--- a/components/openssh/sources/kexgsss.c Wed Jun 17 14:55:22 2015 -0700
+++ b/components/openssh/sources/kexgsss.c Thu Jun 18 07:01:42 2015 -0700
@@ -22,10 +22,20 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
+/*
+ * May 22, 2015
+ * In version 6.8 a new packet interface has been introduced to OpenSSH,
+ * while the old packet API has been provided in opacket.c.
+ * At this moment we are not rewritting GSS-API key exchange code to the new
+ * API, just adjusting it to still work with new struct ssh.
+ * Rewritting to the new API can be considered in the future.
+ */
+
#include "includes.h"
#ifdef GSSAPI
+#include <signal.h> /* for sig_atomic_t in kex.h */
#include <string.h>
#include <openssl/crypto.h>
@@ -36,6 +46,7 @@
#include "ssh2.h"
#include "key.h"
#include "cipher.h"
+#include "digest.h"
#include "kex.h"
#include "log.h"
#include "packet.h"
@@ -43,8 +54,8 @@
#include "ssh-gss.h"
#include "monitor_wrap.h"
-void
-kexgss_server(Kex *kex)
+int
+kexgss_server(struct ssh *ssh)
{
OM_uint32 maj_status, min_status;
@@ -59,8 +70,8 @@
gss_buffer_desc gssbuf, recv_tok, msg_tok;
gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER;
Gssctxt *ctxt = NULL;
- uint_t slen, klen, kout, hashlen;
- uchar_t *kbuf, *hash;
+ uint_t slen, klen, kout;
+ uchar_t *kbuf;
DH *dh;
int min = -1, max = -1, nbits = -1;
BIGNUM *shared_secret = NULL;
@@ -68,6 +79,10 @@
int type = 0;
gss_OID oid;
char *mechs;
+ struct kex *kex = ssh->kex;
+ int r;
+ uchar_t hash[SSH_DIGEST_MAX_LENGTH];
+ size_t hashlen;
/* Initialise GSSAPI */
@@ -92,10 +107,10 @@
switch (kex->kex_type) {
case KEX_GSS_GRP1_SHA1:
- dh = dh_new_group1();
+ kex->dh = dh_new_group1();
break;
case KEX_GSS_GRP14_SHA1:
- dh = dh_new_group14();
+ kex->dh = dh_new_group14();
break;
case KEX_GSS_GEX_SHA1:
debug("Doing group exchange");
@@ -109,14 +124,14 @@
if (max < min || nbits < min || max < nbits)
fatal("GSS_GEX, bad parameters: %d !< %d !< %d",
min, nbits, max);
- dh = PRIVSEP(choose_dh(min, nbits, max));
- if (dh == NULL)
+ kex->dh = PRIVSEP(choose_dh(min, nbits, max));
+ if (kex->dh == NULL)
packet_disconnect("Protocol error:"
" no matching group found");
packet_start(SSH2_MSG_KEXGSS_GROUP);
- packet_put_bignum2(dh->p);
- packet_put_bignum2(dh->g);
+ packet_put_bignum2(kex->dh->p);
+ packet_put_bignum2(kex->dh->g);
packet_send();
packet_write_wait();
@@ -125,7 +140,7 @@
fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type);
}
- dh_gen_key(dh, kex->we_need * 8);
+ dh_gen_key(kex->dh, kex->we_need * 8);
do {
debug("Wait SSH2_MSG_GSSAPI_INIT");
@@ -190,12 +205,12 @@
if (!(ret_flags & GSS_C_INTEG_FLAG))
fatal("Integrity flag wasn't set");
- if (!dh_pub_is_valid(dh, dh_client_pub))
+ if (!dh_pub_is_valid(kex->dh, dh_client_pub))
packet_disconnect("bad client public DH value");
- klen = DH_size(dh);
+ klen = DH_size(kex->dh);
kbuf = xmalloc(klen);
- kout = DH_compute_key(kbuf, dh_client_pub, dh);
+ kout = DH_compute_key(kbuf, dh_client_pub, kex->dh);
if (kout < 0)
fatal("DH_compute_key: failed");
@@ -209,30 +224,31 @@
memset(kbuf, 0, klen);
free(kbuf);
+ hashlen = sizeof (hash);
switch (kex->kex_type) {
case KEX_GSS_GRP1_SHA1:
case KEX_GSS_GRP14_SHA1:
kex_dh_hash(
kex->client_version_string, kex->server_version_string,
- buffer_ptr(&kex->peer), buffer_len(&kex->peer),
- buffer_ptr(&kex->my), buffer_len(&kex->my),
+ buffer_ptr(kex->peer), buffer_len(kex->peer),
+ buffer_ptr(kex->my), buffer_len(kex->my),
NULL, 0, /* Change this if we start sending host keys */
- dh_client_pub, dh->pub_key, shared_secret,
- &hash, &hashlen);
+ dh_client_pub, kex->dh->pub_key, shared_secret,
+ hash, &hashlen);
break;
case KEX_GSS_GEX_SHA1:
kexgex_hash(
kex->hash_alg,
kex->client_version_string, kex->server_version_string,
- buffer_ptr(&kex->peer), buffer_len(&kex->peer),
- buffer_ptr(&kex->my), buffer_len(&kex->my),
+ buffer_ptr(kex->peer), buffer_len(kex->peer),
+ buffer_ptr(kex->my), buffer_len(kex->my),
NULL, 0,
min, nbits, max,
- dh->p, dh->g,
+ kex->dh->p, kex->dh->g,
dh_client_pub,
- dh->pub_key,
+ kex->dh->pub_key,
shared_secret,
- &hash, &hashlen);
+ hash, &hashlen);
break;
default:
fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type);
@@ -253,7 +269,7 @@
fatal("Couldn't get MIC");
packet_start(SSH2_MSG_KEXGSS_COMPLETE);
- packet_put_bignum2(dh->pub_key);
+ packet_put_bignum2(kex->dh->pub_key);
packet_put_string(msg_tok.value, msg_tok.length);
if (send_tok.length != 0) {
@@ -272,10 +288,10 @@
else
ssh_gssapi_delete_ctx(&ctxt);
- DH_free(dh);
+ DH_free(kex->dh);
- kex_derive_keys_bn(kex, hash, hashlen, shared_secret);
- BN_clear_free(shared_secret);
- kex_finish(kex);
+ if ((r = kex_derive_keys_bn(ssh, hash, hashlen, shared_secret)) == 0)
+ r = kex_send_newkeys(ssh);
+ return (r);
}
#endif /* GSSAPI */