upstream/oracle/userland-gate: components/openssh/sources/kexgsss.c@5683175b6e99 (annotated)

5324 5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	1	/*
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	2	* Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved.
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	3	*
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	4	* Redistribution and use in source and binary forms, with or without
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	5	* modification, are permitted provided that the following conditions
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	6	* are met:
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	7	* 1. Redistributions of source code must retain the above copyright
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	8	* notice, this list of conditions and the following disclaimer.
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	9	* 2. Redistributions in binary form must reproduce the above copyright
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	10	* notice, this list of conditions and the following disclaimer in the
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	11	* documentation and/or other materials provided with the distribution.
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	12	*
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	13	* THIS SOFTWARE IS PROVIDED BY THE AUTHOR `AS IS'' AND ANY EXPRESS OR
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	14	* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	15	* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	16	* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	17	* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	18	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	19	* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	20	* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	21	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	22	* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	23	*/
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	24
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	25	/*
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	26	* May 22, 2015
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	27	* In version 6.8 a new packet interface has been introduced to OpenSSH,
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	28	* while the old packet API has been provided in opacket.c.
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	29	* At this moment we are not rewritting GSS-API key exchange code to the new
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	30	* API, just adjusting it to still work with new struct ssh.
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	31	* Rewritting to the new API can be considered in the future.
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	32	*/
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	33
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	34	#include "includes.h"
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	35
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	36	#ifdef GSSAPI
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	37
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	38	#include <signal.h> /* for sig_atomic_t in kex.h */
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	39	#include <string.h>
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	40
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	41	#include <openssl/crypto.h>
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	42	#include <openssl/bn.h>
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	43
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	44	#include "xmalloc.h"
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	45	#include "buffer.h"
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	46	#include "ssh2.h"
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	47	#include "key.h"
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	48	#include "cipher.h"
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	49	#include "digest.h"
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	50	#include "kex.h"
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	51	#include "log.h"
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	52	#include "packet.h"
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	53	#include "dh.h"
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	54	#include "ssh-gss.h"
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	55	#include "monitor_wrap.h"
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	56
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	57	int
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	58	kexgss_server(struct ssh *ssh)
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	59	{
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	60	OM_uint32 maj_status, min_status;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	61
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	62	/*
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	63	* Some GSSAPI implementations use the input value of ret_flags (an
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	64	* output variable) as a means of triggering mechanism specific
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	65	* features. Initializing it to zero avoids inadvertently
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	66	* activating this non-standard behaviour.
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	67	*/
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	68
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	69	OM_uint32 ret_flags = 0;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	70	gss_buffer_desc gssbuf, recv_tok, msg_tok;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	71	gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	72	Gssctxt *ctxt = NULL;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	73	uint_t slen, klen, kout;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	74	uchar_t *kbuf;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	75	DH *dh;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	76	int min = -1, max = -1, nbits = -1;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	77	BIGNUM *shared_secret = NULL;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	78	BIGNUM *dh_client_pub = NULL;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	79	int type = 0;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	80	gss_OID oid;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	81	char *mechs;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	82	struct kex *kex = ssh->kex;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	83	int r;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	84	uchar_t hash[SSH_DIGEST_MAX_LENGTH];
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	85	size_t hashlen;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	86
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	87	/* Initialise GSSAPI */
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	88
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	89	/*
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	90	* If we're rekeying, privsep means that some of the private structures
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	91	* in the GSSAPI code are no longer available. This kludges them back
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	92	* into life
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	93	*/
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	94	if (!ssh_gssapi_oid_table_ok())
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	95	if ((mechs = ssh_gssapi_server_mechanisms()))
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	96	free(mechs);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	97
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	98	debug2("%s: Identifying %s", __func__, kex->name);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	99	oid = ssh_gssapi_id_kex(NULL, kex->name, kex->kex_type);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	100	if (oid == GSS_C_NO_OID)
