diff options
Diffstat (limited to 'packet.c')
| -rw-r--r-- | packet.c | 24 |
1 files changed, 14 insertions, 10 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: packet.c,v 1.189 2013/11/08 00:39:15 djm Exp $ */ | 1 | /* $OpenBSD: packet.c,v 1.190 2013/11/21 00:45:44 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -713,7 +713,7 @@ packet_send1(void) | |||
| 713 | buffer_append(&active_state->output, buf, 4); | 713 | buffer_append(&active_state->output, buf, 4); |
| 714 | cp = buffer_append_space(&active_state->output, | 714 | cp = buffer_append_space(&active_state->output, |
| 715 | buffer_len(&active_state->outgoing_packet)); | 715 | buffer_len(&active_state->outgoing_packet)); |
| 716 | cipher_crypt(&active_state->send_context, cp, | 716 | cipher_crypt(&active_state->send_context, 0, cp, |
| 717 | buffer_ptr(&active_state->outgoing_packet), | 717 | buffer_ptr(&active_state->outgoing_packet), |
| 718 | buffer_len(&active_state->outgoing_packet), 0, 0); | 718 | buffer_len(&active_state->outgoing_packet), 0, 0); |
| 719 | 719 | ||
| @@ -946,8 +946,8 @@ packet_send2_wrapped(void) | |||
| 946 | } | 946 | } |
| 947 | /* encrypt packet and append to output buffer. */ | 947 | /* encrypt packet and append to output buffer. */ |
| 948 | cp = buffer_append_space(&active_state->output, len + authlen); | 948 | cp = buffer_append_space(&active_state->output, len + authlen); |
| 949 | cipher_crypt(&active_state->send_context, cp, | 949 | cipher_crypt(&active_state->send_context, active_state->p_send.seqnr, |
| 950 | buffer_ptr(&active_state->outgoing_packet), | 950 | cp, buffer_ptr(&active_state->outgoing_packet), |
| 951 | len - aadlen, aadlen, authlen); | 951 | len - aadlen, aadlen, authlen); |
| 952 | /* append unencrypted MAC */ | 952 | /* append unencrypted MAC */ |
| 953 | if (mac && mac->enabled) { | 953 | if (mac && mac->enabled) { |
| @@ -1208,7 +1208,7 @@ packet_read_poll1(void) | |||
| 1208 | /* Decrypt data to incoming_packet. */ | 1208 | /* Decrypt data to incoming_packet. */ |
| 1209 | buffer_clear(&active_state->incoming_packet); | 1209 | buffer_clear(&active_state->incoming_packet); |
| 1210 | cp = buffer_append_space(&active_state->incoming_packet, padded_len); | 1210 | cp = buffer_append_space(&active_state->incoming_packet, padded_len); |
| 1211 | cipher_crypt(&active_state->receive_context, cp, | 1211 | cipher_crypt(&active_state->receive_context, 0, cp, |
| 1212 | buffer_ptr(&active_state->input), padded_len, 0, 0); | 1212 | buffer_ptr(&active_state->input), padded_len, 0, 0); |
| 1213 | 1213 | ||
| 1214 | buffer_consume(&active_state->input, padded_len); | 1214 | buffer_consume(&active_state->input, padded_len); |
| @@ -1279,10 +1279,12 @@ packet_read_poll2(u_int32_t *seqnr_p) | |||
| 1279 | aadlen = (mac && mac->enabled && mac->etm) || authlen ? 4 : 0; | 1279 | aadlen = (mac && mac->enabled && mac->etm) || authlen ? 4 : 0; |
| 1280 | 1280 | ||
| 1281 | if (aadlen && active_state->packlen == 0) { | 1281 | if (aadlen && active_state->packlen == 0) { |
| 1282 | if (buffer_len(&active_state->input) < 4) | 1282 | if (cipher_get_length(&active_state->receive_context, |
| 1283 | &active_state->packlen, | ||
| 1284 | active_state->p_read.seqnr, | ||
| 1285 | buffer_ptr(&active_state->input), | ||
| 1286 | buffer_len(&active_state->input)) != 0) | ||
| 1283 | return SSH_MSG_NONE; | 1287 | return SSH_MSG_NONE; |
| 1284 | cp = buffer_ptr(&active_state->input); | ||
| 1285 | active_state->packlen = get_u32(cp); | ||
| 1286 | if (active_state->packlen < 1 + 4 || | 1288 | if (active_state->packlen < 1 + 4 || |
| 1287 | active_state->packlen > PACKET_MAX_SIZE) { | 1289 | active_state->packlen > PACKET_MAX_SIZE) { |
| 1288 | #ifdef PACKET_DEBUG | 1290 | #ifdef PACKET_DEBUG |
| @@ -1302,7 +1304,8 @@ packet_read_poll2(u_int32_t *seqnr_p) | |||
| 1302 | buffer_clear(&active_state->incoming_packet); | 1304 | buffer_clear(&active_state->incoming_packet); |
| 1303 | cp = buffer_append_space(&active_state->incoming_packet, | 1305 | cp = buffer_append_space(&active_state->incoming_packet, |
| 1304 | block_size); | 1306 | block_size); |
| 1305 | cipher_crypt(&active_state->receive_context, cp, | 1307 | cipher_crypt(&active_state->receive_context, |
| 1308 | active_state->p_read.seqnr, cp, | ||
| 1306 | buffer_ptr(&active_state->input), block_size, 0, 0); | 1309 | buffer_ptr(&active_state->input), block_size, 0, 0); |
| 1307 | cp = buffer_ptr(&active_state->incoming_packet); | 1310 | cp = buffer_ptr(&active_state->incoming_packet); |
| 1308 | active_state->packlen = get_u32(cp); | 1311 | active_state->packlen = get_u32(cp); |
| @@ -1357,7 +1360,8 @@ packet_read_poll2(u_int32_t *seqnr_p) | |||
| 1357 | macbuf = mac_compute(mac, active_state->p_read.seqnr, | 1360 | macbuf = mac_compute(mac, active_state->p_read.seqnr, |
| 1358 | buffer_ptr(&active_state->input), aadlen + need); | 1361 | buffer_ptr(&active_state->input), aadlen + need); |
| 1359 | cp = buffer_append_space(&active_state->incoming_packet, aadlen + need); | 1362 | cp = buffer_append_space(&active_state->incoming_packet, aadlen + need); |
| 1360 | cipher_crypt(&active_state->receive_context, cp, | 1363 | cipher_crypt(&active_state->receive_context, |
| 1364 | active_state->p_read.seqnr, cp, | ||
| 1361 | buffer_ptr(&active_state->input), need, aadlen, authlen); | 1365 | buffer_ptr(&active_state->input), need, aadlen, authlen); |
| 1362 | buffer_consume(&active_state->input, aadlen + need + authlen); | 1366 | buffer_consume(&active_state->input, aadlen + need + authlen); |
| 1363 | /* | 1367 | /* |