diff options
Diffstat (limited to 'monitor_wrap.c')
-rw-r--r-- | monitor_wrap.c | 41 |
1 files changed, 21 insertions, 20 deletions
diff --git a/monitor_wrap.c b/monitor_wrap.c index b758c9f72..8cc76b380 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: monitor_wrap.c,v 1.73 2011/06/17 21:44:31 djm Exp $ */ | 1 | /* $OpenBSD: monitor_wrap.c,v 1.75 2013/01/08 18:49:04 markus Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> | 3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> |
4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> | 4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> |
@@ -509,25 +509,24 @@ mm_newkeys_from_blob(u_char *blob, int blen) | |||
509 | enc->enabled = buffer_get_int(&b); | 509 | enc->enabled = buffer_get_int(&b); |
510 | enc->block_size = buffer_get_int(&b); | 510 | enc->block_size = buffer_get_int(&b); |
511 | enc->key = buffer_get_string(&b, &enc->key_len); | 511 | enc->key = buffer_get_string(&b, &enc->key_len); |
512 | enc->iv = buffer_get_string(&b, &len); | 512 | enc->iv = buffer_get_string(&b, &enc->iv_len); |
513 | if (len != enc->block_size) | ||
514 | fatal("%s: bad ivlen: expected %u != %u", __func__, | ||
515 | enc->block_size, len); | ||
516 | 513 | ||
517 | if (enc->name == NULL || cipher_by_name(enc->name) != enc->cipher) | 514 | if (enc->name == NULL || cipher_by_name(enc->name) != enc->cipher) |
518 | fatal("%s: bad cipher name %s or pointer %p", __func__, | 515 | fatal("%s: bad cipher name %s or pointer %p", __func__, |
519 | enc->name, enc->cipher); | 516 | enc->name, enc->cipher); |
520 | 517 | ||
521 | /* Mac structure */ | 518 | /* Mac structure */ |
522 | mac->name = buffer_get_string(&b, NULL); | 519 | if (cipher_authlen(enc->cipher) == 0) { |
523 | if (mac->name == NULL || mac_setup(mac, mac->name) == -1) | 520 | mac->name = buffer_get_string(&b, NULL); |
524 | fatal("%s: can not setup mac %s", __func__, mac->name); | 521 | if (mac->name == NULL || mac_setup(mac, mac->name) == -1) |
525 | mac->enabled = buffer_get_int(&b); | 522 | fatal("%s: can not setup mac %s", __func__, mac->name); |
526 | mac->key = buffer_get_string(&b, &len); | 523 | mac->enabled = buffer_get_int(&b); |
527 | if (len > mac->key_len) | 524 | mac->key = buffer_get_string(&b, &len); |
528 | fatal("%s: bad mac key length: %u > %d", __func__, len, | 525 | if (len > mac->key_len) |
529 | mac->key_len); | 526 | fatal("%s: bad mac key length: %u > %d", __func__, len, |
530 | mac->key_len = len; | 527 | mac->key_len); |
528 | mac->key_len = len; | ||
529 | } | ||
531 | 530 | ||
532 | /* Comp structure */ | 531 | /* Comp structure */ |
533 | comp->type = buffer_get_int(&b); | 532 | comp->type = buffer_get_int(&b); |
@@ -569,13 +568,15 @@ mm_newkeys_to_blob(int mode, u_char **blobp, u_int *lenp) | |||
569 | buffer_put_int(&b, enc->enabled); | 568 | buffer_put_int(&b, enc->enabled); |
570 | buffer_put_int(&b, enc->block_size); | 569 | buffer_put_int(&b, enc->block_size); |
571 | buffer_put_string(&b, enc->key, enc->key_len); | 570 | buffer_put_string(&b, enc->key, enc->key_len); |
572 | packet_get_keyiv(mode, enc->iv, enc->block_size); | 571 | packet_get_keyiv(mode, enc->iv, enc->iv_len); |
573 | buffer_put_string(&b, enc->iv, enc->block_size); | 572 | buffer_put_string(&b, enc->iv, enc->iv_len); |
574 | 573 | ||
575 | /* Mac structure */ | 574 | /* Mac structure */ |
576 | buffer_put_cstring(&b, mac->name); | 575 | if (cipher_authlen(enc->cipher) == 0) { |
577 | buffer_put_int(&b, mac->enabled); | 576 | buffer_put_cstring(&b, mac->name); |
578 | buffer_put_string(&b, mac->key, mac->key_len); | 577 | buffer_put_int(&b, mac->enabled); |
578 | buffer_put_string(&b, mac->key, mac->key_len); | ||
579 | } | ||
579 | 580 | ||
580 | /* Comp structure */ | 581 | /* Comp structure */ |
581 | buffer_put_int(&b, comp->type); | 582 | buffer_put_int(&b, comp->type); |
@@ -639,7 +640,7 @@ mm_send_keystate(struct monitor *monitor) | |||
639 | ivlen = packet_get_keyiv_len(MODE_OUT); | 640 | ivlen = packet_get_keyiv_len(MODE_OUT); |
640 | packet_get_keyiv(MODE_OUT, iv, ivlen); | 641 | packet_get_keyiv(MODE_OUT, iv, ivlen); |
641 | buffer_put_string(&m, iv, ivlen); | 642 | buffer_put_string(&m, iv, ivlen); |
642 | ivlen = packet_get_keyiv_len(MODE_OUT); | 643 | ivlen = packet_get_keyiv_len(MODE_IN); |
643 | packet_get_keyiv(MODE_IN, iv, ivlen); | 644 | packet_get_keyiv(MODE_IN, iv, ivlen); |
644 | buffer_put_string(&m, iv, ivlen); | 645 | buffer_put_string(&m, iv, ivlen); |
645 | goto skip; | 646 | goto skip; |