summaryrefslogtreecommitdiff
path: root/packet.c
diff options
context:
space:
mode:
Diffstat (limited to 'packet.c')
-rw-r--r--packet.c68
1 files changed, 38 insertions, 30 deletions
diff --git a/packet.c b/packet.c
index ff69b6601..f114ea52c 100644
--- a/packet.c
+++ b/packet.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: packet.c,v 1.263 2017/07/23 23:37:02 djm Exp $ */ 1/* $OpenBSD: packet.c,v 1.264 2017/09/12 06:32:07 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -2090,35 +2090,6 @@ ssh_packet_get_maxsize(struct ssh *ssh)
2090 return ssh->state->max_packet_size; 2090 return ssh->state->max_packet_size;
2091} 2091}
2092 2092
2093/*
2094 * 9.2. Ignored Data Message
2095 *
2096 * byte SSH_MSG_IGNORE
2097 * string data
2098 *
2099 * All implementations MUST understand (and ignore) this message at any
2100 * time (after receiving the protocol version). No implementation is
2101 * required to send them. This message can be used as an additional
2102 * protection measure against advanced traffic analysis techniques.
2103 */
2104void
2105ssh_packet_send_ignore(struct ssh *ssh, int nbytes)
2106{
2107 u_int32_t rnd = 0;
2108 int r, i;
2109
2110 if ((r = sshpkt_start(ssh, SSH2_MSG_IGNORE)) != 0 ||
2111 (r = sshpkt_put_u32(ssh, nbytes)) != 0)
2112 fatal("%s: %s", __func__, ssh_err(r));
2113 for (i = 0; i < nbytes; i++) {
2114 if (i % 4 == 0)
2115 rnd = arc4random();
2116 if ((r = sshpkt_put_u8(ssh, (u_char)rnd & 0xff)) != 0)
2117 fatal("%s: %s", __func__, ssh_err(r));
2118 rnd >>= 8;
2119 }
2120}
2121
2122void 2093void
2123ssh_packet_set_rekey_limits(struct ssh *ssh, u_int64_t bytes, u_int32_t seconds) 2094ssh_packet_set_rekey_limits(struct ssh *ssh, u_int64_t bytes, u_int32_t seconds)
2124{ 2095{
@@ -2539,6 +2510,12 @@ sshpkt_get_string_direct(struct ssh *ssh, const u_char **valp, size_t *lenp)
2539} 2510}
2540 2511
2541int 2512int
2513sshpkt_peek_string_direct(struct ssh *ssh, const u_char **valp, size_t *lenp)
2514{
2515 return sshbuf_peek_string_direct(ssh->state->incoming_packet, valp, lenp);
2516}
2517
2518int
2542sshpkt_get_cstring(struct ssh *ssh, char **valp, size_t *lenp) 2519sshpkt_get_cstring(struct ssh *ssh, char **valp, size_t *lenp)
2543{ 2520{
2544 return sshbuf_get_cstring(ssh->state->incoming_packet, valp, lenp); 2521 return sshbuf_get_cstring(ssh->state->incoming_packet, valp, lenp);
@@ -2621,6 +2598,37 @@ ssh_packet_send_mux(struct ssh *ssh)
2621 return 0; 2598 return 0;
2622} 2599}
2623 2600
2601/*
2602 * 9.2. Ignored Data Message
2603 *
2604 * byte SSH_MSG_IGNORE
2605 * string data
2606 *
2607 * All implementations MUST understand (and ignore) this message at any
2608 * time (after receiving the protocol version). No implementation is
2609 * required to send them. This message can be used as an additional
2610 * protection measure against advanced traffic analysis techniques.
2611 */
2612int
2613sshpkt_msg_ignore(struct ssh *ssh, u_int nbytes)
2614{
2615 u_int32_t rnd = 0;
2616 int r;
2617 u_int i;
2618
2619 if ((r = sshpkt_start(ssh, SSH2_MSG_IGNORE)) != 0 ||
2620 (r = sshpkt_put_u32(ssh, nbytes)) != 0)
2621 return r;
2622 for (i = 0; i < nbytes; i++) {
2623 if (i % 4 == 0)
2624 rnd = arc4random();
2625 if ((r = sshpkt_put_u8(ssh, (u_char)rnd & 0xff)) != 0)
2626 return r;
2627 rnd >>= 8;
2628 }
2629 return 0;
2630}
2631
2624/* send it */ 2632/* send it */
2625 2633
2626int 2634int
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-29 07:44:41 +0000