- provos@cvs.openbsd.org 2000/12/15 10:30:15

     [kex.c kex.h sshconnect2.c sshd.c]
     compute diffie-hellman in parallel between server and client. okay markus@

1 files changed, 9 insertions, 4 deletions

diff --git a/sshd.c b/sshd.c
index 0c9cdead..b5d66acd 100644
--- a/sshd.c
+++ b/sshd.c
@@ -40,7 +40,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.137 2000/12/12 21:45:21 markus Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.139 2000/12/15 17:30:14 provos Exp $");
 
 #include "xmalloc.h"
 #include "rsa.h"
@@ -1452,6 +1452,10 @@ ssh_dh1_server(Kex *kex, Buffer *client_kexinit, Buffer *server_kexinit)
 		fatal("Unsupported hostkey type %d", kex->hostkey_type);
 
 /* KEXDH */
+	/* generate DH key */
+	dh = dh_new_group1();			/* XXX depends on 'kex' */
+	dh_gen_key(dh);
+
 	debug("Wait SSH2_MSG_KEXDH_INIT.");
 	packet_read_expect(&payload_len, SSH2_MSG_KEXDH_INIT);
 
@@ -1468,9 +1472,6 @@ ssh_dh1_server(Kex *kex, Buffer *client_kexinit, Buffer *server_kexinit)
 	debug("bits %d", BN_num_bits(dh_client_pub));
 #endif
 
-	/* generate DH key */
-	dh = dh_new_group1();			/* XXX depends on 'kex' */
-
 #ifdef DEBUG_KEXDH
 	fprintf(stderr, "\np= ");
 	BN_print_fp(stderr, dh->p);
@@ -1592,6 +1593,10 @@ ssh_dhgex_server(Kex *kex, Buffer *client_kexinit, Buffer *server_kexinit)
 	packet_send();
 	packet_write_wait();
 
+	/* Compute our exchange value in parallel with the client */
+
+	dh_gen_key(dh);
+
 	debug("Wait SSH2_MSG_KEX_DH_GEX_INIT.");
 	packet_read_expect(&payload_len, SSH2_MSG_KEX_DH_GEX_INIT);