diff options
-rw-r--r-- | ChangeLog | 8 | ||||
-rw-r--r-- | kex.c | 4 | ||||
-rw-r--r-- | kex.h | 4 | ||||
-rw-r--r-- | mac.c | 36 | ||||
-rw-r--r-- | mac.h | 6 | ||||
-rw-r--r-- | monitor_wrap.c | 4 | ||||
-rw-r--r-- | packet.c | 12 |
7 files changed, 49 insertions, 25 deletions
@@ -18,6 +18,12 @@ | |||
18 | - djm@cvs.openbsd.org 2007/06/02 09:04:58 | 18 | - djm@cvs.openbsd.org 2007/06/02 09:04:58 |
19 | [bufbn.c] | 19 | [bufbn.c] |
20 | memory leak on error path; from arnaud.lacombe.1 AT ulaval.ca | 20 | memory leak on error path; from arnaud.lacombe.1 AT ulaval.ca |
21 | - djm@cvs.openbsd.org 2007/06/05 06:52:37 | ||
22 | [kex.c monitor_wrap.c packet.c mac.h kex.h mac.c] | ||
23 | Preserve MAC ctx between packets, saving 2xhash calls per-packet. | ||
24 | Yields around a 12-16% end-to-end speedup for arcfour256/hmac-md5 | ||
25 | patch from markus@ tested dtucker@ and myself, ok markus@ and me (I'm | ||
26 | committing at his request) | ||
21 | 27 | ||
22 | 20070520 | 28 | 20070520 |
23 | - (dtucker) OpenBSD CVS Sync | 29 | - (dtucker) OpenBSD CVS Sync |
@@ -2961,4 +2967,4 @@ | |||
2961 | OpenServer 6 and add osr5bigcrypt support so when someone migrates | 2967 | OpenServer 6 and add osr5bigcrypt support so when someone migrates |
2962 | passwords between UnixWare and OpenServer they will still work. OK dtucker@ | 2968 | passwords between UnixWare and OpenServer they will still work. OK dtucker@ |
2963 | 2969 | ||
2964 | $Id: ChangeLog,v 1.4675 2007/06/05 08:29:35 dtucker Exp $ | 2970 | $Id: ChangeLog,v 1.4676 2007/06/05 08:30:18 dtucker Exp $ |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kex.c,v 1.78 2007/05/30 05:58:13 djm Exp $ */ | 1 | /* $OpenBSD: kex.c,v 1.79 2007/06/05 06:52:37 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -279,7 +279,7 @@ choose_mac(Mac *mac, char *client, char *server) | |||
279 | if (name == NULL) | 279 | if (name == NULL) |
280 | fatal("no matching mac found: client %s server %s", | 280 | fatal("no matching mac found: client %s server %s", |
281 | client, server); | 281 | client, server); |
282 | if (mac_init(mac, name) < 0) | 282 | if (mac_setup(mac, name) < 0) |
283 | fatal("unsupported mac %s", name); | 283 | fatal("unsupported mac %s", name); |
284 | /* truncate the key */ | 284 | /* truncate the key */ |
285 | if (datafellows & SSH_BUG_HMAC) | 285 | if (datafellows & SSH_BUG_HMAC) |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kex.h,v 1.44 2006/08/03 03:34:42 deraadt Exp $ */ | 1 | /* $OpenBSD: kex.h,v 1.45 2007/06/05 06:52:37 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
@@ -28,6 +28,7 @@ | |||
28 | 28 | ||
29 | #include <signal.h> | 29 | #include <signal.h> |
30 | #include <openssl/evp.h> | 30 | #include <openssl/evp.h> |
31 | #include <openssl/hmac.h> | ||
31 | 32 | ||
32 | #define KEX_DH1 "diffie-hellman-group1-sha1" | 33 | #define KEX_DH1 "diffie-hellman-group1-sha1" |
33 | #define KEX_DH14 "diffie-hellman-group14-sha1" | 34 | #define KEX_DH14 "diffie-hellman-group14-sha1" |
@@ -90,6 +91,7 @@ struct Mac { | |||
90 | u_int mac_len; | 91 | u_int mac_len; |
91 | u_char *key; | 92 | u_char *key; |
92 | u_int key_len; | 93 | u_int key_len; |
94 | HMAC_CTX ctx; | ||
93 | }; | 95 | }; |
94 | struct Comp { | 96 | struct Comp { |
95 | int type; | 97 | int type; |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: mac.c,v 1.12 2006/08/03 03:34:42 deraadt Exp $ */ | 1 | /* $OpenBSD: mac.c,v 1.13 2007/06/05 06:52:37 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -57,7 +57,7 @@ struct { | |||
