upstream/oracle/userland-gate: comparison components/openssh/sources/kexgsss.c

equal deleted inserted replaced

-:ce7fc2376fb0
+:bf30d46ab06e
 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
+/*
+* May 22, 2015
+* In version 6.8 a new packet interface has been introduced to OpenSSH,
+* while the old packet API has been provided in opacket.c.
+* At this moment we are not rewritting GSS-API key exchange code to the new
+* API, just adjusting it to still work with new struct ssh.
+* Rewritting to the new API can be considered in the future.
+*/
 #include "includes.h"
 #ifdef GSSAPI
+#include <signal.h>	/* for sig_atomic_t in kex.h */
 #include <string.h>
 #include <openssl/crypto.h>
 #include <openssl/bn.h>
 #include "xmalloc.h"
 #include "buffer.h"
 #include "ssh2.h"
 #include "key.h"
 #include "cipher.h"
+#include "digest.h"
 #include "kex.h"
 #include "log.h"
 #include "packet.h"
 #include "dh.h"
 #include "ssh-gss.h"
 #include "monitor_wrap.h"
-void
+int
-kexgss_server(Kex *kex)
+kexgss_server(struct ssh *ssh)
 {
 	OM_uint32 maj_status, min_status;
 	/*
 	 * Some GSSAPI implementations use the input value of ret_flags (an
 	OM_uint32 ret_flags = 0;
 	gss_buffer_desc gssbuf, recv_tok, msg_tok;
 	gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER;
 	Gssctxt *ctxt = NULL;
-	uint_t slen, klen, kout, hashlen;
+	uint_t slen, klen, kout;
-	uchar_t *kbuf, *hash;
+	uchar_t *kbuf;
 	DH *dh;
 	int min = -1, max = -1, nbits = -1;
 	BIGNUM *shared_secret = NULL;
 	BIGNUM *dh_client_pub = NULL;
 	int type = 0;
 	gss_OID oid;
 	char *mechs;
+	struct kex *kex = ssh->kex;
+	int r;
+	uchar_t hash[SSH_DIGEST_MAX_LENGTH];
+	size_t hashlen;
 	/* Initialise GSSAPI */
 	/*
 	 * If we're rekeying, privsep means that some of the private structures
 	if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, oid))))
 		fatal("Unable to acquire credentials for the server");
 	switch (kex->kex_type) {
 	case KEX_GSS_GRP1_SHA1:
-		dh = dh_new_group1();
+		kex->dh = dh_new_group1();
 		break;
 	case KEX_GSS_GRP14_SHA1:
-		dh = dh_new_group14();
+		kex->dh = dh_new_group14();
 		break;
 	case KEX_GSS_GEX_SHA1:
 		debug("Doing group exchange");
 		packet_read_expect(SSH2_MSG_KEXGSS_GROUPREQ);
 		min = packet_get_int();
 		max = MIN(DH_GRP_MAX, max);
 		packet_check_eom();
 		if (max < min || nbits < min || max < nbits)
 			fatal("GSS_GEX, bad parameters: %d !< %d !< %d",
 			    min, nbits, max);
-		dh = PRIVSEP(choose_dh(min, nbits, max));
+		kex->dh = PRIVSEP(choose_dh(min, nbits, max));
-		if (dh == NULL)
+		if (kex->dh == NULL)
 			packet_disconnect("Protocol error:"
 			    " no matching group found");
 		packet_start(SSH2_MSG_KEXGSS_GROUP);
-		packet_put_bignum2(dh->p);
+		packet_put_bignum2(kex->dh->p);
-		packet_put_bignum2(dh->g);
+		packet_put_bignum2(kex->dh->g);
 		packet_send();
 		packet_write_wait();
 		break;
 	default:
 		fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type);
