diff options
| author | Hans Nilsson <[email protected]> | 2015-11-27 15:05:57 +0100 |
|---|---|---|
| committer | Hans Nilsson <[email protected]> | 2015-11-27 15:05:57 +0100 |
| commit | 8574c1ad8dd5ae8b4d7234fd97f1c33c71710ab0 (patch) | |
| tree | 7cb438b493177c8ab6d7d0ad730dbf0ae6626a08 /lib/ssh/src/ssh_transport.erl | |
| parent | b916edc72a8eb82068229222abde1b9ff43dbad2 (diff) | |
| parent | c24a4bf84029d06cc79f49634684cd6d2eeafb62 (diff) | |
| download | otp-8574c1ad8dd5ae8b4d7234fd97f1c33c71710ab0.tar.gz otp-8574c1ad8dd5ae8b4d7234fd97f1c33c71710ab0.tar.bz2 otp-8574c1ad8dd5ae8b4d7234fd97f1c33c71710ab0.zip | |
Merge branch 'maint-18' into maint
* maint-18:
Updated OTP version
Update release notes
ssh: vsn.mk updated
ssh: New test cases for SSH_MSG_KEX_DH_GEX_REQUEST_OLD
ssh: update existing testcases
ssh: Improve group selection
ssh: implemented server side SSH_MSG_KEX_DH_GEX_REQUEST_OLD for putty client
Conflicts:
lib/ssh/src/ssh_transport.erl
lib/ssh/test/ssh_protocol_SUITE.erl
lib/ssh/vsn.mk
Diffstat (limited to 'lib/ssh/src/ssh_transport.erl')
| -rw-r--r-- | lib/ssh/src/ssh_transport.erl | 40 |
1 files changed, 38 insertions, 2 deletions
diff --git a/lib/ssh/src/ssh_transport.erl b/lib/ssh/src/ssh_transport.erl index 041e86bae1..67a0d29bb8 100644 --- a/lib/ssh/src/ssh_transport.erl +++ b/lib/ssh/src/ssh_transport.erl @@ -433,6 +433,40 @@ handle_kex_dh_gex_request(#ssh_msg_kex_dh_gex_request{min = Min0, language = ""}) end; +handle_kex_dh_gex_request(#ssh_msg_kex_dh_gex_request_old{n = NBits}, + Ssh0=#ssh{opts=Opts}) -> + %% server + %% + %% This message was in the draft-00 of rfc4419 + %% (https://tools.ietf.org/html/draft-ietf-secsh-dh-group-exchange-00) + %% In later drafts and the rfc is "is used for backward compatibility". + %% Unfortunatly the rfc does not specify how to treat the parameter n + %% if there is no group of that modulus length :( + %% The draft-00 however specifies that n is the "... number of bits + %% the subgroup should have at least". + %% Further, it says that "Servers and clients SHOULD support groups + %% with a modulus length of k bits, where 1024 <= k <= 8192." + %% + Min0 = NBits, + Max0 = 8192, + {Min, Max} = adjust_gex_min_max(Min0, Max0, Opts), + case public_key:dh_gex_group(Min, NBits, Max, + proplists:get_value(dh_gex_groups,Opts)) of + {ok, {_Sz, {G,P}}} -> + {Public, Private} = generate_key(dh, [P,G]), + {SshPacket, Ssh} = + ssh_packet(#ssh_msg_kex_dh_gex_group{p = P, g = G}, Ssh0), + {ok, SshPacket, + Ssh#ssh{keyex_key = {{Private, Public}, {G, P}}, + keyex_info = {-1, -1, NBits} % flag for kex_h hash calc + }}; + {error,_} -> + throw(#ssh_msg_disconnect{ + code = ?SSH_DISCONNECT_PROTOCOL_ERROR, + description = "No possible diffie-hellman-group-exchange group found", + language = ""}) + end; + handle_kex_dh_gex_request(_, _) -> throw({{error,bad_ssh_msg_kex_dh_gex_request}, #ssh_msg_disconnect{ @@ -1571,8 +1605,11 @@ kex_h(SSH, Curve, Key, Q_c, Q_s, K) -> crypto:hash(sha(Curve), L). kex_h(SSH, Key, Min, NBits, Max, Prime, Gen, E, F, K) -> + KeyBin = public_key:ssh_encode(Key, ssh2_pubkey), L = if Min==-1; Max==-1 -> - KeyBin = public_key:ssh_encode(Key, ssh2_pubkey), + %% flag from 'ssh_msg_kex_dh_gex_request_old' + %% It was like this before that message was supported, + %% why? Ts = [string,string,binary,binary,binary, uint32, mpint,mpint,mpint,mpint,mpint], @@ -1581,7 +1618,6 @@ kex_h(SSH, Key, Min, NBits, Max, Prime, Gen, E, F, K) -> KeyBin, NBits, Prime, Gen, E,F,K], Ts); true -> - KeyBin = public_key:ssh_encode(Key, ssh2_pubkey), Ts = [string,string,binary,binary,binary, uint32,uint32,uint32, mpint,mpint,mpint,mpint,mpint], |