66 static int kex_choose_conf(struct ssh *);
328 	struct ssh *ssh = active_state; /* XXX */  in kex_protocol_error()  local
332 	if ((r = sshpkt_start(ssh, SSH2_MSG_UNIMPLEMENTED)) != 0 ||  in kex_protocol_error()
333 	    (r = sshpkt_put_u32(ssh, seq)) != 0 ||  in kex_protocol_error()
334 	    (r = sshpkt_send(ssh)) != 0)  in kex_protocol_error()
340 kex_reset_dispatch(struct ssh *ssh)  in kex_reset_dispatch()  argument
342 	ssh_dispatch_range(ssh, SSH2_MSG_TRANSPORT_MIN,  in kex_reset_dispatch()
347 kex_send_ext_info(struct ssh *ssh)  in kex_send_ext_info()  argument
354 	if ((r = sshpkt_start(ssh, SSH2_MSG_EXT_INFO)) != 0 ||  in kex_send_ext_info()
355 	    (r = sshpkt_put_u32(ssh, 1)) != 0 ||  in kex_send_ext_info()
356 	    (r = sshpkt_put_cstring(ssh, "server-sig-algs")) != 0 ||  in kex_send_ext_info()
357 	    (r = sshpkt_put_cstring(ssh, algs)) != 0 ||  in kex_send_ext_info()
358 	    (r = sshpkt_send(ssh)) != 0)  in kex_send_ext_info()
368 kex_send_newkeys(struct ssh *ssh)  in kex_send_newkeys()  argument
372 	kex_reset_dispatch(ssh);  in kex_send_newkeys()
373 	if ((r = sshpkt_start(ssh, SSH2_MSG_NEWKEYS)) != 0 ||  in kex_send_newkeys()
374 	    (r = sshpkt_send(ssh)) != 0)  in kex_send_newkeys()
378 	ssh_dispatch_set(ssh, SSH2_MSG_NEWKEYS, &kex_input_newkeys);  in kex_send_newkeys()
379 	if (ssh->kex->ext_info_c)  in kex_send_newkeys()
380 		if ((r = kex_send_ext_info(ssh)) != 0)  in kex_send_newkeys()
388 	struct ssh *ssh = ctxt;  in kex_input_ext_info()  local
389 	struct kex *kex = ssh->kex;  in kex_input_ext_info()
395 	ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, &kex_protocol_error);  in kex_input_ext_info()
396 	if ((r = sshpkt_get_u32(ssh, &ninfo)) != 0)  in kex_input_ext_info()
399 		if ((r = sshpkt_get_cstring(ssh, &name, NULL)) != 0)  in kex_input_ext_info()
401 		if ((r = sshpkt_get_cstring(ssh, &val, NULL)) != 0) {  in kex_input_ext_info()
421 	return sshpkt_get_end(ssh);  in kex_input_ext_info()
427 	struct ssh *ssh = ctxt;  in kex_input_newkeys()  local
428 	struct kex *kex = ssh->kex;  in kex_input_newkeys()
432 	ssh_dispatch_set(ssh, SSH2_MSG_NEWKEYS, &kex_protocol_error);  in kex_input_newkeys()
433 	ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_input_kexinit);  in kex_input_newkeys()
434 	if ((r = sshpkt_get_end(ssh)) != 0)  in kex_input_newkeys()
436 	if ((r = ssh_set_newkeys(ssh, MODE_IN)) != 0)  in kex_input_newkeys()
448 kex_send_kexinit(struct ssh *ssh)  in kex_send_kexinit()  argument
451 	struct kex *kex = ssh->kex;  in kex_send_kexinit()
467 	if ((r = sshpkt_start(ssh, SSH2_MSG_KEXINIT)) != 0 ||  in kex_send_kexinit()
468 	    (r = sshpkt_putb(ssh, kex->my)) != 0 ||  in kex_send_kexinit()
469 	    (r = sshpkt_send(ssh)) != 0)  in kex_send_kexinit()