 	}
-	dh_gen_key(dh, kex->we_need * 8);
+	dh_gen_key(kex->dh, kex->we_need * 8);
 	do {
 		debug("Wait SSH2_MSG_GSSAPI_INIT");
 		type = packet_read();
 		switch (type) {
 		fatal("Mutual Authentication flag wasn't set");
 	if (!(ret_flags & GSS_C_INTEG_FLAG))
 		fatal("Integrity flag wasn't set");
-	if (!dh_pub_is_valid(dh, dh_client_pub))
+	if (!dh_pub_is_valid(kex->dh, dh_client_pub))
 		packet_disconnect("bad client public DH value");
-	klen = DH_size(dh);
+	klen = DH_size(kex->dh);
 	kbuf = xmalloc(klen);
-	kout = DH_compute_key(kbuf, dh_client_pub, dh);
+	kout = DH_compute_key(kbuf, dh_client_pub, kex->dh);
 	if (kout < 0)
 		fatal("DH_compute_key: failed");
 	shared_secret = BN_new();
 	if (shared_secret == NULL)
 		fatal("kexgss_server: BN_bin2bn failed");
 	memset(kbuf, 0, klen);
 	free(kbuf);
+	hashlen = sizeof (hash);
 	switch (kex->kex_type) {
 	case KEX_GSS_GRP1_SHA1:
 	case KEX_GSS_GRP14_SHA1:
 		kex_dh_hash(
 		    kex->client_version_string, kex->server_version_string,
-		    buffer_ptr(&kex->peer), buffer_len(&kex->peer),
+		    buffer_ptr(kex->peer), buffer_len(kex->peer),
-		    buffer_ptr(&kex->my), buffer_len(&kex->my),
+		    buffer_ptr(kex->my), buffer_len(kex->my),
 		    NULL, 0, /* Change this if we start sending host keys */
-		    dh_client_pub, dh->pub_key, shared_secret,
+		    dh_client_pub, kex->dh->pub_key, shared_secret,
-		    &hash, &hashlen);
+		    hash, &hashlen);
 		break;
 	case KEX_GSS_GEX_SHA1:
 		kexgex_hash(
 		    kex->hash_alg,
 		    kex->client_version_string, kex->server_version_string,
-		    buffer_ptr(&kex->peer), buffer_len(&kex->peer),
+		    buffer_ptr(kex->peer), buffer_len(kex->peer),
-		    buffer_ptr(&kex->my), buffer_len(&kex->my),
+		    buffer_ptr(kex->my), buffer_len(kex->my),
 		    NULL, 0,
 		    min, nbits, max,
-		    dh->p, dh->g,
+		    kex->dh->p, kex->dh->g,
 		    dh_client_pub,
-		    dh->pub_key,
+		    kex->dh->pub_key,
 		    shared_secret,
-		    &hash, &hashlen);
+		    hash, &hashlen);
 		break;
 	default:
 		fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type);
 	}
 	if (GSS_ERROR(PRIVSEP(ssh_gssapi_sign(ctxt, &gssbuf, &msg_tok))))
 		fatal("Couldn't get MIC");
 	packet_start(SSH2_MSG_KEXGSS_COMPLETE);
-	packet_put_bignum2(dh->pub_key);
+	packet_put_bignum2(kex->dh->pub_key);
 	packet_put_string(msg_tok.value, msg_tok.length);
 	if (send_tok.length != 0) {
 		packet_put_char(1); /* true */
 		packet_put_string(send_tok.value, send_tok.length);
 	if (gss_kex_context == NULL)
 		gss_kex_context = ctxt;
 	else
 		ssh_gssapi_delete_ctx(&ctxt);
-	DH_free(dh);
+	DH_free(kex->dh);
-	kex_derive_keys_bn(kex, hash, hashlen, shared_secret);
+	if ((r = kex_derive_keys_bn(ssh, hash, hashlen, shared_secret)) == 0)
-	BN_clear_free(shared_secret);
+		r = kex_send_newkeys(ssh);
-	kex_finish(kex);
+	return (r);
 }
 #endif /* GSSAPI */

changeset 4503	bf30d46ab06e
parent 3574	80e9a4e240d3
child 6030	494adc5697ee