp $");
#include "ssh.h"
#include "ssh1.h"
@@ -73,6 +73,7 @@ RCSID("$OpenBSD: clientloop.c,v 1.53 2001/03/06 01:08:27 millert Exp $");
#include "buffer.h"
#include "bufaux.h"
#include "key.h"
+#include "kex.h"
#include "log.h"
#include "readconf.h"
#include "clientloop.h"
@@ -130,6 +131,9 @@ static int connection_out; /* Connection to server (output). */
void client_init_dispatch(void);
int session_ident = -1;
+/*XXX*/
+extern Kex *xxx_kex;
+
/* Returns the user\'s terminal to normal mode if it had been put in raw mode. */
void
@@ -548,6 +552,11 @@ process_escapes(Buffer *bin, Buffer *bout, Buffer *berr, char *buf, int len)
/* We have been continued. */
continue;
+ case 'R':
+ debug("Rekeying");
+ kex_send_kexinit(xxx_kex);
+ continue;
+
case '&':
/* XXX does not work yet with proto 2 */
if (compat20)
@@ -762,7 +771,7 @@ client_process_output(fd_set * writeset)
void
client_process_buffered_input_packets(void)
{
- dispatch_run(DISPATCH_NONBLOCK, &quit_pending, NULL);
+ dispatch_run(DISPATCH_NONBLOCK, &quit_pending, compat20 ? xxx_kex : NULL);
}
/* scan buf[] for '~' before sending data to the peer */
@@ -1196,7 +1205,10 @@ client_input_channel_req(int type, int plen, void *ctxt)
void
client_init_dispatch_20(void)
{
- dispatch_init(&dispatch_protocol_error);
+ int i;
+ /* dispatch_init(&dispatch_protocol_error); */
+ for (i = 50; i <= 254; i++)
+ dispatch_set(i, &dispatch_protocol_error);
dispatch_set(SSH2_MSG_CHANNEL_CLOSE, &channel_input_oclose);
dispatch_set(SSH2_MSG_CHANNEL_DATA, &channel_input_data);
dispatch_set(SSH2_MSG_CHANNEL_EOF, &channel_input_ieof);
diff --git a/sshconnect2.c b/sshconnect2.c
index dd3f36b57..1c52231b9 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -23,7 +23,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.62 2001/04/03 23:32:12 markus Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.63 2001/04/04 00:06:54 markus Exp $");
#include <openssl/bn.h>
#include <openssl/md5.h>
@@ -69,6 +69,8 @@ int session_id2_len = 0;
char *xxx_host;
struct sockaddr *xxx_hostaddr;
+Kex *xxx_kex = NULL;
+
int
check_host_key_callback(Key *hostkey)
{
@@ -114,6 +116,8 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
kex->server_version_string=server_version_string;
kex->check_host_key=&check_host_key_callback;
+ xxx_kex = kex;
+
/* start key exchange */
dispatch_run(DISPATCH_BLOCK, &kex->newkeys, kex);