Commit 8478d556 authored by Han-Wen Nienhuys's avatar Han-Wen Nienhuys

go.crypto/ssh: in {Server,Client}Conn, read session ID from

transport layer.

R=agl, dave
CC=golang-dev
https://codereview.appspot.com/15870044

Committer: Adam Langley <agl@golang.org>
parent a2a307ee
......@@ -152,7 +152,7 @@ func (c *ClientConn) handshake() error {
if packet[0] != msgNewKeys {
return UnexpectedMessageError{msgNewKeys, packet[0]}
}
return c.authenticate(result.H)
return c.authenticate()
}
// Verify the host key obtained in the key exchange.
......
......@@ -12,7 +12,7 @@ import (
)
// authenticate authenticates with the remote server. See RFC 4252.
func (c *ClientConn) authenticate(session []byte) error {
func (c *ClientConn) authenticate() error {
// initiate user auth session
if err := c.transport.writePacket(marshal(msgServiceRequest, serviceRequestMsg{serviceUserAuth})); err != nil {
return err
......@@ -29,7 +29,7 @@ func (c *ClientConn) authenticate(session []byte) error {
// then any untried methods suggested by the server.
tried, remain := make(map[string]bool), make(map[string]bool)
for auth := ClientAuth(new(noneAuth)); auth != nil; {
ok, methods, err := auth.auth(session, c.config.User, c.transport, c.config.rand())
ok, methods, err := auth.auth(c.transport.sessionID, c.config.User, c.transport, c.config.rand())
if err != nil {
return err
}
......
......@@ -186,7 +186,7 @@ func (s *ServerConn) Handshake() error {
return err
}
if err := s.authenticate(s.transport.sessionID); err != nil {
if err := s.authenticate(); err != nil {
return err
}
return err
......@@ -310,7 +310,7 @@ func (s *ServerConn) testPubKey(user, algo string, pubKey []byte) bool {
return result
}
func (s *ServerConn) authenticate(H []byte) error {
func (s *ServerConn) authenticate() error {
var userAuthReq userAuthRequestMsg
var err error
var packet []byte
......@@ -409,7 +409,7 @@ userAuthLoop:
if !isAcceptableAlgo(algo) || !isAcceptableAlgo(sig.Format) || pubAlgoToPrivAlgo(algo) != sig.Format {
break
}
signedData := buildDataSignedForAuth(H, userAuthReq, algoBytes, pubKey)
signedData := buildDataSignedForAuth(s.transport.sessionID, userAuthReq, algoBytes, pubKey)
key, _, ok := ParsePublicKey(pubKey)
if !ok {
return ParseError{msgUserAuthRequest}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment