scmno****@osdn*****
scmno****@osdn*****
2018年 1月 9日 (火) 18:06:05 JST
Tera TermRevision: 7012
http://sourceforge.jp/projects/ttssh2/scm/svn/commits/7012
Author: doda
Date: 2018-01-09 18:06:04 +0900 (Tue, 09 Jan 2018)
Log Message:
-----------
3つの KEX 終了処理関数を比較しやすくする為、変数名やメッセージ等を調整
Modified Paths:
--------------
trunk/ttssh2/ttxssh/ssh.c
-------------- next part --------------
Modified: trunk/ttssh2/ttxssh/ssh.c
===================================================================
--- trunk/ttssh2/ttxssh/ssh.c 2017-12-26 09:13:38 UTC (rev 7011)
+++ trunk/ttssh2/ttxssh/ssh.c 2018-01-09 09:06:04 UTC (rev 7012)
@@ -5545,7 +5545,7 @@
begin_send_packet(pvar, SSH2_MSG_NEWKEYS, 0);
finish_send_packet(pvar);
- logputs(LOG_LEVEL_VERBOSE, "SSH2_MSG_NEWKEYS was sent at handle_SSH2_dh_kex_reply().");
+ logputs(LOG_LEVEL_VERBOSE, __FUNCTION__ ": SSH2_MSG_NEWKEYS was sent.");
// SSH2_MSG_NEWKEYS\x82𑗂\xE8\x8FI\x82\xED\x82\xC1\x82\xBD\x82\xA0\x82ƂɃL\x81[\x82̐ݒ肨\x82\xE6\x82эĐݒ\xE8\x82\xF0\x8Ds\x82\xA4
// \x91\x97\x90M\x97p\x82̈Í\x86\x8C\xAE\x82\xCD SSH2_MSG_NEWKEYS \x82̑\x97\x90M\x8C\xE3\x82ɁA\x8E\xF3\x90M\x97p\x82̂\xCD SSH2_MSG_NEWKEYS \x82\xCC
@@ -5591,7 +5591,7 @@
int offset = 0;
char *server_host_key_blob;
int bloblen, siglen;
- BIGNUM *dh_server_pub = NULL;
+ BIGNUM *server_public = NULL;
char *signature;
int dh_len, share_len;
char *dh_buf = NULL;
@@ -5599,7 +5599,7 @@
char *hash;
char *emsg = NULL, emsg_tmp[1024]; // error message
int hashlen;
- Key *hostkey; // hostkey
+ Key *hostkey = NULL; // hostkey
BOOL result = FALSE;
logputs(LOG_LEVEL_VERBOSE, "SSH2_MSG_KEXDH_REPLY was received.");
@@ -5624,7 +5624,7 @@
hostkey = key_from_blob(data, bloblen);
if (hostkey == NULL) {
- emsg = "key_from_blob error @ handle_SSH2_dh_kex_reply()";
+ emsg = __FUNCTION__ ": key_from_blob error";
goto error;
}
data += bloblen;
@@ -5632,24 +5632,24 @@
// known_hosts\x91Ή\x9E (2006.3.20 yutaka)
if (hostkey->type != pvar->hostkey_type) { // \x83z\x83X\x83g\x83L\x81[\x82̎\xED\x95ʔ\xE4\x8Ar
_snprintf_s(emsg_tmp, sizeof(emsg_tmp), _TRUNCATE,
- "type mismatch for decoded server_host_key_blob (kex:%s blob:%s) @ %s",
- get_ssh_keytype_name(pvar->hostkey_type), get_ssh_keytype_name(hostkey->type), __FUNCTION__);
+ "%s: type mismatch for decoded server_host_key_blob (kex:%s blob:%s)", __FUNCTION__,
+ get_ssh_keytype_name(pvar->hostkey_type), get_ssh_keytype_name(hostkey->type));
emsg = emsg_tmp;
goto error;
}
HOSTS_check_host_key(pvar, pvar->ssh_state.hostname, pvar->ssh_state.tcpport, hostkey);
if (pvar->socket == INVALID_SOCKET) {
- emsg = "Server disconnected @ handle_SSH2_dh_kex_reply()";
+ emsg = __FUNCTION__ ": Server disconnected";
goto error;
}
- dh_server_pub = BN_new();
- if (dh_server_pub == NULL) {
- emsg = "Out of memory1 @ handle_SSH2_dh_kex_reply()";
+ server_public = BN_new();
+ if (server_public == NULL) {
+ emsg = __FUNCTION__ ": Out of memory (1)";
goto error;
}
- buffer_get_bignum2(&data, dh_server_pub);
+ buffer_get_bignum2(&data, server_public);
siglen = get_uint32_MSBfirst(data);
data += 4;
@@ -5656,10 +5656,11 @@
signature = data;
data += siglen;
+ push_memdump("KEXDH_REPLY", "signature", signature, siglen);
- // check DH public value
- if (!dh_pub_is_valid(pvar->kexdh, dh_server_pub)) {