57 | }; | 57 | }; |
58 | 58 | ||
59 | int | 59 | int |
60 | mac_init(Mac *mac, char *name) | 60 | mac_setup(Mac *mac, char *name) |
61 | { | 61 | { |
62 | int i, evp_len; | 62 | int i, evp_len; |
63 | 63 | ||
@@ -71,34 +71,44 @@ mac_init(Mac *mac, char *name) | |||
71 | if (macs[i].truncatebits != 0) | 71 | if (macs[i].truncatebits != 0) |
72 | mac->mac_len = macs[i].truncatebits/8; | 72 | mac->mac_len = macs[i].truncatebits/8; |
73 | } | 73 | } |
74 | debug2("mac_init: found %s", name); | 74 | debug2("mac_setup: found %s", name); |
75 | return (0); | 75 | return (0); |
76 | } | 76 | } |
77 | } | 77 | } |
78 | debug2("mac_init: unknown %s", name); | 78 | debug2("mac_setup: unknown %s", name); |
79 | return (-1); | 79 | return (-1); |
80 | } | 80 | } |
81 | 81 | ||
82 | void | ||
83 | mac_init(Mac *mac) | ||
84 | { | ||
85 | if (mac->key == NULL) | ||
86 | fatal("mac_init: no key"); | ||
87 | HMAC_Init(&mac->ctx, mac->key, mac->key_len, mac->md); | ||
88 | } | ||
89 | |||
82 | u_char * | 90 | u_char * |
83 | mac_compute(Mac *mac, u_int32_t seqno, u_char *data, int datalen) | 91 | mac_compute(Mac *mac, u_int32_t seqno, u_char *data, int datalen) |
84 | { | 92 | { |
85 | HMAC_CTX c; | ||
86 | static u_char m[EVP_MAX_MD_SIZE]; | 93 | static u_char m[EVP_MAX_MD_SIZE]; |
87 | u_char b[4]; | 94 | u_char b[4]; |
88 | 95 | ||
89 | if (mac->key == NULL) | ||
90 | fatal("mac_compute: no key"); | ||
91 | if (mac->mac_len > sizeof(m)) | 96 | if (mac->mac_len > sizeof(m)) |
92 | fatal("mac_compute: mac too long"); | 97 | fatal("mac_compute: mac too long"); |
93 | HMAC_Init(&c, mac->key, mac->key_len, mac->md); | ||
94 | put_u32(b, seqno); | 98 | put_u32(b, seqno); |
95 | HMAC_Update(&c, b, sizeof(b)); | 99 | HMAC_Init(&mac->ctx, NULL, 0, NULL); /* reset HMAC context */ |
96 | HMAC_Update(&c, data, datalen); | 100 | HMAC_Update(&mac->ctx, b, sizeof(b)); |
97 | HMAC_Final(&c, m, NULL); | 101 | HMAC_Update(&mac->ctx, data, datalen); |
98 | HMAC_cleanup(&c); | 102 | HMAC_Final(&mac->ctx, m, NULL); |
99 | return (m); | 103 | return (m); |
100 | } | 104 | } |
101 | 105 | ||
106 | void | ||
107 | mac_clear(Mac *mac) | ||
108 | { | ||
109 | HMAC_cleanup(&mac->ctx); | ||
110 | } | ||
111 | |||
102 | /* XXX copied from ciphers_valid */ | 112 | /* XXX copied from ciphers_valid */ |
103 | #define MAC_SEP "," | 113 | #define MAC_SEP "," |
104 | int | 114 | int |
@@ -111,7 +121,7 @@ mac_valid(const char *names) | |||
111 | maclist = cp = xstrdup(names); | 121 | maclist = cp = xstrdup(names); |
112 | for ((p = strsep(&cp, MAC_SEP)); p && *p != '\0'; | 122 | for ((p = strsep(&cp, MAC_SEP)); p && *p != '\0'; |
113 | (p = strsep(&cp, MAC_SEP))) { | 123 | (p = strsep(&cp, MAC_SEP))) { |
114 | if (mac_init(NULL, p) < 0) { | 124 | if (mac_setup(NULL, p) < 0) { |
115 | debug("bad mac %s [%s]", p, names); | 125 | debug("bad mac %s [%s]", p, names); |
116 | xfree(maclist); | 126 | xfree(maclist); |
117 | return (0); | 127 | return (0); |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: mac.h,v 1.4 2006/03/25 22:22:43 djm Exp $ */ | 1 | /* $OpenBSD: mac.h,v 1.5 2007/06/05 06:52:37 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -24,5 +24,7 @@ | |||
24 | */ | 24 | */ |
25 | 25 | ||
26 | int mac_valid(const char *); | 26 | int mac_valid(const char *); |
27 | int mac_init(Mac *, char *); | 27 | int mac_setup(Mac *, char *); |
