- markus@cvs.openbsd.org 2001/04/04 00:06:54

[clientloop.c sshconnect2.c]
     enable client rekeying
        (1) force rekeying with ~R, or
        (2) if the server requests rekeying.
     works against ssh-2.0.12/2.0.13/2.1.0/2.2.0/2.3.0/2.3.1/2.4.0

ChangeLog

@@ -19,6 +19,12 @@
      need dispatch-callbacks, since application data is delayed until
      the keyexchange completes (if i understand the drafts correctly).
      add some infrastructure for re-keying.
+   - markus@cvs.openbsd.org 2001/04/04 00:06:54
+     [clientloop.c sshconnect2.c]
+     enable client rekeying
+        (1) force rekeying with ~R, or
+        (2) if the server requests rekeying.
+     works against ssh-2.0.12/2.0.13/2.1.0/2.2.0/2.3.0/2.3.1/2.4.0
 
 20010403
  - OpenBSD CVS Sync
@@ -4829,4 +4835,4 @@
  - Wrote replacements for strlcpy and mkdtemp
  - Released 1.0pre1
 
-$Id: ChangeLog,v 1.1052 2001/04/04 02:00:54 mouring Exp $
+$Id: ChangeLog,v 1.1053 2001/04/04 02:03:04 mouring Exp $

clientloop.c

@@ -59,7 +59,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: clientloop.c,v 1.53 2001/03/06 01:08:27 millert Exp $");
+RCSID("$OpenBSD: clientloop.c,v 1.54 2001/04/04 00:06:53 markus Exp $");
 
 #include "ssh.h"
 #include "ssh1.h"
@@ -73,6 +73,7 @@ RCSID("$OpenBSD: clientloop.c,v 1.53 2001/03/06 01:08:27 millert Exp $");
 #include "buffer.h"
 #include "bufaux.h"
 #include "key.h"
+#include "kex.h"
 #include "log.h"
 #include "readconf.h"
 #include "clientloop.h"
@@ -130,6 +131,9 @@ static int connection_out;	/* Connection to server (output). */
 void	client_init_dispatch(void);
 int	session_ident = -1;
 
+/*XXX*/
+extern Kex *xxx_kex;
+
 /* Returns the user\'s terminal to normal mode if it had been put in raw mode. */
 
 void
@@ -548,6 +552,11 @@ process_escapes(Buffer *bin, Buffer *bout, Buffer *berr, char *buf, int len)
 				/* We have been continued. */
 				continue;
 
+			case 'R':
+				debug("Rekeying");
+				kex_send_kexinit(xxx_kex);
+				continue;
+
 			case '&':
 				/* XXX does not work yet with proto 2 */
 				if (compat20)
@@ -762,7 +771,7 @@ client_process_output(fd_set * writeset)
 void
 client_process_buffered_input_packets(void)
 {
-	dispatch_run(DISPATCH_NONBLOCK, &quit_pending, NULL);
+	dispatch_run(DISPATCH_NONBLOCK, &quit_pending, compat20 ? xxx_kex : NULL);
 }
 
 /* scan buf[] for '~' before sending data to the peer */
@@ -1196,7 +1205,10 @@ client_input_channel_req(int type, int plen, void *ctxt)
 void
 client_init_dispatch_20(void)
 {
-	dispatch_init(&dispatch_protocol_error);
+	int i;
+	/* dispatch_init(&dispatch_protocol_error); */
+	for (i = 50; i <= 254; i++)
+		dispatch_set(i, &dispatch_protocol_error);
 	dispatch_set(SSH2_MSG_CHANNEL_CLOSE, &channel_input_oclose);
 	dispatch_set(SSH2_MSG_CHANNEL_DATA, &channel_input_data);
 	dispatch_set(SSH2_MSG_CHANNEL_EOF, &channel_input_ieof);

sshconnect2.c

@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.62 2001/04/03 23:32:12 markus Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.63 2001/04/04 00:06:54 markus Exp $");
 
 #include <openssl/bn.h>
 #include <openssl/md5.h>
@@ -69,6 +69,8 @@ int session_id2_len = 0;
 char *xxx_host;
 struct sockaddr *xxx_hostaddr;
 
+Kex *xxx_kex = NULL;
+
 int
 check_host_key_callback(Key *hostkey)
 {
@@ -114,6 +116,8 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
 	kex->server_version_string=server_version_string;
 	kex->check_host_key=&check_host_key_callback;
 
+	xxx_kex = kex;
+
 	/* start key exchange */
 	dispatch_run(DISPATCH_BLOCK, &kex->newkeys, kex);