diff options
| author | markus@openbsd.org <markus@openbsd.org> | 2016-09-06 09:22:56 +0000 |
|---|---|---|
| committer | Darren Tucker <dtucker@zip.com.au> | 2016-09-12 13:39:30 +1000 |
| commit | 06ce56b05def9460aecc7cdb40e861a346214793 (patch) | |
| tree | 15ab3514db58053c6ee5853532f84ccbd200f2d8 /packet.c | |
| parent | e5e8d9114ac6837a038f4952994ca95a97fafe8d (diff) | |
upstream commit
ssh_set_newkeys: print correct block counters on
rekeying; ok djm@
Upstream-ID: 32bb7a9cb9919ff5bab28d50ecef3a2b2045dd1e
Diffstat (limited to 'packet.c')
| -rw-r--r-- | packet.c | 23 |
1 files changed, 13 insertions, 10 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: packet.c,v 1.235 2016/08/03 05:41:57 djm Exp $ */ | 1 | /* $OpenBSD: packet.c,v 1.236 2016/09/06 09:22:56 markus Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -977,30 +977,31 @@ ssh_set_newkeys(struct ssh *ssh, int mode) | |||
| 977 | struct sshmac *mac; | 977 | struct sshmac *mac; |
| 978 | struct sshcomp *comp; | 978 | struct sshcomp *comp; |
| 979 | struct sshcipher_ctx **ccp; | 979 | struct sshcipher_ctx **ccp; |
| 980 | struct packet_state *ps; | ||
| 980 | u_int64_t *max_blocks; | 981 | u_int64_t *max_blocks; |
| 981 | const char *wmsg; | 982 | const char *wmsg, *dir; |
| 982 | int r, crypt_type; | 983 | int r, crypt_type; |
| 983 | 984 | ||
| 984 | debug2("set_newkeys: mode %d", mode); | 985 | debug2("set_newkeys: mode %d", mode); |
| 985 | 986 | ||
| 986 | if (mode == MODE_OUT) { | 987 | if (mode == MODE_OUT) { |
| 988 | dir = "output"; | ||
| 987 | ccp = &state->send_context; | 989 | ccp = &state->send_context; |
| 988 | crypt_type = CIPHER_ENCRYPT; | 990 | crypt_type = CIPHER_ENCRYPT; |
| 989 | state->p_send.packets = state->p_send.blocks = 0; | 991 | ps = &state->p_send; |
| 990 | max_blocks = &state->max_blocks_out; | 992 | max_blocks = &state->max_blocks_out; |
| 991 | } else { | 993 | } else { |
| 994 | dir = "input"; | ||
| 992 | ccp = &state->receive_context; | 995 | ccp = &state->receive_context; |
| 993 | crypt_type = CIPHER_DECRYPT; | 996 | crypt_type = CIPHER_DECRYPT; |
| 994 | state->p_read.packets = state->p_read.blocks = 0; | 997 | ps = &state->p_read; |
| 995 | max_blocks = &state->max_blocks_in; | 998 | max_blocks = &state->max_blocks_in; |
| 996 | } | 999 | } |
| 997 | if (state->newkeys[mode] != NULL) { | 1000 | if (state->newkeys[mode] != NULL) { |
| 998 | debug("set_newkeys: rekeying, input %llu bytes %llu blocks, " | 1001 | debug("%s: rekeying after %llu %s blocks" |
| 999 | "output %llu bytes %llu blocks", | 1002 | " (%llu bytes total)", __func__, |
| 1000 | (unsigned long long)state->p_read.bytes, | 1003 | (unsigned long long)ps->blocks, dir, |
| 1001 | (unsigned long long)state->p_read.blocks, | 1004 | (unsigned long long)ps->bytes); |
| 1002 | (unsigned long long)state->p_send.bytes, | ||
| 1003 | (unsigned long long)state->p_send.blocks); | ||
| 1004 | cipher_free(*ccp); | 1005 | cipher_free(*ccp); |
| 1005 | *ccp = NULL; | 1006 | *ccp = NULL; |
| 1006 | enc = &state->newkeys[mode]->enc; | 1007 | enc = &state->newkeys[mode]->enc; |
| @@ -1018,6 +1019,8 @@ ssh_set_newkeys(struct ssh *ssh, int mode) | |||
| 1018 | free(comp->name); | 1019 | free(comp->name); |
| 1019 | free(state->newkeys[mode]); | 1020 | free(state->newkeys[mode]); |
| 1020 | } | 1021 | } |
| 1022 | /* note that both bytes and the seqnr are not reset */ | ||
| 1023 | ps->packets = ps->blocks = 0; | ||
| 1021 | /* move newkeys from kex to state */ | 1024 | /* move newkeys from kex to state */ |
| 1022 | if ((state->newkeys[mode] = ssh->kex->newkeys[mode]) == NULL) | 1025 | if ((state->newkeys[mode] = ssh->kex->newkeys[mode]) == NULL) |
| 1023 | return SSH_ERR_INTERNAL_ERROR; | 1026 | return SSH_ERR_INTERNAL_ERROR; |