diff options
author | Ben Lindstrom <mouring@eviladmin.org> | 2001-03-05 06:28:06 +0000 |
---|---|---|
committer | Ben Lindstrom <mouring@eviladmin.org> | 2001-03-05 06:28:06 +0000 |
commit | e229b25a9efc4924f9b45a34de0aef491ae35d09 (patch) | |
tree | 168b2a8e9d3615a86d39fd9d57b78053fc360b45 | |
parent | 941ac82e1624e7d7bb7091785ca525889738420b (diff) |
- markus@cvs.openbsd.org 2001/02/28 21:27:48
[channels.c packet.c packet.h serverloop.c]
use ignore message to simulate a SSH2_MSG_CHANNEL_DATA message
use random content in ignore messages.
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | channels.c | 12 | ||||
-rw-r--r-- | packet.c | 16 | ||||
-rw-r--r-- | packet.h | 5 | ||||
-rw-r--r-- | serverloop.c | 6 |
5 files changed, 29 insertions, 16 deletions
@@ -85,6 +85,10 @@ | |||
85 | - markus@cvs.openbsd.org 2001/02/28 21:21:41 | 85 | - markus@cvs.openbsd.org 2001/02/28 21:21:41 |
86 | [sshd.c] | 86 | [sshd.c] |
87 | generate a fake session id, too | 87 | generate a fake session id, too |
88 | - markus@cvs.openbsd.org 2001/02/28 21:27:48 | ||
89 | [channels.c packet.c packet.h serverloop.c] | ||
90 | use ignore message to simulate a SSH2_MSG_CHANNEL_DATA message | ||
91 | use random content in ignore messages. | ||
88 | 92 | ||
89 | 20010304 | 93 | 20010304 |
90 | - (bal) Remove make-ssh-known-hosts.1 since it's no longer valid. | 94 | - (bal) Remove make-ssh-known-hosts.1 since it's no longer valid. |
@@ -4277,4 +4281,4 @@ | |||
4277 | - Wrote replacements for strlcpy and mkdtemp | 4281 | - Wrote replacements for strlcpy and mkdtemp |
4278 | - Released 1.0pre1 | 4282 | - Released 1.0pre1 |
4279 | 4283 | ||
4280 | $Id: ChangeLog,v 1.876 2001/03/05 06:25:23 mouring Exp $ | 4284 | $Id: ChangeLog,v 1.877 2001/03/05 06:28:06 mouring Exp $ |
diff --git a/channels.c b/channels.c index d1c90b4ac..defe5ecba 100644 --- a/channels.c +++ b/channels.c | |||
@@ -40,7 +40,7 @@ | |||
40 | */ | 40 | */ |
41 | 41 | ||
42 | #include "includes.h" | 42 | #include "includes.h" |
43 | RCSID("$OpenBSD: channels.c,v 1.94 2001/02/28 12:55:07 markus Exp $"); | 43 | RCSID("$OpenBSD: channels.c,v 1.95 2001/02/28 21:27:48 markus Exp $"); |
44 | 44 | ||
45 | #include <openssl/rsa.h> | 45 | #include <openssl/rsa.h> |
46 | #include <openssl/dsa.h> | 46 | #include <openssl/dsa.h> |
@@ -768,6 +768,7 @@ channel_handle_rfd(Channel *c, fd_set * readset, fd_set * writeset) | |||
768 | int | 768 | int |
769 | channel_handle_wfd(Channel *c, fd_set * readset, fd_set * writeset) | 769 | channel_handle_wfd(Channel *c, fd_set * readset, fd_set * writeset) |
770 | { | 770 | { |
771 | struct termios tio; | ||
771 | int len; | 772 | int len; |
772 | 773 | ||
773 | /* Send buffered output data to the socket. */ | 774 | /* Send buffered output data to the socket. */ |
@@ -789,16 +790,15 @@ channel_handle_wfd(Channel *c, fd_set * readset, fd_set * writeset) | |||
789 | return -1; | 790 | return -1; |
790 | } | 791 | } |
791 | if (compat20 && c->isatty) { | 792 | if (compat20 && c->isatty) { |
792 | struct termios tio; | ||
793 | if (tcgetattr(c->wfd, &tio) == 0 && | 793 | if (tcgetattr(c->wfd, &tio) == 0 && |
794 | !(tio.c_lflag & ECHO) && (tio.c_lflag & ICANON)) { | 794 | !(tio.c_lflag & ECHO) && (tio.c_lflag & ICANON)) { |
795 | /* | 795 | /* |
796 | * Simulate echo to reduce the impact of | 796 | * Simulate echo to reduce the impact of |
797 | * traffic analysis. | 797 | * traffic analysis. We need too match the |
798 | * size of a SSH2_MSG_CHANNEL_DATA message | ||
799 | * (4 byte channel id + data) | ||
798 | */ | 800 | */ |
799 | packet_start(SSH2_MSG_IGNORE); | 801 | packet_send_ignore(4 + len); |
800 | memset(buffer_ptr(&c->output), 0, len); | ||
801 | packet_put_string(buffer_ptr(&c->output), len); | ||
802 | packet_send(); | 802 | packet_send(); |