480 	struct ssh *ssh = ctxt;  in kex_input_kexinit()  local
481 	struct kex *kex = ssh->kex;  in kex_input_kexinit()
491 	ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, NULL);  in kex_input_kexinit()
492 	ptr = sshpkt_ptr(ssh, &dlen);  in kex_input_kexinit()
498 		if ((r = sshpkt_get_u8(ssh, NULL)) != 0)  in kex_input_kexinit()
501 		if ((r = sshpkt_get_string(ssh, NULL, NULL)) != 0)  in kex_input_kexinit()
513 	if ((r = sshpkt_get_u8(ssh, NULL)) != 0 ||	/* first_kex_follows */  in kex_input_kexinit()
514 	    (r = sshpkt_get_u32(ssh, NULL)) != 0 ||	/* reserved */  in kex_input_kexinit()
515 	    (r = sshpkt_get_end(ssh)) != 0)  in kex_input_kexinit()
519 		if ((r = kex_send_kexinit(ssh)) != 0)  in kex_input_kexinit()
521 	if ((r = kex_choose_conf(ssh)) != 0)  in kex_input_kexinit()
525 		return (kex->kex[kex->kex_type])(ssh);  in kex_input_kexinit()
531 kex_new(struct ssh *ssh, char *proposal[PROPOSAL_MAX], struct kex **kexp)  in kex_new()  argument
547 	kex_reset_dispatch(ssh);  in kex_new()
548 	ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_input_kexinit);  in kex_new()
617 kex_setup(struct ssh *ssh, char *proposal[PROPOSAL_MAX])  in kex_setup()  argument
621 	if ((r = kex_new(ssh, proposal, &ssh->kex)) != 0)  in kex_setup()
623 	if ((r = kex_send_kexinit(ssh)) != 0) {		/* we start */  in kex_setup()
624 		kex_free(ssh->kex);  in kex_setup()
625 		ssh->kex = NULL;  in kex_setup()
636 kex_start_rekex(struct ssh *ssh)  in kex_start_rekex()  argument
638 	if (ssh->kex == NULL) {  in kex_start_rekex()
642 	if (ssh->kex->done == 0) {  in kex_start_rekex()
646 	ssh->kex->done = 0;  in kex_start_rekex()
647 	return kex_send_kexinit(ssh);  in kex_start_rekex()
672 choose_mac(struct ssh *ssh, struct sshmac *mac, char *client, char *server)  in choose_mac()  argument
683 	if (ssh->compat & SSH_BUG_HMAC)  in choose_mac()
771 kex_choose_conf(struct ssh *ssh)  in kex_choose_conf()  argument
773 	struct kex *kex = ssh->kex;  in kex_choose_conf()
838 		    (r = choose_mac(ssh, &newkeys->mac, cprop[nmac],  in kex_choose_conf()
874 	    !(ssh->compat & SSH_BUG_FIRSTKEX))  in kex_choose_conf()
875 		ssh->dispatch_skip_packets = 1;  in kex_choose_conf()
884 derive_key(struct ssh *ssh, int id, u_int need, u_char *hash, u_int hashlen,  in derive_key()  argument
887 	struct kex *kex = ssh->kex;  in derive_key()
948 kex_derive_keys(struct ssh *ssh, u_char *hash, u_int hashlen,  in kex_derive_keys()  argument
951 	struct kex *kex = ssh->kex;  in kex_derive_keys()
957 		if ((r = derive_key(ssh, 'A'+i, kex->we_need, hash, hashlen,  in kex_derive_keys()
976 kex_derive_keys_bn(struct ssh *ssh, u_char *hash, u_int hashlen,  in kex_derive_keys_bn()  argument
985 		r = kex_derive_keys(ssh, hash, hashlen, shared_secret);  in kex_derive_keys_bn()