shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-09 09:54:25 +09:00
Code Issues Packages Projects Releases Wiki Activity

Add return value and error checks to make_sessionid().

Browse Source 
git-svn-id: svn+ssh://svn.berlios.de/svnroot/repos/libssh/trunk@418 7dcaeef0-15fb-0310-b436-a5af3365683c
This commit is contained in:
Andreas Schneider
2009-04-07 18:38:09 +00:00
parent 1e52650dbf
commit 323ee63a1d
4 changed files with 143 additions and 75 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
include/libssh/priv.h
View File

@@ -530,7 +530,7 @@ void dh_import_f(SSH_SESSION *session,STRING *f_string);
void dh_import_e(SSH_SESSION *session, STRING *e_string); void dh_import_e(SSH_SESSION *session, STRING *e_string);
void dh_import_pubkey(SSH_SESSION *session,STRING *pubkey_string); void dh_import_pubkey(SSH_SESSION *session,STRING *pubkey_string);
void dh_build_k(SSH_SESSION *session); void dh_build_k(SSH_SESSION *session);
void make_sessionid(SSH_SESSION *session); int make_sessionid(SSH_SESSION *session);
/* add data for the final cookie */ /* add data for the final cookie */
void hashbufin_add_cookie(SSH_SESSION *session,unsigned char *cookie); void hashbufin_add_cookie(SSH_SESSION *session,unsigned char *cookie);
void hashbufout_add_cookie(SSH_SESSION *session); void hashbufout_add_cookie(SSH_SESSION *session);

6
libssh/client.c
View File

@@ -212,7 +212,11 @@ static int dh_handshake(SSH_SESSION *session){
return ret; return ret;
} }
ssh_log(session, SSH_LOG_RARE, "Got SSH_MSG_NEWKEYS\n"); ssh_log(session, SSH_LOG_RARE, "Got SSH_MSG_NEWKEYS\n");
make_sessionid(session); ret = make_sessionid(session);
if (ret != SSH_OK) {
leave_function();
return SSH_ERROR;
}
/* set the cryptographic functions for the next crypto */ /* set the cryptographic functions for the next crypto */
/* (it is needed for generate_session_keys for key lenghts) */ /* (it is needed for generate_session_keys for key lenghts) */
if(crypt_set_algorithms(session)){ if(crypt_set_algorithms(session)){

