diff options
author | Christian Kandeler <christian.kandeler@nokia.com> | 2011-04-19 14:39:32 +0200 |
---|---|---|
committer | Christian Kandeler <christian.kandeler@nokia.com> | 2011-04-19 14:40:40 +0200 |
commit | cca52b6d309a66509e36a831d75b0c6afaa3dccd (patch) | |
tree | 4daa7a43cdcad0e77ac592b0b39ab34af5cf97d1 /src/libs/utils/ssh/sshconnection.cpp | |
parent | 8e5797bbd4006361e4cc1b725b4cce4899116132 (diff) | |
download | qt-creator-cca52b6d309a66509e36a831d75b0c6afaa3dccd.tar.gz |
SSH: Tighter state checking during key exchange.
This will also make it easier for us to initiate a re-exchange
if we ever want to implement that.
Diffstat (limited to 'src/libs/utils/ssh/sshconnection.cpp')
-rw-r--r-- | src/libs/utils/ssh/sshconnection.cpp | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/src/libs/utils/ssh/sshconnection.cpp b/src/libs/utils/ssh/sshconnection.cpp index 93302b81cf..9d90b8d39a 100644 --- a/src/libs/utils/ssh/sshconnection.cpp +++ b/src/libs/utils/ssh/sshconnection.cpp @@ -342,6 +342,7 @@ void SshConnectionPrivate::handleServerId() m_keyExchange.reset(new SshKeyExchange(m_sendFacility)); m_serverId = m_incomingData.left(endOffset); m_keyExchange->sendKexInitPacket(m_serverId); + m_keyExchangeState = KexInitSent; m_incomingData.remove(0, endOffset + 2); } @@ -358,7 +359,7 @@ void SshConnectionPrivate::handlePackets() void SshConnectionPrivate::handleCurrentPacket() { Q_ASSERT(m_incomingPacket.isComplete()); - Q_ASSERT(m_keyExchangeState == KeyExchangeStarted || !m_ignoreNextPacket); + Q_ASSERT(m_keyExchangeState == DhInitSent || !m_ignoreNextPacket); if (m_ignoreNextPacket) { m_ignoreNextPacket = false; @@ -381,14 +382,15 @@ void SshConnectionPrivate::handleCurrentPacket() void SshConnectionPrivate::handleKeyExchangeInitPacket() { - if (m_keyExchangeState != NoKeyExchange) { + if (m_keyExchangeState != NoKeyExchange + && m_keyExchangeState != KexInitSent) { throw SshServerException(SSH_DISCONNECT_PROTOCOL_ERROR, "Unexpected packet.", tr("Unexpected packet of type %1.") .arg(m_incomingPacket.type())); } // Server-initiated re-exchange. - if (m_state == ConnectionEstablished) { + if (m_keyExchangeState == NoKeyExchange) { m_keyExchange.reset(new SshKeyExchange(m_sendFacility)); m_keyExchange->sendKexInitPacket(m_serverId); } @@ -400,12 +402,12 @@ void SshConnectionPrivate::handleKeyExchangeInitPacket() m_ignoreNextPacket = true; } - m_keyExchangeState = KeyExchangeStarted; + m_keyExchangeState = DhInitSent; } void SshConnectionPrivate::handleKeyExchangeReplyPacket() { - if (m_keyExchangeState != KeyExchangeStarted) { + if (m_keyExchangeState != DhInitSent) { throw SshServerException(SSH_DISCONNECT_PROTOCOL_ERROR, "Unexpected packet.", tr("Unexpected packet of type %1.") .arg(m_incomingPacket.type())); @@ -414,12 +416,12 @@ void SshConnectionPrivate::handleKeyExchangeReplyPacket() m_keyExchange->sendNewKeysPacket(m_incomingPacket, ClientId.left(ClientId.size() - 2)); m_sendFacility.recreateKeys(*m_keyExchange); - m_keyExchangeState = KeyExchangeSuccess; + m_keyExchangeState = NewKeysSent; } void SshConnectionPrivate::handleNewKeysPacket() { - if (m_keyExchangeState != KeyExchangeSuccess) { + if (m_keyExchangeState != NewKeysSent) { throw SshServerException(SSH_DISCONNECT_PROTOCOL_ERROR, "Unexpected packet.", tr("Unexpected packet of type %1.") .arg(m_incomingPacket.type())); |