ClearML/dropbear
1
0
Fork 0
mirror of https://github.com/clearml/dropbear synced 2025-02-12 07:25:30 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Refer to RFCs rather than drafts, update some section references

Browse Source 
--HG--
extra : convert_revision : b5c5c88e702f427b9d5e8c592e2b7e1bda204ff3
This commit is contained in:
Matt Johnston 2011-02-27 13:57:32 +00:00
parent 9d9a8ff735
commit 3c42c5407c
4 changed files with 7 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
common-kex.c
View File

@ -272,8 +272,8 @@ static void hashkeys(unsigned char *out, int outlen,
} }
/* Generate the actual encryption/integrity keys, using the results of the /* Generate the actual encryption/integrity keys, using the results of the
* key exchange, as specified in section 5.2 of the IETF secsh-transport * key exchange, as specified in section 7.2 of the transport rfc 4253.
* draft. This occurs after the DH key-exchange. * This occurs after the DH key-exchange.
* *
* ses.newkeys is the new set of keys which are generated, these are only * ses.newkeys is the new set of keys which are generated, these are only
* taken into use after both sides have sent a newkeys message */ * taken into use after both sides have sent a newkeys message */
@ -532,7 +532,7 @@ static void load_dh_p(mp_int * dh_p)
} }
/* Initialises and generate one side of the diffie-hellman key exchange values. /* Initialises and generate one side of the diffie-hellman key exchange values.
* See the ietf-secsh-transport draft, section 6, for details */ * See the transport rfc 4253 section 8 for details */
/* dh_pub and dh_priv MUST be already initialised */ /* dh_pub and dh_priv MUST be already initialised */
void gen_kexdh_vals(mp_int *dh_pub, mp_int *dh_priv) { void gen_kexdh_vals(mp_int *dh_pub, mp_int *dh_priv) {

2
dropbearkey.c
View File

@ -23,7 +23,7 @@
* SOFTWARE. */ * SOFTWARE. */
/* The format of the keyfiles is basically a raw dump of the buffer. Data types /* The format of the keyfiles is basically a raw dump of the buffer. Data types
* are specified in the transport draft - string is a 32-bit len then the * are specified in the transport rfc 4253 - string is a 32-bit len then the
* non-null-terminated string, mp_int is a 32-bit len then the bignum data. * non-null-terminated string, mp_int is a 32-bit len then the bignum data.
* The actual functions are buf_put_rsa_priv_key() and buf_put_dss_priv_key() * The actual functions are buf_put_rsa_priv_key() and buf_put_dss_priv_key()

2
svr-kex.c
View File

@ -70,7 +70,7 @@ void recv_msg_kexdh_init() {
* that, the session hash is calculated, and signed with RSA or DSS. The * that, the session hash is calculated, and signed with RSA or DSS. The
* result is sent to the client. * result is sent to the client.
* *
* See the ietf-secsh-transport draft, section 6, for details */ * See the transport rfc 4253 section 8 for details */
static void send_msg_kexdh_reply(mp_int *dh_e) { static void send_msg_kexdh_reply(mp_int *dh_e) {
DEF_MP_INT(dh_y); DEF_MP_INT(dh_y);

3
sysoptions.h
View File

@ -99,6 +99,7 @@
#define MAX_PROPOSED_ALGO 20 #define MAX_PROPOSED_ALGO 20
/* size/count limits */ /* size/count limits */
/* From transport rfc */
#define MIN_PACKET_LEN 16 #define MIN_PACKET_LEN 16
#define RECV_MAX_PACKET_LEN (MAX(35000, ((RECV_MAX_PAYLOAD_LEN)+100))) #define RECV_MAX_PACKET_LEN (MAX(35000, ((RECV_MAX_PAYLOAD_LEN)+100)))
@ -123,7 +124,7 @@
#define MAX_PRIVKEY_SIZE 1700 #define MAX_PRIVKEY_SIZE 1700
/* The maximum size of the bignum portion of the kexhash buffer */ /* The maximum size of the bignum portion of the kexhash buffer */
/* Sect. 8 of the transport draft, K_S + e + f + K */ /* Sect. 8 of the transport rfc 4253, K_S + e + f + K */
#define KEXHASHBUF_MAX_INTS (1700 + 130 + 130 + 130) #define KEXHASHBUF_MAX_INTS (1700 + 130 + 130 + 130)
#define DROPBEAR_MAX_SOCKS 2 /* IPv4, IPv6 are all we'll get for now. Revisit #define DROPBEAR_MAX_SOCKS 2 /* IPv4, IPv6 are all we'll get for now. Revisit