803 | } | 803 | } |
804 | } | 804 | } |
@@ -37,7 +37,7 @@ | |||
37 | */ | 37 | */ |
38 | 38 | ||
39 | #include "includes.h" | 39 | #include "includes.h" |
40 | RCSID("$OpenBSD: packet.c,v 1.53 2001/02/28 09:57:06 markus Exp $"); | 40 | RCSID("$OpenBSD: packet.c,v 1.54 2001/02/28 21:27:47 markus Exp $"); |
41 | 41 | ||
42 | #include "xmalloc.h" | 42 | #include "xmalloc.h" |
43 | #include "buffer.h" | 43 | #include "buffer.h" |
@@ -1321,8 +1321,7 @@ packet_set_maxsize(int s) | |||
1321 | void | 1321 | void |
1322 | packet_inject_ignore(int sumlen) | 1322 | packet_inject_ignore(int sumlen) |
1323 | { | 1323 | { |
1324 | u_int32_t rand = 0; | 1324 | int blocksize, padlen, have, need, nb, mini, nbytes; |
1325 | int i, blocksize, padlen, have, need, nb, mini, nbytes; | ||
1326 | Enc *enc = NULL; | 1325 | Enc *enc = NULL; |
1327 | 1326 | ||
1328 | if (use_ssh2_packet_format == 0) | 1327 | if (use_ssh2_packet_format == 0) |
@@ -1350,7 +1349,16 @@ packet_inject_ignore(int sumlen) | |||
1350 | 1349 | ||
1351 | /* enqueue current message and append a ignore message */ | 1350 | /* enqueue current message and append a ignore message */ |
1352 | packet_send(); | 1351 | packet_send(); |
1353 | packet_start(SSH2_MSG_IGNORE); | 1352 | packet_send_ignore(nbytes); |
1353 | } | ||
1354 | |||
1355 | void | ||
1356 | packet_send_ignore(int nbytes) | ||
1357 | { | ||
1358 | u_int32_t rand = 0; | ||
1359 | int i; | ||
1360 | |||
1361 | packet_start(compat20 ? SSH2_MSG_IGNORE : SSH_MSG_IGNORE); | ||
1354 | packet_put_int(nbytes); | 1362 | packet_put_int(nbytes); |
1355 | for(i = 0; i < nbytes; i++) { | 1363 | for(i = 0; i < nbytes; i++) { |
1356 | if (i % 4 == 0) | 1364 | if (i % 4 == 0) |
@@ -11,7 +11,7 @@ | |||
11 | * called by a name other than "ssh" or "Secure Shell". | 11 | * called by a name other than "ssh" or "Secure Shell". |
12 | */ | 12 | */ |
13 | 13 | ||
14 | /* RCSID("$OpenBSD: packet.h,v 1.20 2001/02/28 09:57:07 markus Exp $"); */ | 14 | /* RCSID("$OpenBSD: packet.h,v 1.21 2001/02/28 21:27:47 markus Exp $"); */ |
15 | 15 | ||
16 | #ifndef PACKET_H | 16 | #ifndef PACKET_H |
17 | #define PACKET_H | 17 | #define PACKET_H |
@@ -215,6 +215,9 @@ void packet_set_ssh2_format(void); | |||
215 | int packet_remaining(void); | 215 | int packet_remaining(void); |
216 | 216 | ||
217 | /* append an ignore message */ | 217 | /* append an ignore message */ |
218 | void packet_send_ignore(int nbytes); | ||
219 | |||
220 | /* add an ignore message and make sure size (current+ignore) = n*sumlen */ | ||
218 | void packet_inject_ignore(int sumlen); | 221 | void packet_inject_ignore(int sumlen); |
219 | 222 | ||
220 | #endif /* PACKET_H */ | 223 | #endif /* PACKET_H */ |
diff --git a/serverloop.c b/serverloop.c index 651d3feb5..285f314eb 100644 --- a/serverloop.c +++ b/serverloop.c | |||
@@ -35,7 +35,7 @@ | |||
35 | */ | 35 | */ |
36 | 36 | ||
37 | #include "includes.h" | 37 | #include "includes.h" |
38 | RCSID("$OpenBSD: serverloop.c,v 1.51 2001/02/23 15:34:53 markus Exp $"); | 38 | RCSID("$OpenBSD: serverloop.c,v 1.52 2001/02/28 21:27:48 markus Exp $"); |
39 | 39 | ||
40 | #include "xmalloc.h" | 40 | #include "xmalloc.h" |
41 | #include "packet.h" | 41 | #include "packet.h" |
@@ -345,9 +345,7 @@ process_output(fd_set * writeset) | |||
345 | * Simulate echo to reduce the impact of | 345 | * Simulate echo to reduce the impact of |
346 | * traffic analysis | 346 | * traffic analysis |
347 | */ | 347 | */ |
348 | packet_start(SSH_MSG_IGNORE); | 348 | packet_send_ignore(len); |
349 | memset(buffer_ptr(&stdin_buffer), 0, len); | ||
350 | packet_put_string(buffer_ptr(&stdin_buffer), len); | ||
351 | packet_send(); | 349 | packet_send(); |
352 | } | 350 | } |
353 | /* Consume the data from the buffer. */ | 351 | /* Consume the data from the buffer. */ |