Commit 8478d556 authored by Han-Wen Nienhuys's avatar Han-Wen Nienhuys

go.crypto/ssh: in {Server,Client}Conn, read session ID from

transport layer.

R=agl, dave
CC=golang-dev
https://codereview.appspot.com/15870044

Committer: Adam Langley <agl@golang.org>
parent a2a307ee
...@@ -152,7 +152,7 @@ func (c *ClientConn) handshake() error { ...@@ -152,7 +152,7 @@ func (c *ClientConn) handshake() error {
if packet[0] != msgNewKeys { if packet[0] != msgNewKeys {
return UnexpectedMessageError{msgNewKeys, packet[0]} return UnexpectedMessageError{msgNewKeys, packet[0]}
} }
return c.authenticate(result.H) return c.authenticate()
} }
// Verify the host key obtained in the key exchange. // Verify the host key obtained in the key exchange.
......
...@@ -12,7 +12,7 @@ import ( ...@@ -12,7 +12,7 @@ import (
) )
// authenticate authenticates with the remote server. See RFC 4252. // authenticate authenticates with the remote server. See RFC 4252.
func (c *ClientConn) authenticate(session []byte) error { func (c *ClientConn) authenticate() error {
// initiate user auth session // initiate user auth session
if err := c.transport.writePacket(marshal(msgServiceRequest, serviceRequestMsg{serviceUserAuth})); err != nil { if err := c.transport.writePacket(marshal(msgServiceRequest, serviceRequestMsg{serviceUserAuth})); err != nil {
return err return err
...@@ -29,7 +29,7 @@ func (c *ClientConn) authenticate(session []byte) error { ...@@ -29,7 +29,7 @@ func (c *ClientConn) authenticate(session []byte) error {
// then any untried methods suggested by the server. // then any untried methods suggested by the server.
tried, remain := make(map[string]bool), make(map[string]bool) tried, remain := make(map[string]bool), make(map[string]bool)
for auth := ClientAuth(new(noneAuth)); auth != nil; { for auth := ClientAuth(new(noneAuth)); auth != nil; {
ok, methods, err := auth.auth(session, c.config.User, c.transport, c.config.rand()) ok, methods, err := auth.auth(c.transport.sessionID, c.config.User, c.transport, c.config.rand())
if err != nil { if err != nil {
return err return err
} }
......
...@@ -186,7 +186,7 @@ func (s *ServerConn) Handshake() error { ...@@ -186,7 +186,7 @@ func (s *ServerConn) Handshake() error {
return err return err
} }
if err := s.authenticate(s.transport.sessionID); err != nil { if err := s.authenticate(); err != nil {
return err return err
} }
return err return err
...@@ -310,7 +310,7 @@ func (s *ServerConn) testPubKey(user, algo string, pubKey []byte) bool { ...@@ -310,7 +310,7 @@ func (s *ServerConn) testPubKey(user, algo string, pubKey []byte) bool {
return result return result
} }
func (s *ServerConn) authenticate(H []byte) error { func (s *ServerConn) authenticate() error {
var userAuthReq userAuthRequestMsg var userAuthReq userAuthRequestMsg
var err error var err error
var packet []byte var packet []byte
...@@ -409,7 +409,7 @@ userAuthLoop: ...@@ -409,7 +409,7 @@ userAuthLoop:
if !isAcceptableAlgo(algo) || !isAcceptableAlgo(sig.Format) || pubAlgoToPrivAlgo(algo) != sig.Format { if !isAcceptableAlgo(algo) || !isAcceptableAlgo(sig.Format) || pubAlgoToPrivAlgo(algo) != sig.Format {
break break
} }
signedData := buildDataSignedForAuth(H, userAuthReq, algoBytes, pubKey) signedData := buildDataSignedForAuth(s.transport.sessionID, userAuthReq, algoBytes, pubKey)
key, _, ok := ParsePublicKey(pubKey) key, _, ok := ParsePublicKey(pubKey)
if !ok { if !ok {
return ParseError{msgUserAuthRequest} return ParseError{msgUserAuthRequest}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment