Inicio Explorar Axuda
Rexistro Iniciar sesión
publics
/
crypto
0
0
Fork 0
Ficheiros Incidencias 0 Pull Requests 0 Wiki
Explorar o código

go.crypto/ssh: in {Server,Client}Conn, read session ID from
transport layer.

R=agl, dave
CC=golang-dev
https://golang.org/cl/15870044

Han-Wen Nienhuys %!s(int64=12) %!d(string=hai) anos
pai
c0d640c887
achega
34df1ce598
Modificáronse 3 ficheiros con 6 adicións e 6 borrados
Unificar vista Mostrar estatísticas de Diff
  1. 1 1
      ssh/client.go
  2. 2 2
      ssh/client_auth.go
  3. 3 3
      ssh/server.go

+ 1 - 1
ssh/client.go
Ver ficheiro 

@@ -152,7 +152,7 @@ func (c *ClientConn) handshake() error {
 
 	if packet[0] != msgNewKeys {
 
 	if packet[0] != msgNewKeys {
 
 		return UnexpectedMessageError{msgNewKeys, packet[0]}
 
 		return UnexpectedMessageError{msgNewKeys, packet[0]}
 
 	}
 
 	}
 
-	return c.authenticate(result.H)
 
+	return c.authenticate()
 
 }
 
 }
 
 
 
 // Verify the host key obtained in the key exchange.
 
 // Verify the host key obtained in the key exchange.

+ 2 - 2
ssh/client_auth.go
Ver ficheiro 

@@ -12,7 +12,7 @@ import (
 
 )
 
 )
 
 
 
 // authenticate authenticates with the remote server. See RFC 4252.
 
 // authenticate authenticates with the remote server. See RFC 4252.
 
-func (c *ClientConn) authenticate(session []byte) error {
 
+func (c *ClientConn) authenticate() error {
 
 	// initiate user auth session
 
 	// initiate user auth session
 
 	if err := c.transport.writePacket(marshal(msgServiceRequest, serviceRequestMsg{serviceUserAuth})); err != nil {
 
 	if err := c.transport.writePacket(marshal(msgServiceRequest, serviceRequestMsg{serviceUserAuth})); err != nil {
 
 		return err
 
 		return err
 
@@ -29,7 +29,7 @@ func (c *ClientConn) authenticate(session []byte) error {
 
 	// then any untried methods suggested by the server.
 
 	// then any untried methods suggested by the server.
 
 	tried, remain := make(map[string]bool), make(map[string]bool)
 
 	tried, remain := make(map[string]bool), make(map[string]bool)
 
 	for auth := ClientAuth(new(noneAuth)); auth != nil; {
 
 	for auth := ClientAuth(new(noneAuth)); auth != nil; {
 
-		ok, methods, err := auth.auth(session, c.config.User, c.transport, c.config.rand())
 
+		ok, methods, err := auth.auth(c.transport.sessionID, c.config.User, c.transport, c.config.rand())
 
 		if err != nil {
 
 		if err != nil {
 
 			return err
 
 			return err
 
 		}
 
 		}

+ 3 - 3
ssh/server.go
Ver ficheiro 

@@ -186,7 +186,7 @@ func (s *ServerConn) Handshake() error {
 
 		return err
 
 		return err
 
 	}
 
 	}
 
 
 
-	if err := s.authenticate(s.transport.sessionID); err != nil {
 
+	if err := s.authenticate(); err != nil {
 
 		return err
 
 		return err
 
 	}
 
 	}
 
 	return err
 
 	return err
 
@@ -310,7 +310,7 @@ func (s *ServerConn) testPubKey(user, algo string, pubKey []byte) bool {
 
 	return result
 
 	return result
 
 }
 
 }
 
 
 
-func (s *ServerConn) authenticate(H []byte) error {
 
+func (s *ServerConn) authenticate() error {
 
 	var userAuthReq userAuthRequestMsg
 
 	var userAuthReq userAuthRequestMsg
 
 	var err error
 
 	var err error
 
 	var packet []byte
 
 	var packet []byte
 
@@ -409,7 +409,7 @@ userAuthLoop:
 
 				if !isAcceptableAlgo(algo) || !isAcceptableAlgo(sig.Format) || pubAlgoToPrivAlgo(algo) != sig.Format {
 
 				if !isAcceptableAlgo(algo) || !isAcceptableAlgo(sig.Format) || pubAlgoToPrivAlgo(algo) != sig.Format {
 
 					break
 
 					break
 
 				}
 
 				}
 
-				signedData := buildDataSignedForAuth(H, userAuthReq, algoBytes, pubKey)
 
+				signedData := buildDataSignedForAuth(s.transport.sessionID, userAuthReq, algoBytes, pubKey)
 
 				key, _, ok := ParsePublicKey(pubKey)
 
 				key, _, ok := ParsePublicKey(pubKey)
 
 				if !ok {
 
 				if !ok {
 
 					return ParseError{msgUserAuthRequest}
 
 					return ParseError{msgUserAuthRequest}