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	101	fatal("Unknown gssapi mechanism");
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	102
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	103	debug2("%s: Acquiring credentials", __func__);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	104
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	105	if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, oid))))
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	106	fatal("Unable to acquire credentials for the server");
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	107
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	108	switch (kex->kex_type) {
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	109	case KEX_GSS_GRP1_SHA1:
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	110	kex->dh = dh_new_group1();
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	111	break;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	112	case KEX_GSS_GRP14_SHA1:
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	113	kex->dh = dh_new_group14();
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	114	break;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	115	case KEX_GSS_GEX_SHA1:
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	116	debug("Doing group exchange");
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	117	packet_read_expect(SSH2_MSG_KEXGSS_GROUPREQ);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	118	min = packet_get_int();
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	119	nbits = packet_get_int();
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	120	max = packet_get_int();
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	121	min = MAX(DH_GRP_MIN, min);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	122	max = MIN(DH_GRP_MAX, max);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	123	packet_check_eom();
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	124	if (max < min \|\| nbits < min \|\| max < nbits)
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	125	fatal("GSS_GEX, bad parameters: %d !< %d !< %d",
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	126	min, nbits, max);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	127	kex->dh = PRIVSEP(choose_dh(min, nbits, max));
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	128	if (kex->dh == NULL)
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	129	packet_disconnect("Protocol error:"
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	130	" no matching group found");
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	131
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	132	packet_start(SSH2_MSG_KEXGSS_GROUP);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	133	packet_put_bignum2(kex->dh->p);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	134	packet_put_bignum2(kex->dh->g);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	135	packet_send();
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	136
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	137	packet_write_wait();
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	138	break;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	139	default:
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	140	fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	141	}
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	142
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	143	dh_gen_key(kex->dh, kex->we_need * 8);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	144
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	145	do {
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	146	debug("Wait SSH2_MSG_GSSAPI_INIT");
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	147	type = packet_read();
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	148	switch (type) {
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	149	case SSH2_MSG_KEXGSS_INIT:
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	150	if (dh_client_pub != NULL)
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	151	fatal("Received KEXGSS_INIT after"
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	152	" initialising");
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	153	recv_tok.value = packet_get_string(&slen);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	154	recv_tok.length = slen;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	155
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	156	if ((dh_client_pub = BN_new()) == NULL)
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	157	fatal("dh_client_pub == NULL");
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	158
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	159	packet_get_bignum2(dh_client_pub);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	160
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	161	/* Send SSH_MSG_KEXGSS_HOSTKEY here, if we want */
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	162	break;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	163	case SSH2_MSG_KEXGSS_CONTINUE:
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	164	recv_tok.value = packet_get_string(&slen);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	165	recv_tok.length = slen;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	166	break;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	167	default:
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	168	packet_disconnect(
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	169	"Protocol error: didn't expect packet type %d",
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	170	type);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	171	}
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	172
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	173	maj_status = PRIVSEP(ssh_gssapi_accept_ctx(ctxt, &recv_tok,
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	174	&send_tok, &ret_flags));
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	175
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	176	free(recv_tok.value);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	177
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	178	if (maj_status != GSS_S_COMPLETE && send_tok.length == 0)
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	179	fatal("Zero length token output when incomplete");
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	180
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	181	if (dh_client_pub == NULL)
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	182	fatal("No client public key");
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	183
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	184	if (maj_status & GSS_S_CONTINUE_NEEDED) {
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	185	debug("Sending GSSAPI_CONTINUE");
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	186	packet_start(SSH2_MSG_KEXGSS_CONTINUE);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	187	packet_put_string(send_tok.value, send_tok.length);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	188	packet_send();
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	189	gss_release_buffer(&min_status, &send_tok);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	190	}
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	191	} while (maj_status & GSS_S_CONTINUE_NEEDED);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	192
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	193	if (GSS_ERROR(maj_status)) {
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	194	if (send_tok.length > 0) {
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	195	packet_start(SSH2_MSG_KEXGSS_CONTINUE);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	196	packet_put_string(send_tok.value, send_tok.length);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	197	packet_send();
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	198	}
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	199	fatal("accept_ctx died");
