summaryrefslogtreecommitdiff
path: root/src/protocol/internal/fqterm_ssh2_kex.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/protocol/internal/fqterm_ssh2_kex.cpp')
-rw-r--r--src/protocol/internal/fqterm_ssh2_kex.cpp33
1 files changed, 27 insertions, 6 deletions
diff --git a/src/protocol/internal/fqterm_ssh2_kex.cpp b/src/protocol/internal/fqterm_ssh2_kex.cpp
index 906acca..570c29f 100644
--- a/src/protocol/internal/fqterm_ssh2_kex.cpp
+++ b/src/protocol/internal/fqterm_ssh2_kex.cpp
@@ -167,8 +167,32 @@ bool FQTermSSH2Kex::negotiateAlgorithms() {
}
packet_receiver_->cipher = s2c(0);
+ // mac algo c2s
+ size_t m_c2s_len = packet_receiver_->getInt();
+ char m_c2s[m_c2s_len+1];
+ packet_receiver_->getRawData(m_c2s, m_c2s_len);
+ m_c2s[m_c2s_len] = '\0';
+ const struct ssh_mac_t * mac_c2s = search_mac(m_c2s);
+ if (mac_c2s == NULL) {
+ emit kexError(tr("No matching c2s MAC algorithms!"));
+ return false;
+ }
+ packet_sender_->mac = mac_c2s->new_mac(mac_c2s);
+
+ // mac algo s2c
+ size_t m_s2c_len = packet_receiver_->getInt();
+ char m_s2c[m_s2c_len+1];
+ packet_receiver_->getRawData(m_s2c, m_s2c_len);
+ m_s2c[m_s2c_len] = '\0';
+ const struct ssh_mac_t * mac_s2c = search_mac(m_s2c);
+ if (mac_s2c == NULL) {
+ emit kexError(tr("No matching s2c MAC algorithms!"));
+ return false;
+ }
+ packet_receiver_->mac = mac_s2c->new_mac(mac_s2c);
+
std::vector<char> name_lists;
- for (int i = 4; i < 10; ++i) {
+ for (int i = 6; i < 10; ++i) {
int name_lists_len = packet_receiver_->getInt();
if (name_lists_len > 0) {
name_lists.resize(name_lists_len);
@@ -191,8 +215,8 @@ bool FQTermSSH2Kex::negotiateAlgorithms() {
packet_sender_->putString("ssh-rsa");
packet_sender_->putString(all_ciphers_list);
packet_sender_->putString(all_ciphers_list);
- packet_sender_->putString("hmac-sha1");
- packet_sender_->putString("hmac-sha1");
+ packet_sender_->putString(all_macs_list);
+ packet_sender_->putString(all_macs_list);
packet_sender_->putString("none");
packet_sender_->putString("none");
packet_sender_->putString("");
@@ -330,9 +354,6 @@ bool FQTermSSH2Kex::changeKeyAlg() {
memcpy(session_id_, H_, dh->digest.hashlen);
}
- packet_sender_->setMacType(FQTERM_SSH_HMAC_SHA1);
- packet_receiver_->setMacType(FQTERM_SSH_HMAC_SHA1);
-
// From RFC 4253 section 7.2:
// Initial IV client to server: HASH(K || H || "A" || session_id)
// (Here K is encoded as mpint and "A" as byte and session_id as raw
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-11 00:03:28 +0000