5322N/A * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. 5322N/A * Redistribution and use in source and binary forms, with or without 5322N/A * modification, are permitted provided that the following conditions 5322N/A * 1. Redistributions of source code must retain the above copyright 5322N/A * notice, this list of conditions and the following disclaimer. 5322N/A * 2. Redistributions in binary form must reproduce the above copyright 5322N/A * notice, this list of conditions and the following disclaimer in the 5322N/A * documentation and/or other materials provided with the distribution. 5322N/A * THIS SOFTWARE IS PROVIDED BY THE AUTHOR `AS IS'' AND ANY EXPRESS OR 5322N/A * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 5322N/A * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 5322N/A * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 5322N/A * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 5322N/A * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 5322N/A * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 5322N/A * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 5322N/A * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 5322N/A * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 5322N/A * In version 6.8 a new packet interface has been introduced to OpenSSH, 5322N/A * At this moment we are not rewritting GSS-API key exchange code to the new 5322N/A * API, just adjusting it to still work with new struct ssh. 5322N/A * Rewritting to the new API can be considered in the future. 5322N/A /* Initialise our GSSAPI world */ 5322N/A fatal(
"GSSGRP_GEX group out of range: %d !< %d !< %d",
5322N/A /* Step 1 - e is dh->pub_key */ 5322N/A /* This is f, we initialise it now to make life easier */ 5322N/A /* If we've got an old receive buffer get rid of it */ 5322N/A /* If mutual state flag is not true, kex fails */ 5322N/A /* If integ avail flag is not true kex fails */ 5322N/A * If we have data to send, then the last message that we 5322N/A * received cannot have been a 'complete'. 5322N/A /* If we've sent them data, they should reply */ 5322N/A /* Is there a token included? */ 5322N/A /* If complete - protocol error */ 5322N/A /* No data, and not complete */ 5322N/A * We _must_ have received a COMPLETE message in reply from the 5322N/A * server, which will have set dh_server_pub and msg_tok 5322N/A fatal(
"Didn't receive SSH2_MSG_KEXGSS_COMPLETE when expected");
5322N/A /* Check f in range [1, p-1] */ 5322N/A /* Verify that the hash matches the MIC we just got. */