diff options
-rw-r--r-- | ChangeLog | 8 | ||||
-rw-r--r-- | packet.c | 11 |
2 files changed, 14 insertions, 5 deletions
@@ -2,6 +2,12 @@ | |||
2 | - (dtucker) [contrib/cygwin/{Makefile,ssh-host-config}] Add new doc files | 2 | - (dtucker) [contrib/cygwin/{Makefile,ssh-host-config}] Add new doc files |
3 | and tweak the is-sshd-running check in ssh-host-config. Patch from | 3 | and tweak the is-sshd-running check in ssh-host-config. Patch from |
4 | vinschen at redhat com. | 4 | vinschen at redhat com. |
5 | - (dtucker) OpenBSD CVS Sync | ||
6 | - markus@cvs.openbsd.org 2008/11/21 15:47:38 | ||
7 | [packet.c] | ||
8 | packet_disconnect() on padding error, too. should reduce the success | ||
9 | probability for the CPNI-957037 Plaintext Recovery Attack to 2^-18 | ||
10 | ok djm@ | ||
5 | 11 | ||
6 | 20081123 | 12 | 20081123 |
7 | - (dtucker) [monitor_fdpass.c] Reduce diff vs OpenBSD by moving some | 13 | - (dtucker) [monitor_fdpass.c] Reduce diff vs OpenBSD by moving some |
@@ -4936,5 +4942,5 @@ | |||
4936 | OpenServer 6 and add osr5bigcrypt support so when someone migrates | 4942 | OpenServer 6 and add osr5bigcrypt support so when someone migrates |
4937 | passwords between UnixWare and OpenServer they will still work. OK dtucker@ | 4943 | passwords between UnixWare and OpenServer they will still work. OK dtucker@ |
4938 | 4944 | ||
4939 | $Id: ChangeLog,v 1.5145 2008/12/01 10:34:28 dtucker Exp $ | 4945 | $Id: ChangeLog,v 1.5146 2008/12/01 10:40:48 dtucker Exp $ |
4940 | 4946 | ||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: packet.c,v 1.157 2008/07/10 18:08:11 markus Exp $ */ | 1 | /* $OpenBSD: packet.c,v 1.158 2008/11/21 15:47:38 markus Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -1152,7 +1152,8 @@ packet_read_poll2(u_int32_t *seqnr_p) | |||
1152 | #ifdef PACKET_DEBUG | 1152 | #ifdef PACKET_DEBUG |
1153 | buffer_dump(&incoming_packet); | 1153 | buffer_dump(&incoming_packet); |
1154 | #endif | 1154 | #endif |
1155 | packet_disconnect("Bad packet length %u.", packet_length); | 1155 | packet_disconnect("Bad packet length %-10u", |
1156 | packet_length); | ||
1156 | } | 1157 | } |
1157 | DBG(debug("input: packet len %u", packet_length+4)); | 1158 | DBG(debug("input: packet len %u", packet_length+4)); |
1158 | buffer_consume(&input, block_size); | 1159 | buffer_consume(&input, block_size); |
@@ -1161,9 +1162,11 @@ packet_read_poll2(u_int32_t *seqnr_p) | |||
1161 | need = 4 + packet_length - block_size; | 1162 | need = 4 + packet_length - block_size; |
1162 | DBG(debug("partial packet %d, need %d, maclen %d", block_size, | 1163 | DBG(debug("partial packet %d, need %d, maclen %d", block_size, |
1163 | need, maclen)); | 1164 | need, maclen)); |
1164 | if (need % block_size != 0) | 1165 | if (need % block_size != 0) { |
1165 | fatal("padding error: need %d block %d mod %d", | 1166 | logit("padding error: need %d block %d mod %d", |
1166 | need, block_size, need % block_size); | 1167 | need, block_size, need % block_size); |
1168 | packet_disconnect("Bad packet length %-10u", packet_length); | ||
1169 | } | ||
1167 | /* | 1170 | /* |
1168 | * check if the entire packet has been received and | 1171 | * check if the entire packet has been received and |
1169 | * decrypt into incoming_packet | 1172 | * decrypt into incoming_packet |