- emsg = "DH public value invalid @ handle_SSH2_dh_kex_reply()";
+ // check public key
+ if (!dh_pub_is_valid(pvar->kexdh, server_public)) {
+ emsg = __FUNCTION__ ": invalid server public key";
goto error;
}
// \x8B\xA4\x92ʌ\xAE\x82̐\xB6\x90\xAC
@@ -5666,13 +5667,13 @@
dh_len = DH_size(pvar->kexdh);
dh_buf = malloc(dh_len);
if (dh_buf == NULL) {
- emsg = "Out of memory2 @ handle_SSH2_dh_kex_reply()";
+ emsg = __FUNCTION__ ": Out of memory (2)";
goto error;
}
- share_len = DH_compute_key(dh_buf, dh_server_pub, pvar->kexdh);
+ share_len = DH_compute_key(dh_buf, server_public, pvar->kexdh);
share_key = BN_new();
if (share_key == NULL) {
- emsg = "Out of memory3 @ handle_SSH2_dh_kex_reply()";
+ emsg = __FUNCTION__ ": Out of memory (3)";
goto error;
}
// 'share_key'\x82\xAA\x83T\x81[\x83o\x82ƃN\x83\x89\x83C\x83A\x83\x93\x83g\x82ŋ\xA4\x97L\x82\xB7\x82錮\x81iG^A\x81~B mod P\x81j\x82ƂȂ\xE9\x81B
@@ -5681,35 +5682,36 @@
// \x83n\x83b\x83V\x83\x85\x82̌v\x8EZ
/* calc and verify H */
- hash = kex_dh_hash(get_kex_algorithm_EVP_MD(pvar->kex_type),
- pvar->client_version_string,
- pvar->server_version_string,
- buffer_ptr(pvar->my_kex), buffer_len(pvar->my_kex),
- buffer_ptr(pvar->peer_kex), buffer_len(pvar->peer_kex),
- server_host_key_blob, bloblen,
- pvar->kexdh->pub_key,
- dh_server_pub,
- share_key,
- &hashlen);
+ hash = kex_dh_hash(
+ get_kex_algorithm_EVP_MD(pvar->kex_type),
+ pvar->client_version_string,
+ pvar->server_version_string,
+ buffer_ptr(pvar->my_kex), buffer_len(pvar->my_kex),
+ buffer_ptr(pvar->peer_kex), buffer_len(pvar->peer_kex),
+ server_host_key_blob, bloblen,
+ pvar->kexdh->pub_key,
+ server_public,
+ share_key,
+ &hashlen);
{
push_memdump("KEXDH_REPLY kex_dh_kex_hash", "my_kex", buffer_ptr(pvar->my_kex), buffer_len(pvar->my_kex));
push_memdump("KEXDH_REPLY kex_dh_kex_hash", "peer_kex", buffer_ptr(pvar->peer_kex), buffer_len(pvar->peer_kex));
- push_bignum_memdump("KEXDH_REPLY kex_dh_kex_hash", "dh_server_pub", dh_server_pub);
+ push_bignum_memdump("KEXDH_REPLY kex_dh_kex_hash", "server_public", server_public);
push_bignum_memdump("KEXDH_REPLY kex_dh_kex_hash", "share_key", share_key);
push_memdump("KEXDH_REPLY kex_dh_kex_hash", "hash", hash, hashlen);
}
- // TTSSH\x83o\x81[\x83W\x83\x87\x83\x93\x8F\xEE\x95\xF1\x82ɕ\\x8E\xA6\x82\xB7\x82\xE9\x83L\x81[\x83r\x83b\x83g\x90\x94\x82\xF0\x8B\x81\x82߂Ă\xA8\x82\xAD (2004.10.30 yutaka)
+ // TTSSH\x83o\x81[\x83W\x83\x87\x83\x93\x8F\xEE\x95\xF1\x82ɕ\\x8E\xA6\x82\xB7\x82\xE9\x83L\x81[\x83r\x83b\x83g\x90\x94\x82\xF0\x8B\x81\x82߂Ă\xA8\x82\xAD
pvar->client_key_bits = BN_num_bits(pvar->kexdh->pub_key);
- pvar->server_key_bits = BN_num_bits(dh_server_pub);
+ pvar->server_key_bits = BN_num_bits(server_public);
result = ssh2_kex_finish(pvar, hash, hashlen, share_key, hostkey, signature, siglen);
error:
- BN_free(dh_server_pub);
+ BN_free(server_public);
DH_free(pvar->kexdh); pvar->kexdh = NULL;
key_free(hostkey);
free(dh_buf);
@@ -5722,11 +5724,9 @@
}
-// Diffie-Hellman Key Exchange Reply(SSH2_MSG_KEX_DH_GEX_REPLY:33)
//
-// C then computes K = f^x mod p, H = hash(V_C ||
-// V_S || I_C || I_S || K_S || min || n || max || p || g || e ||
-// f || K), and verifies the signature s on H.
