| 5262 |
static BOOL handle_SSH2_dh_gex_group(PTInstVar pvar) |
static BOOL handle_SSH2_dh_gex_group(PTInstVar pvar) |
| 5263 |
{ |
{ |
| 5264 |
char *data; |
char *data; |
| 5265 |
int len; |
int len, grp_bits; |
| 5266 |
BIGNUM *p = NULL, *g = NULL; |
BIGNUM *p = NULL, *g = NULL; |
| 5267 |
DH *dh = NULL; |
DH *dh = NULL; |
| 5268 |
buffer_t *msg = NULL; |
buffer_t *msg = NULL; |
| 5269 |
unsigned char *outmsg; |
unsigned char *outmsg; |
| 5270 |
|
char tmpbuf[256]; |
| 5271 |
|
|
| 5272 |
notify_verbose_message(pvar, "SSH2_MSG_KEX_DH_GEX_GROUP was received.", LOG_LEVEL_VERBOSE); |
notify_verbose_message(pvar, "SSH2_MSG_KEX_DH_GEX_GROUP was received.", LOG_LEVEL_VERBOSE); |
| 5273 |
|
|
| 5284 |
buffer_get_bignum2(&data, p); // 素数の取得 |
buffer_get_bignum2(&data, p); // 素数の取得 |
| 5285 |
buffer_get_bignum2(&data, g); // 生成元の取得 |
buffer_get_bignum2(&data, g); // 生成元の取得 |
| 5286 |
|
|
| 5287 |
|
grp_bits = BN_num_bits(p); |
| 5288 |
|
_snprintf_s(tmpbuf, sizeof(tmpbuf), _TRUNCATE, "DH-GEX: Request: %d / %d / %d, Received: %d", |
| 5289 |
|
pvar->kexgex_min, pvar->kexgex_bits, pvar->kexgex_max, BN_num_bits(p)); |
| 5290 |
|
notify_verbose_message(pvar, tmpbuf, LOG_LEVEL_VERBOSE); |
| 5291 |
|
|
| 5292 |
|
// |
| 5293 |
|
// (1) < GEX_GRP_MINSIZE <= (2) < kexgex_min <= (3) < kexgex_bits <= (4) <= kexgex_max < (5) <= GEX_GRP_MAXSIZE < (6) |
| 5294 |
|
// |
| 5295 |
|
if (grp_bits < GEX_GRP_MINSIZE || grp_bits > GEX_GRP_MAXSIZE) { |
| 5296 |
|
// (1), (6) プロトコルで認められている範囲(1024 <= grp_bits <= 8192)の外。強制切断。 |
| 5297 |
|
_snprintf_s(tmpbuf, sizeof(tmpbuf), _TRUNCATE, |
| 5298 |
|
"Received group size out of range: %d", grp_bits); |
| 5299 |
|
notify_fatal_error(pvar, tmpbuf, FALSE); |
| 5300 |
|
goto error; |
| 5301 |
|
} |
| 5302 |
|
else if (grp_bits < pvar->kexgex_min) { |
| 5303 |
|
// (2) プロトコルで認められている範囲内だが、こちらの設定した最小値より小さい。確認ダイアログを出す。 |
| 5304 |
|
_snprintf_s(tmpbuf, sizeof(tmpbuf), _TRUNCATE, |
| 5305 |
|
"DH-GEX: grp_bits(%d) < kexgex_min(%d)", grp_bits, pvar->kexgex_min); |
| 5306 |
|
notify_verbose_message(pvar, tmpbuf, LOG_LEVEL_WARNING); |
| 5307 |
|
_snprintf_s(tmpbuf, sizeof(tmpbuf), _TRUNCATE, |
| 5308 |
|
"Received group size is smaller than requested minimal.\nrequested: %d, received:%d\nAccept this?", |
| 5309 |
|
pvar->kexgex_min, grp_bits); |
| 5310 |
|
} |
| 5311 |
|
else if (grp_bits < pvar->kexgex_bits) { |
| 5312 |
|
// (3) 要求の最小値は満たすが、要求値よりは小さい。確認ダイアログ。 |
| 5313 |
|
_snprintf_s(tmpbuf, sizeof(tmpbuf), _TRUNCATE, |
| 5314 |
|
"DH-GEX: grp_bits(%d) < kexgex_bits(%d)", grp_bits, pvar->kexgex_bits); |
| 5315 |
|
notify_verbose_message(pvar, tmpbuf, LOG_LEVEL_WARNING); |
| 5316 |
|
_snprintf_s(tmpbuf, sizeof(tmpbuf), _TRUNCATE, |
| 5317 |
|
"Received group size is smaller than requested.\nrequested: %d, received: %d\nAccept this?", |
| 5318 |
|
pvar->kexgex_bits, grp_bits); |
| 5319 |
|
} |
| 5320 |
|
else if (grp_bits <= pvar->kexgex_max) { |
| 5321 |
|
// (4) 要求値以上、かつ要求の最大値以下。問題なし。 |
| 5322 |
|
tmpbuf[0] = 0; // no message |
| 5323 |
|
} |
| 5324 |
|
else { |
| 5325 |
|
// (5) こちらの設定した最大値より大きい。確認ダイアログを出す。 |
| 5326 |
|
// ただし現状では kexgex_max == GEX_GRP_MAXSIZE(8192) である為この状況になる事は無い。 |
| 5327 |
|
_snprintf_s(tmpbuf, sizeof(tmpbuf), _TRUNCATE, |
| 5328 |
|
"DH-GEX: grp_bits(%d) > kexgex_max(%d)", grp_bits, pvar->kexgex_max); |
| 5329 |
|
notify_verbose_message(pvar, tmpbuf, LOG_LEVEL_WARNING); |
| 5330 |
|
_snprintf_s(tmpbuf, sizeof(tmpbuf), _TRUNCATE, |
| 5331 |
|
"Received group size is larger than requested maximal.\nrequested: %d, received: %d\nAccept this?", |
| 5332 |
|
pvar->kexgex_max, grp_bits); |
| 5333 |
|
} |
| 5334 |
|
|
| 5335 |
|
if (tmpbuf[0] != 0) { |
| 5336 |
|
if (MessageBox(NULL, tmpbuf, "TTSSH: confirm GEX group size", MB_YESNO | MB_ICONERROR) == IDNO) { |
| 5337 |
|
notify_fatal_error(pvar, "connection canceled.", FALSE); |
| 5338 |
|
goto error; |
| 5339 |
|
} |
| 5340 |
|
} |
| 5341 |
|
|
| 5342 |
dh = DH_new(); |
dh = DH_new(); |
| 5343 |
if (dh == NULL) |
if (dh == NULL) |
| 5344 |
goto error; |
goto error; |
Tera Term
Parent Directory
Revision Log
Patch