diff options
| author | Damien Miller <djm@mindrot.org> | 2000-03-26 13:04:51 +1000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2000-03-26 13:04:51 +1000 |
| commit | 450a7a1ff40fe7c2d84c93b83cf2df53445d807d (patch) | |
| tree | db6d08bdea65edd34ba2e323a31e2b1ca5e5fbd4 /cipher.c | |
| parent | 2c9279fa667827384fceb243f890cba1dbe480de (diff) | |
- OpenBSD CVS update
- [auth-krb4.c]
-Wall
- [auth-rh-rsa.c auth-rsa.c hostfile.c hostfile.h key.c key.h match.c]
[match.h ssh.c ssh.h sshconnect.c sshd.c]
initial support for DSA keys. ok deraadt@, niels@
- [cipher.c cipher.h]
remove unused cipher_attack_detected code
- [scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8]
Fix some formatting problems I missed before.
- [ssh.1 sshd.8]
fix spelling errors, From: FreeBSD
- [ssh.c]
switch to raw mode only if he _get_ a pty (not if we _want_ a pty).
Diffstat (limited to 'cipher.c')
| -rw-r--r-- | cipher.c | 16 |
1 files changed, 1 insertions, 15 deletions
| @@ -12,7 +12,7 @@ | |||
| 12 | */ | 12 | */ |
| 13 | 13 | ||
| 14 | #include "includes.h" | 14 | #include "includes.h" |
| 15 | RCSID("$Id: cipher.c,v 1.13 2000/03/09 10:27:50 damien Exp $"); | 15 | RCSID("$Id: cipher.c,v 1.14 2000/03/26 03:04:52 damien Exp $"); |
| 16 | 16 | ||
| 17 | #include "ssh.h" | 17 | #include "ssh.h" |
| 18 | #include "cipher.h" | 18 | #include "cipher.h" |
| @@ -110,18 +110,6 @@ swap_bytes(const unsigned char *src, unsigned char *dst_, int n) | |||
| 110 | } | 110 | } |
| 111 | } | 111 | } |
| 112 | 112 | ||
| 113 | void (*cipher_attack_detected) (const char *fmt,...) = fatal; | ||
| 114 | |||
| 115 | static inline void | ||
| 116 | detect_cbc_attack(const unsigned char *src, | ||
| 117 | unsigned int len) | ||
| 118 | { | ||
| 119 | return; | ||
| 120 | |||
| 121 | log("CRC-32 CBC insertion attack detected"); | ||
| 122 | cipher_attack_detected("CRC-32 CBC insertion attack detected"); | ||
| 123 | } | ||
| 124 | |||
| 125 | /* | 113 | /* |
| 126 | * Names of all encryption algorithms. | 114 | * Names of all encryption algorithms. |
| 127 | * These must match the numbers defined in cipher.h. | 115 | * These must match the numbers defined in cipher.h. |
| @@ -304,7 +292,6 @@ cipher_decrypt(CipherContext *context, unsigned char *dest, | |||
| 304 | break; | 292 | break; |
| 305 | 293 | ||
| 306 | case SSH_CIPHER_3DES: | 294 | case SSH_CIPHER_3DES: |
| 307 | /* CRC-32 attack? */ | ||
| 308 | SSH_3CBC_DECRYPT(context->u.des3.key1, | 295 | SSH_3CBC_DECRYPT(context->u.des3.key1, |
| 309 | context->u.des3.key2, &context->u.des3.iv2, | 296 | context->u.des3.key2, &context->u.des3.iv2, |
| 310 | context->u.des3.key3, &context->u.des3.iv3, | 297 | context->u.des3.key3, &context->u.des3.iv3, |
| @@ -312,7 +299,6 @@ cipher_decrypt(CipherContext *context, unsigned char *dest, | |||
| 312 | break; | 299 | break; |
| 313 | 300 | ||
| 314 | case SSH_CIPHER_BLOWFISH: | 301 | case SSH_CIPHER_BLOWFISH: |
| 315 | detect_cbc_attack(src, len); | ||
| 316 | swap_bytes(src, dest, len); | 302 | swap_bytes(src, dest, len); |
| 317 | BF_cbc_encrypt((void *) dest, dest, len, | 303 | BF_cbc_encrypt((void *) dest, dest, len, |
| 318 | &context->u.bf.key, context->u.bf.iv, | 304 | &context->u.bf.key, context->u.bf.iv, |