+// Diffie-Hellman Group and Key Exchange Reply(SSH2_MSG_KEX_DH_GEX_REPLY:33)
+//
static BOOL handle_SSH2_dh_gex_reply(PTInstVar pvar)
{
char *data;
@@ -5734,7 +5734,7 @@
int offset = 0;
char *server_host_key_blob;
int bloblen, siglen;
- BIGNUM *dh_server_pub = NULL;
+ BIGNUM *server_public = NULL;
char *signature;
int dh_len, share_len;
char *dh_buf = NULL;
@@ -5767,7 +5767,7 @@
hostkey = key_from_blob(data, bloblen);
if (hostkey == NULL) {
- emsg = "key_from_blob error @ handle_SSH2_dh_gex_reply()";
+ emsg = __FUNCTION__ ": key_from_blob error";
goto error;
}
data += bloblen;
@@ -5775,24 +5775,24 @@
// known_hosts\x91Ή\x9E (2006.3.20 yutaka)
if (hostkey->type != pvar->hostkey_type) { // \x83z\x83X\x83g\x83L\x81[\x82̎\xED\x95ʔ\xE4\x8Ar
_snprintf_s(emsg_tmp, sizeof(emsg_tmp), _TRUNCATE,
- "type mismatch for decoded server_host_key_blob (kex:%s blob:%s) @ %s",
- get_ssh_keytype_name(pvar->hostkey_type), get_ssh_keytype_name(hostkey->type), __FUNCTION__);
+ "%s: type mismatch for decoded server_host_key_blob (kex:%s blob:%s)", __FUNCTION__,
+ get_ssh_keytype_name(pvar->hostkey_type), get_ssh_keytype_name(hostkey->type));
emsg = emsg_tmp;
goto error;
}
HOSTS_check_host_key(pvar, pvar->ssh_state.hostname, pvar->ssh_state.tcpport, hostkey);
if (pvar->socket == INVALID_SOCKET) {
- emsg = "Server disconnected @ handle_SSH2_dh_gex_reply()";
+ emsg = __FUNCTION__ ": Server disconnected";
goto error;
}
- dh_server_pub = BN_new();
- if (dh_server_pub == NULL) {
- emsg = "Out of memory1 @ handle_SSH2_dh_gex_reply()";
+ server_public = BN_new();
+ if (server_public == NULL) {
+ emsg = __FUNCTION__ ": Out of memory (1)";
goto error;
}
- buffer_get_bignum2(&data, dh_server_pub);
+ buffer_get_bignum2(&data, server_public);
siglen = get_uint32_MSBfirst(data);
data += 4;
@@ -5801,9 +5801,9 @@
push_memdump("DH_GEX_REPLY", "signature", signature, siglen);
- // check DH public value
- if (!dh_pub_is_valid(pvar->kexdh, dh_server_pub)) {
- emsg = "DH public value invalid @ handle_SSH2_dh_gex_reply()";
+ // check public key
+ if (!dh_pub_is_valid(pvar->kexdh, server_public)) {
+ emsg = __FUNCTION__ ": invalid server public key";
goto error;
}
// \x8B\xA4\x92ʌ\xAE\x82̐\xB6\x90\xAC
@@ -5810,13 +5810,13 @@
dh_len = DH_size(pvar->kexdh);
dh_buf = malloc(dh_len);
if (dh_buf == NULL) {
- emsg = "Out of memory2 @ handle_SSH2_dh_gex_reply()";
+ emsg = __FUNCTION__ ": Out of memory (2)";
goto error;
}
- share_len = DH_compute_key(dh_buf, dh_server_pub, pvar->kexdh);
+ share_len = DH_compute_key(dh_buf, server_public, pvar->kexdh);
share_key = BN_new();
if (share_key == NULL) {
- emsg = "Out of memory3 @ handle_SSH2_dh_gex_reply()";
+ emsg = __FUNCTION__ ": Out of memory (3)";
