summaryrefslogtreecommitdiff
path: root/monitor_wrap.c
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2013-01-09 16:12:19 +1100
committerDamien Miller <djm@mindrot.org>2013-01-09 16:12:19 +1100
commit1d75abfe23cadf8cdba0bd2cfd54f3bc1ca80dc5 (patch)
treeb717aa08dcc3c018d6fdae575017b3cb5fd92767 /monitor_wrap.c
parentaa7ad3039c671c157bb99217d60674dad8154a22 (diff)
- markus@cvs.openbsd.org 2013/01/08 18:49:04
[PROTOCOL authfile.c cipher.c cipher.h kex.c kex.h monitor_wrap.c] [myproposal.h packet.c ssh_config.5 sshd_config.5] support AES-GCM as defined in RFC 5647 (but with simpler KEX handling) ok and feedback djm@
Diffstat (limited to 'monitor_wrap.c')
-rw-r--r--monitor_wrap.c39
1 files changed, 20 insertions, 19 deletions
diff --git a/monitor_wrap.c b/monitor_wrap.c
index c22d0a2a6..ea654a73f 100644
--- a/monitor_wrap.c
+++ b/monitor_wrap.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: monitor_wrap.c,v 1.74 2012/10/01 13:59:51 naddy Exp $ */ 1/* $OpenBSD: monitor_wrap.c,v 1.75 2013/01/08 18:49:04 markus Exp $ */
2/* 2/*
3 * Copyright 2002 Niels Provos <provos@citi.umich.edu> 3 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
4 * Copyright 2002 Markus Friedl <markus@openbsd.org> 4 * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -491,25 +491,24 @@ mm_newkeys_from_blob(u_char *blob, int blen)
491 enc->enabled = buffer_get_int(&b); 491 enc->enabled = buffer_get_int(&b);
492 enc->block_size = buffer_get_int(&b); 492 enc->block_size = buffer_get_int(&b);
493 enc->key = buffer_get_string(&b, &enc->key_len); 493 enc->key = buffer_get_string(&b, &enc->key_len);
494 enc->iv = buffer_get_string(&b, &len); 494 enc->iv = buffer_get_string(&b, &enc->iv_len);
495 if (len != enc->block_size)
496 fatal("%s: bad ivlen: expected %u != %u", __func__,
497 enc->block_size, len);
498 495
499 if (enc->name == NULL || cipher_by_name(enc->name) != enc->cipher) 496 if (enc->name == NULL || cipher_by_name(enc->name) != enc->cipher)
500 fatal("%s: bad cipher name %s or pointer %p", __func__, 497 fatal("%s: bad cipher name %s or pointer %p", __func__,
501 enc->name, enc->cipher); 498 enc->name, enc->cipher);
502 499
503 /* Mac structure */ 500 /* Mac structure */
504 mac->name = buffer_get_string(&b, NULL); 501 if (cipher_authlen(enc->cipher) == 0) {
505 if (mac->name == NULL || mac_setup(mac, mac->name) == -1) 502 mac->name = buffer_get_string(&b, NULL);
506 fatal("%s: can not setup mac %s", __func__, mac->name); 503 if (mac->name == NULL || mac_setup(mac, mac->name) == -1)
507 mac->enabled = buffer_get_int(&b); 504 fatal("%s: can not setup mac %s", __func__, mac->name);
508 mac->key = buffer_get_string(&b, &len); 505 mac->enabled = buffer_get_int(&b);
509 if (len > mac->key_len) 506 mac->key = buffer_get_string(&b, &len);
510 fatal("%s: bad mac key length: %u > %d", __func__, len, 507 if (len > mac->key_len)
511 mac->key_len); 508 fatal("%s: bad mac key length: %u > %d", __func__, len,
512 mac->key_len = len; 509 mac->key_len);
510 mac->key_len = len;
511 }
513 512
514 /* Comp structure */ 513 /* Comp structure */
515 comp->type = buffer_get_int(&b); 514 comp->type = buffer_get_int(&b);
@@ -551,13 +550,15 @@ mm_newkeys_to_blob(int mode, u_char **blobp, u_int *lenp)
551 buffer_put_int(&b, enc->enabled); 550 buffer_put_int(&b, enc->enabled);
552 buffer_put_int(&b, enc->block_size); 551 buffer_put_int(&b, enc->block_size);
553 buffer_put_string(&b, enc->key, enc->key_len); 552 buffer_put_string(&b, enc->key, enc->key_len);
554 packet_get_keyiv(mode, enc->iv, enc->block_size); 553 packet_get_keyiv(mode, enc->iv, enc->iv_len);
555 buffer_put_string(&b, enc->iv, enc->block_size); 554 buffer_put_string(&b, enc->iv, enc->iv_len);
556 555
557 /* Mac structure */ 556 /* Mac structure */
558 buffer_put_cstring(&b, mac->name); 557 if (cipher_authlen(enc->cipher) == 0) {
559 buffer_put_int(&b, mac->enabled); 558 buffer_put_cstring(&b, mac->name);
560 buffer_put_string(&b, mac->key, mac->key_len); 559 buffer_put_int(&b, mac->enabled);
560 buffer_put_string(&b, mac->key, mac->key_len);
561 }
561 562
562 /* Comp structure */ 563 /* Comp structure */
563 buffer_put_int(&b, comp->type); 564 buffer_put_int(&b, comp->type);