28 | void mac_init(Mac *); | ||
28 | u_char *mac_compute(Mac *, u_int32_t, u_char *, int); | 29 | u_char *mac_compute(Mac *, u_int32_t, u_char *, int); |
30 | void mac_clear(Mac *); | ||
diff --git a/monitor_wrap.c b/monitor_wrap.c index 27cc1c5f1..61f7c6889 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: monitor_wrap.c,v 1.55 2007/02/19 10:45:58 dtucker Exp $ */ | 1 | /* $OpenBSD: monitor_wrap.c,v 1.56 2007/06/05 06:52:37 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> | 3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> |
4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> | 4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> |
@@ -476,7 +476,7 @@ mm_newkeys_from_blob(u_char *blob, int blen) | |||
476 | 476 | ||
477 | /* Mac structure */ | 477 | /* Mac structure */ |
478 | mac->name = buffer_get_string(&b, NULL); | 478 | mac->name = buffer_get_string(&b, NULL); |
479 | if (mac->name == NULL || mac_init(mac, mac->name) == -1) | 479 | if (mac->name == NULL || mac_setup(mac, mac->name) == -1) |
480 | fatal("%s: can not init mac %s", __func__, mac->name); | 480 | fatal("%s: can not init mac %s", __func__, mac->name); |
481 | mac->enabled = buffer_get_int(&b); | 481 | mac->enabled = buffer_get_int(&b); |
482 | mac->key = buffer_get_string(&b, &len); | 482 | mac->key = buffer_get_string(&b, &len); |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: packet.c,v 1.146 2007/05/31 23:34:29 djm Exp $ */ | 1 | /* $OpenBSD: packet.c,v 1.147 2007/06/05 06:52:37 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -629,7 +629,8 @@ set_newkeys(int mode) | |||
629 | enc = &newkeys[mode]->enc; | 629 | enc = &newkeys[mode]->enc; |
630 | mac = &newkeys[mode]->mac; | 630 | mac = &newkeys[mode]->mac; |
631 | comp = &newkeys[mode]->comp; | 631 | comp = &newkeys[mode]->comp; |
632 | memset(mac->key, 0, mac->key_len); | 632 | if (mac->md != NULL) |
633 | mac_clear(mac); | ||
633 | xfree(enc->name); | 634 | xfree(enc->name); |
634 | xfree(enc->iv); | 635 | xfree(enc->iv); |
635 | xfree(enc->key); | 636 | xfree(enc->key); |
@@ -644,14 +645,17 @@ set_newkeys(int mode) | |||
644 | enc = &newkeys[mode]->enc; | 645 | enc = &newkeys[mode]->enc; |
645 | mac = &newkeys[mode]->mac; | 646 | mac = &newkeys[mode]->mac; |
646 | comp = &newkeys[mode]->comp; | 647 | comp = &newkeys[mode]->comp; |
647 | if (mac->md != NULL) | 648 | if (mac->md != NULL) { |
649 | mac_init(mac); | ||
648 | mac->enabled = 1; | 650 | mac->enabled = 1; |
651 | } | ||
649 | DBG(debug("cipher_init_context: %d", mode)); | 652 | DBG(debug("cipher_init_context: %d", mode)); |
650 | cipher_init(cc, enc->cipher, enc->key, enc->key_len, | 653 | cipher_init(cc, enc->cipher, enc->key, enc->key_len, |
651 | enc->iv, enc->block_size, crypt_type); | 654 | enc->iv, enc->block_size, crypt_type); |
652 | /* Deleting the keys does not gain extra security */ | 655 | /* Deleting the keys does not gain extra security */ |
653 | /* memset(enc->iv, 0, enc->block_size); | 656 | /* memset(enc->iv, 0, enc->block_size); |
654 | memset(enc->key, 0, enc->key_len); */ | 657 | memset(enc->key, 0, enc->key_len); |
658 | memset(mac->key, 0, mac->key_len); */ | ||
655 | if ((comp->type == COMP_ZLIB || | 659 | if ((comp->type == COMP_ZLIB || |
656 | (comp->type == COMP_DELAYED && after_authentication)) && | 660 | (comp->type == COMP_DELAYED && after_authentication)) && |
657 | comp->enabled == 0) { | 661 | comp->enabled == 0) { |