diff options
Diffstat (limited to 'packet.c')
-rw-r--r-- | packet.c | 24 |
1 files changed, 14 insertions, 10 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: packet.c,v 1.189 2013/11/08 00:39:15 djm Exp $ */ | 1 | /* $OpenBSD: packet.c,v 1.190 2013/11/21 00:45:44 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -713,7 +713,7 @@ packet_send1(void) | |||
713 | buffer_append(&active_state->output, buf, 4); | 713 | buffer_append(&active_state->output, buf, 4); |
714 | cp = buffer_append_space(&active_state->output, | 714 | cp = buffer_append_space(&active_state->output, |
715 | buffer_len(&active_state->outgoing_packet)); | 715 | buffer_len(&active_state->outgoing_packet)); |
716 | cipher_crypt(&active_state->send_context, cp, | 716 | cipher_crypt(&active_state->send_context, 0, cp, |
717 | buffer_ptr(&active_state->outgoing_packet), | 717 | buffer_ptr(&active_state->outgoing_packet), |
718 | buffer_len(&active_state->outgoing_packet), 0, 0); | 718 | buffer_len(&active_state->outgoing_packet), 0, 0); |
719 | 719 | ||
@@ -946,8 +946,8 @@ packet_send2_wrapped(void) | |||
946 | } | 946 | } |
947 | /* encrypt packet and append to output buffer. */ | 947 | /* encrypt packet and append to output buffer. */ |
948 | cp = buffer_append_space(&active_state->output, len + authlen); | 948 | cp = buffer_append_space(&active_state->output, len + authlen); |
949 | cipher_crypt(&active_state->send_context, cp, | 949 | cipher_crypt(&active_state->send_context, active_state->p_send.seqnr, |
950 | buffer_ptr(&active_state->outgoing_packet), | 950 | cp, buffer_ptr(&active_state->outgoing_packet), |
951 | len - aadlen, aadlen, authlen); | 951 | len - aadlen, aadlen, authlen); |
952 | /* append unencrypted MAC */ | 952 | /* append unencrypted MAC */ |
953 | if (mac && mac->enabled) { | 953 | if (mac && mac->enabled) { |
@@ -1208,7 +1208,7 @@ packet_read_poll1(void) | |||
1208 | /* Decrypt data to incoming_packet. */ | 1208 | /* Decrypt data to incoming_packet. */ |
1209 | buffer_clear(&active_state->incoming_packet); | 1209 | buffer_clear(&active_state->incoming_packet); |
1210 | cp = buffer_append_space(&active_state->incoming_packet, padded_len); | 1210 | cp = buffer_append_space(&active_state->incoming_packet, padded_len); |
1211 | cipher_crypt(&active_state->receive_context, cp, | 1211 | cipher_crypt(&active_state->receive_context, 0, cp, |
1212 | buffer_ptr(&active_state->input), padded_len, 0, 0); | 1212 | buffer_ptr(&active_state->input), padded_len, 0, 0); |
1213 | 1213 | ||
1214 | buffer_consume(&active_state->input, padded_len); | 1214 | buffer_consume(&active_state->input, padded_len); |
@@ -1279,10 +1279,12 @@ packet_read_poll2(u_int32_t *seqnr_p) | |||
1279 | aadlen = (mac && mac->enabled && mac->etm) || authlen ? 4 : 0; | 1279 | aadlen = (mac && mac->enabled && mac->etm) || authlen ? 4 : 0; |
1280 | 1280 | ||
1281 | if (aadlen && active_state->packlen == 0) { | 1281 | if (aadlen && active_state->packlen == 0) { |
1282 | if (buffer_len(&active_state->input) < 4) | 1282 | if (cipher_get_length(&active_state->receive_context, |
1283 | &active_state->packlen, | ||
1284 | active_state->p_read.seqnr, | ||
1285 | buffer_ptr(&active_state->input), | ||
1286 | buffer_len(&active_state->input)) != 0) | ||
1283 | return SSH_MSG_NONE; | 1287 | return SSH_MSG_NONE; |
1284 | cp = buffer_ptr(&active_state->input); | ||
1285 | active_state->packlen = get_u32(cp); | ||
1286 | if (active_state->packlen < 1 + 4 || | 1288 | if (active_state->packlen < 1 + 4 || |
1287 | active_state->packlen > PACKET_MAX_SIZE) { | 1289 | active_state->packlen > PACKET_MAX_SIZE) { |
1288 | #ifdef PACKET_DEBUG | 1290 | #ifdef PACKET_DEBUG |
@@ -1302,7 +1304,8 @@ packet_read_poll2(u_int32_t *seqnr_p) | |||
1302 | buffer_clear(&active_state->incoming_packet); | 1304 | buffer_clear(&active_state->incoming_packet); |
1303 | cp = buffer_append_space(&active_state->incoming_packet, | 1305 | cp = buffer_append_space(&active_state->incoming_packet, |
1304 | block_size); | 1306 | block_size); |
1305 | cipher_crypt(&active_state->receive_context, cp, | 1307 | cipher_crypt(&active_state->receive_context, |
1308 | active_state->p_read.seqnr, cp, | ||
1306 | buffer_ptr(&active_state->input), block_size, 0, 0); | 1309 | buffer_ptr(&active_state->input), block_size, 0, 0); |
1307 | cp = buffer_ptr(&active_state->incoming_packet); | 1310 | cp = buffer_ptr(&active_state->incoming_packet); |
1308 | active_state->packlen = get_u32(cp); | 1311 | active_state->packlen = get_u32(cp); |
@@ -1357,7 +1360,8 @@ packet_read_poll2(u_int32_t *seqnr_p) | |||
1357 | macbuf = mac_compute(mac, active_state->p_read.seqnr, | 1360 | macbuf = mac_compute(mac, active_state->p_read.seqnr, |
1358 | buffer_ptr(&active_state->input), aadlen + need); | 1361 | buffer_ptr(&active_state->input), aadlen + need); |
1359 | cp = buffer_append_space(&active_state->incoming_packet, aadlen + need); | 1362 | cp = buffer_append_space(&active_state->incoming_packet, aadlen + need); |
1360 | cipher_crypt(&active_state->receive_context, cp, | 1363 | cipher_crypt(&active_state->receive_context, |
1364 | active_state->p_read.seqnr, cp, | ||
1361 | buffer_ptr(&active_state->input), need, aadlen, authlen); | 1365 | buffer_ptr(&active_state->input), need, aadlen, authlen); |
1362 | buffer_consume(&active_state->input, aadlen + need + authlen); | 1366 | buffer_consume(&active_state->input, aadlen + need + authlen); |
1363 | /* | 1367 | /* |