goto error;
}
// 'share_key'\x82\xAA\x83T\x81[\x83o\x82ƃN\x83\x89\x83C\x83A\x83\x93\x83g\x82ŋ\xA4\x97L\x82\xB7\x82錮\x81iG^A\x81~B mod P\x81j\x82ƂȂ\xE9\x81B
@@ -5829,10 +5829,9 @@
get_kex_algorithm_EVP_MD(pvar->kex_type),
pvar->client_version_string,
pvar->server_version_string,
- buffer_ptr(pvar->my_kex), buffer_len(pvar->my_kex),
- buffer_ptr(pvar->peer_kex), buffer_len(pvar->peer_kex),
+ buffer_ptr(pvar->my_kex), buffer_len(pvar->my_kex),
+ buffer_ptr(pvar->peer_kex), buffer_len(pvar->peer_kex),
server_host_key_blob, bloblen,
- /////// KEXGEX
pvar->kexgex_min,
pvar->kexgex_bits,
pvar->kexgex_max,
@@ -5839,8 +5838,7 @@
pvar->kexdh->p,
pvar->kexdh->g,
pvar->kexdh->pub_key,
- /////// KEXGEX
- dh_server_pub,
+ server_public,
share_key,
&hashlen);
@@ -5848,20 +5846,20 @@
push_memdump("DH_GEX_REPLY kex_dh_gex_hash", "my_kex", buffer_ptr(pvar->my_kex), buffer_len(pvar->my_kex));
push_memdump("DH_GEX_REPLY kex_dh_gex_hash", "peer_kex", buffer_ptr(pvar->peer_kex), buffer_len(pvar->peer_kex));
- push_bignum_memdump("DH_GEX_REPLY kex_dh_gex_hash", "dh_server_pub", dh_server_pub);
+ push_bignum_memdump("DH_GEX_REPLY kex_dh_gex_hash", "server_public", server_public);
push_bignum_memdump("DH_GEX_REPLY kex_dh_gex_hash", "share_key", share_key);
push_memdump("DH_GEX_REPLY kex_dh_gex_hash", "hash", hash, hashlen);
}
- // TTSSH\x83o\x81[\x83W\x83\x87\x83\x93\x8F\xEE\x95\xF1\x82ɕ\\x8E\xA6\x82\xB7\x82\xE9\x83L\x81[\x83r\x83b\x83g\x90\x94\x82\xF0\x8B\x81\x82߂Ă\xA8\x82\xAD (2004.10.30 yutaka)
+ // TTSSH\x83o\x81[\x83W\x83\x87\x83\x93\x8F\xEE\x95\xF1\x82ɕ\\x8E\xA6\x82\xB7\x82\xE9\x83L\x81[\x83r\x83b\x83g\x90\x94\x82\xF0\x8B\x81\x82߂Ă\xA8\x82\xAD
pvar->client_key_bits = BN_num_bits(pvar->kexdh->pub_key);
- pvar->server_key_bits = BN_num_bits(dh_server_pub);
+ pvar->server_key_bits = BN_num_bits(server_public);
result = ssh2_kex_finish(pvar, hash, hashlen, share_key, hostkey, signature, siglen);
error:
- BN_free(dh_server_pub);
+ BN_free(server_public);
DH_free(pvar->kexdh); pvar->kexdh = NULL;
key_free(hostkey);
free(dh_buf);
@@ -5918,7 +5916,7 @@
hostkey = key_from_blob(data, bloblen);
if (hostkey == NULL) {
- emsg = "key_from_blob error @ handle_SSH2_ecdh_kex_reply()";
+ emsg = __FUNCTION__ ": key_from_blob error";
goto error;
}
data += bloblen;
@@ -5926,14 +5924,14 @@
// known_hosts\x91Ή\x9E (2006.3.20 yutaka)
if (hostkey->type != pvar->hostkey_type) { // \x83z\x83X\x83g\x83L\x81[\x82̎\xED\x95ʔ\xE4\x8Ar
_snprintf_s(emsg_tmp, sizeof(emsg_tmp), _TRUNCATE,
- "type mismatch for decoded server_host_key_blob (kex:%s blob:%s) @ %s",
- get_ssh_keytype_name(pvar->hostkey_type), get_ssh_keytype_name(hostkey->type), __FUNCTION__);