206
libssh/dh.c
View File

@@ -356,88 +356,150 @@ static void sha_add(STRING *str,SHACTX ctx){
} }
*/ */
/* TODO FIXME add memory checking and a return value */ int make_sessionid(SSH_SESSION *session) {
void make_sessionid(SSH_SESSION *session){ SHACTX ctx;
SHACTX ctx; STRING *num = NULL;
STRING *num,*str; STRING *str = NULL;
BUFFER *server_hash, *client_hash; BUFFER *server_hash = NULL;
BUFFER *buf=buffer_new(); BUFFER *client_hash = NULL;
u32 len; BUFFER *buf = NULL;
enter_function(); u32 len;
int rc = SSH_ERROR;
ctx = sha1_init(); enter_function();
if (ctx == NULL) {
return;
}
str=string_from_char(session->clientbanner); ctx = sha1_init();
buffer_add_ssh_string(buf,str); if (ctx == NULL) {
//sha_add(str,ctx); return rc;
free(str); }
str=string_from_char(session->serverbanner); buf = buffer_new();
buffer_add_ssh_string(buf,str); if (buf == NULL) {
//sha_add(str,ctx); return rc;
free(str); }
if(session->client){
server_hash=session->in_hashbuf;
client_hash=session->out_hashbuf;
} else{
server_hash=session->out_hashbuf;
client_hash=session->in_hashbuf;
}
buffer_add_u32(server_hash,0);
buffer_add_u8(server_hash,0);
buffer_add_u32(client_hash,0);
buffer_add_u8(client_hash,0);
len=ntohl(buffer_get_len(client_hash)); str = string_from_char(session->clientbanner);
//sha1_update(ctx,&len,4); if (str == NULL) {
buffer_add_u32(buf,len); goto error;
buffer_add_data(buf,buffer_get(client_hash),buffer_get_len(client_hash)); }
//sha1_update(ctx,buffer_get(client_hash),buffer_get_len(client_hash));
buffer_free(client_hash);
len=ntohl(buffer_get_len(server_hash)); if (buffer_add_ssh_string(buf, str) < 0) {
buffer_add_u32(buf,len); goto error;
//sha1_update(ctx,&len,4); }
string_free(str);
str = string_from_char(session->serverbanner);
if (str == NULL) {
goto error;
}
if (buffer_add_ssh_string(buf, str) < 0) {
goto error;
}
if (session->client) {
server_hash = session->in_hashbuf;
client_hash = session->out_hashbuf;
} else {
server_hash = session->out_hashbuf;
client_hash = session->in_hashbuf;
}
if (buffer_add_u32(server_hash, 0) < 0) {
goto error;
}
if (buffer_add_u8(server_hash, 0) < 0) {
goto error;
}
if (buffer_add_u32(client_hash, 0) < 0) {
goto error;
}
if (buffer_add_u8(client_hash, 0) < 0) {
goto error;
}
len = ntohl(buffer_get_len(client_hash));
if (buffer_add_u32(buf,len) < 0) {
goto error;
}
if (buffer_add_data(buf, buffer_get(client_hash),
buffer_get_len(client_hash)) < 0) {
goto error;
}
len = ntohl(buffer_get_len(server_hash));
if (buffer_add_u32(buf, len) < 0) {
goto error;
}
if (buffer_add_data(buf, buffer_get(server_hash),
buffer_get_len(server_hash)) < 0) {
goto error;
}
len = string_len(session->next_crypto->server_pubkey) + 4;
if (buffer_add_data(buf, session->next_crypto->server_pubkey, len) < 0) {
goto error;
}
num = make_bignum_string(session->next_crypto->e);
if (num == NULL) {
goto error;
}
len = string_len(num) + 4;
if (buffer_add_data(buf, num, len) < 0) {
goto error;
}
string_free(num);
num = make_bignum_string(session->next_crypto->f);
if (num == NULL) {
goto error;
}
len = string_len(num) + 4;
if (buffer_add_data(buf, num, len) < 0) {
goto error;
}
string_free(num);
num = make_bignum_string(session->next_crypto->k);
if (num == NULL) {
goto error;
}
len = string_len(num) + 4;
if (buffer_add_data(buf, num, len) < 0) {
goto error;
}
buffer_add_data(buf,buffer_get(server_hash),buffer_get_len(server_hash));
// ssh_print_hexa("server_hash",buffer_get(server_hash),buffer_get_len(server_hash));
//sha1_update(ctx,buffer_get(server_hash),buffer_get_len(server_hash));
buffer_free(server_hash);
session->in_hashbuf=NULL;
session->out_hashbuf=NULL;
len=string_len(session->next_crypto->server_pubkey)+4;
buffer_add_data(buf,session->next_crypto->server_pubkey,len);
// sha1_update(ctx,session->next_crypto->server_pubkey,len);
num=make_bignum_string(session->next_crypto->e);
len=string_len(num)+4;
buffer_add_data(buf,num,len);
//sha1_update(ctx,num,len);
free(num);
num=make_bignum_string(session->next_crypto->f);
len=string_len(num)+4;
buffer_add_data(buf,num,len);
// sha1_update(ctx,num,len=(string_len(num)+4));
free(num);
num=make_bignum_string(session->next_crypto->k);
len=string_len(num)+4;
buffer_add_data(buf,num,len);
// sha1_update(ctx,num,len);
free(num);
#ifdef DEBUG_CRYPTO #ifdef DEBUG_CRYPTO
ssh_print_hexa("hash buffer",buffer_get(buf),buffer_get_len(buf)); ssh_print_hexa("hash buffer", buffer_get(buf), buffer_get_len(buf));
#endif #endif
sha1_update(ctx,buffer_get(buf),buffer_get_len(buf));
sha1_final(session->next_crypto->session_id,ctx); sha1_update(ctx, buffer_get(buf), buffer_get_len(buf));
buffer_free(buf); sha1_final(session->next_crypto->session_id, ctx);
#ifdef DEBUG_CRYPTO #ifdef DEBUG_CRYPTO
printf("Session hash : "); printf("Session hash: ");
ssh_print_hexa("session id",session->next_crypto->session_id,SHA_DIGEST_LEN); ssh_print_hexa("session id", session->next_crypto->session_id, SHA_DIGEST_LEN);
#endif #endif
leave_function();
rc = SSH_OK;
error:
buffer_free(buf);
buffer_free(client_hash);
buffer_free(server_hash);
session->in_hashbuf = NULL;
session->out_hashbuf = NULL;
string_free(str);
string_free(num);
leave_function();
return rc;
} }
void hashbufout_add_cookie(SSH_SESSION *session){ void hashbufout_add_cookie(SSH_SESSION *session){

4
libssh/server.c
View File

@@ -290,7 +290,9 @@ static int dh_handshake_server(SSH_SESSION *session){
publickey_free(pub); publickey_free(pub);
dh_import_pubkey(session,pubkey); dh_import_pubkey(session,pubkey);
dh_build_k(session); dh_build_k(session);
make_sessionid(session); if (make_sessionid(session) != SSH_OK) {
return -1;
}
sign=ssh_sign_session_id(session,prv); sign=ssh_sign_session_id(session,prv);
buffer_free(buf); buffer_free(buf);
/* free private keys as they should not be readable past this point */ /* free private keys as they should not be readable past this point */