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	200	}
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	201
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	202	if (!(ret_flags & GSS_C_MUTUAL_FLAG))
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	203	fatal("Mutual Authentication flag wasn't set");
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	204
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	205	if (!(ret_flags & GSS_C_INTEG_FLAG))
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	206	fatal("Integrity flag wasn't set");
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	207
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	208	if (!dh_pub_is_valid(kex->dh, dh_client_pub))
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	209	packet_disconnect("bad client public DH value");
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	210
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	211	klen = DH_size(kex->dh);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	212	kbuf = xmalloc(klen);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	213	kout = DH_compute_key(kbuf, dh_client_pub, kex->dh);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	214	if (kout < 0)
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	215	fatal("DH_compute_key: failed");
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	216
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	217	shared_secret = BN_new();
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	218	if (shared_secret == NULL)
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	219	fatal("kexgss_server: BN_new failed");
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	220
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	221	if (BN_bin2bn(kbuf, kout, shared_secret) == NULL)
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	222	fatal("kexgss_server: BN_bin2bn failed");
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	223
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	224	memset(kbuf, 0, klen);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	225	free(kbuf);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	226
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	227	hashlen = sizeof (hash);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	228	switch (kex->kex_type) {
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	229	case KEX_GSS_GRP1_SHA1:
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	230	case KEX_GSS_GRP14_SHA1:
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	231	kex_dh_hash(
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	232	kex->client_version_string, kex->server_version_string,
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	233	buffer_ptr(kex->peer), buffer_len(kex->peer),
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	234	buffer_ptr(kex->my), buffer_len(kex->my),
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	235	NULL, 0, /* Change this if we start sending host keys */
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	236	dh_client_pub, kex->dh->pub_key, shared_secret,
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	237	hash, &hashlen);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	238	break;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	239	case KEX_GSS_GEX_SHA1:
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	240	kexgex_hash(
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	241	kex->hash_alg,
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	242	kex->client_version_string, kex->server_version_string,
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	243	buffer_ptr(kex->peer), buffer_len(kex->peer),
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	244	buffer_ptr(kex->my), buffer_len(kex->my),
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	245	NULL, 0,
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	246	min, nbits, max,
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	247	kex->dh->p, kex->dh->g,
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	248	dh_client_pub,
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	249	kex->dh->pub_key,
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	250	shared_secret,
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	251	hash, &hashlen);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	252	break;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	253	default:
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	254	fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	255	}
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	256
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	257	BN_clear_free(dh_client_pub);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	258
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	259	if (kex->session_id == NULL) {
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	260	kex->session_id_len = hashlen;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	261	kex->session_id = xmalloc(kex->session_id_len);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	262	memcpy(kex->session_id, hash, kex->session_id_len);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	263	}
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	264
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	265	gssbuf.value = hash;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	266	gssbuf.length = hashlen;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	267
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	268	if (GSS_ERROR(PRIVSEP(ssh_gssapi_sign(ctxt, &gssbuf, &msg_tok))))
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	269	fatal("Couldn't get MIC");
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	270
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	271	packet_start(SSH2_MSG_KEXGSS_COMPLETE);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	272	packet_put_bignum2(kex->dh->pub_key);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	273	packet_put_string(msg_tok.value, msg_tok.length);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	274
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	275	if (send_tok.length != 0) {
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	276	packet_put_char(1); /* true */
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	277	packet_put_string(send_tok.value, send_tok.length);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	278	} else {
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	279	packet_put_char(0); /* false */
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	280	}
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	281	packet_send();
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	282
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	283	gss_release_buffer(&min_status, &send_tok);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	284	gss_release_buffer(&min_status, &msg_tok);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	285
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	286	if (gss_kex_context == NULL)
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	287	gss_kex_context = ctxt;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	288	else
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	289	ssh_gssapi_delete_ctx(&ctxt);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	290
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	291	DH_free(kex->dh);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	292
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	293	if ((r = kex_derive_keys_bn(ssh, hash, hashlen, shared_secret)) == 0)
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	294	r = kex_send_newkeys(ssh);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	295	return (r);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	296	}
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	297	#endif /* GSSAPI */

author	Jan Parcel <jan.parcel@oracle.com>
	Mon, 25 Jan 2016 10:57:40 -0800
branch	s11u3-sru
changeset 5324	5683175b6e99
child 6080	8e5e5c84119e
permissions	-rw-r--r--