+ "%s: type mismatch for decoded server_host_key_blob (kex:%s blob:%s)", __FUNCTION__,
+ get_ssh_keytype_name(pvar->hostkey_type), get_ssh_keytype_name(hostkey->type));
emsg = emsg_tmp;
goto error;
}
HOSTS_check_host_key(pvar, pvar->ssh_state.hostname, pvar->ssh_state.tcpport, hostkey);
if (pvar->socket == INVALID_SOCKET) {
- emsg = "Server disconnected @ handle_SSH2_ecdh_kex_reply()";
+ emsg = __FUNCTION__ ": Server disconnected";
goto error;
}
@@ -5941,7 +5939,7 @@
group = EC_KEY_get0_group(pvar->ecdh_client_key);
server_public = EC_POINT_new(group);
if (server_public == NULL) {
- emsg = "Out of memory1 @ handle_SSH2_ecdh_kex_reply()";
+ emsg = __FUNCTION__ ": Out of memory (1)";
goto error;
}
@@ -5956,7 +5954,7 @@
// check public key
if (key_ec_validate_public(group, server_public) != 0) {
- emsg = "ECDH invalid server public key @ handle_SSH2_ecdh_kex_reply()";
+ emsg = __FUNCTION__ ": invalid server public key";
goto error;
}
// \x8B\xA4\x92ʌ\xAE\x82̐\xB6\x90\xAC
@@ -5963,17 +5961,17 @@
ecdh_len = (EC_GROUP_get_degree(group) + 7) / 8;
ecdh_buf = malloc(ecdh_len);
if (ecdh_buf == NULL) {
- emsg = "Out of memory2 @ handle_SSH2_ecdh_kex_reply()";
+ emsg = __FUNCTION__ ": Out of memory (2)";
goto error;
}
if (ECDH_compute_key(ecdh_buf, ecdh_len, server_public,
pvar->ecdh_client_key, NULL) != (int)ecdh_len) {
- emsg = "Out of memory3 @ handle_SSH2_ecdh_kex_reply()";
+ emsg = __FUNCTION__ ": Out of memory (3)";
goto error;
}
share_key = BN_new();
if (share_key == NULL) {
- emsg = "Out of memory4 @ handle_SSH2_ecdh_kex_reply()";
+ emsg = __FUNCTION__ ": Out of memory (4)";
goto error;
}
// 'share_key'\x82\xAA\x83T\x81[\x83o\x82ƃN\x83\x89\x83C\x83A\x83\x93\x83g\x82ŋ\xA4\x97L\x82\xB7\x82錮\x81iG^A\x81~B mod P\x81j\x82ƂȂ\xE9\x81B
@@ -5982,17 +5980,18 @@
// \x83n\x83b\x83V\x83\x85\x82̌v\x8EZ
/* calc and verify H */
- hash = kex_ecdh_hash(get_kex_algorithm_EVP_MD(pvar->kex_type),
- group,
- pvar->client_version_string,
- pvar->server_version_string,
- buffer_ptr(pvar->my_kex), buffer_len(pvar->my_kex),
- buffer_ptr(pvar->peer_kex), buffer_len(pvar->peer_kex),
- server_host_key_blob, bloblen,
- EC_KEY_get0_public_key(pvar->ecdh_client_key),
- server_public,
- share_key,
- &hashlen);
+ hash = kex_ecdh_hash(
+ get_kex_algorithm_EVP_MD(pvar->kex_type),
+ group,
+ pvar->client_version_string,
+ pvar->server_version_string,
+ buffer_ptr(pvar->my_kex), buffer_len(pvar->my_kex),
+ buffer_ptr(pvar->peer_kex), buffer_len(pvar->peer_kex),
+ server_host_key_blob, bloblen,
+ EC_KEY_get0_public_key(pvar->ecdh_client_key),
+ server_public,
+ share_key,
+ &hashlen);
{
push_memdump("KEX_ECDH_REPLY ecdh_kex_reply", "my_kex", buffer_ptr(pvar->my_kex), buffer_len(pvar->my_kex));