[PATCH 3/9] ecdh: fix SSH_MSG_KEXDH_REPLY for libgcrypt

[Jon Simons <jon@xxxxxxxxxxxxx>]

Ensure to provide the `ssh_string` pubkey blob to the buffer packing
routine when computing the SSH_MSG_KEXDH_REPLY message, rather than
the new `ssh_key` type.

Introduced with 16217454d576511f37f39c3169963629f9d5082f.

Testing done: with this change, the `pkd_hello` test is passing on a
libgcrypt build for me.  Previously it would segfault during pubkey
exchange with "ecdh-sha2-nistp256".

Signed-off-by: Jon Simons <jon@xxxxxxxxxxxxx>
---
 src/ecdh_gcrypt.c | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/src/ecdh_gcrypt.c b/src/ecdh_gcrypt.c
index e4b73dc2..7bbccc25 100644
--- a/src/ecdh_gcrypt.c
+++ b/src/ecdh_gcrypt.c
@@ -268,6 +268,7 @@ int ssh_server_ecdh_init(ssh_session session, ssh_buffer packet) {
     /* SSH host keys (rsa,dsa,ecdsa) */
     ssh_key privkey;
     ssh_string sig_blob = NULL;
+    ssh_string pubkey_blob = NULL;
     int rc = SSH_ERROR;
     const char *curve = NULL;
 
@@ -333,14 +334,22 @@ int ssh_server_ecdh_init(ssh_session session, ssh_buffer packet) {
         goto out;
     }
 
+    rc = ssh_dh_get_next_server_publickey_blob(session, &pubkey_blob);
+    if (rc != SSH_OK) {
+        ssh_set_error(session, SSH_FATAL, "Could not export server public key");
+        ssh_string_free(sig_blob);
+        goto out;
+    }
+
     rc = ssh_buffer_pack(session->out_buffer,
                          "bSSS",
                          SSH2_MSG_KEXDH_REPLY,
-                         session->next_crypto->server_pubkey, /* host's pubkey */
+                         pubkey_blob, /* host's pubkey */
                          q_s_string, /* ecdh public key */
                          sig_blob); /* signature blob */
 
     ssh_string_free(sig_blob);
+    ssh_string_free(pubkey_blob);
 
     if (rc != SSH_OK) {
         ssh_set_error_oom(session);
-- 
2.14.1