From 13ae44ce5865b720708aae9cb1d2e2f08a0d90cb Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Wed, 28 Jan 2009 16:38:41 +1100
Subject:    - markus@cvs.openbsd.org 2009/01/26 09:58:15      [cipher.c
 cipher.h packet.c]      Work around the CPNI-957037 Plaintext Recovery Attack
 by always      reading 256K of data on packet size or HMAC errors (in CBC
 mode only).      Help, feedback and ok djm@      Feedback from Martin
 Albrecht and Paterson Kenny

---
 cipher.h | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'cipher.h')

diff --git a/cipher.h b/cipher.h
index 49bbc1682..3dd2270bb 100644
--- a/cipher.h
+++ b/cipher.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: cipher.h,v 1.36 2006/03/25 22:22:42 djm Exp $ */
+/* $OpenBSD: cipher.h,v 1.37 2009/01/26 09:58:15 markus Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -81,6 +81,7 @@ void	 cipher_cleanup(CipherContext *);
 void	 cipher_set_key_string(CipherContext *, Cipher *, const char *, int);
 u_int	 cipher_blocksize(const Cipher *);
 u_int	 cipher_keylen(const Cipher *);
+u_int	 cipher_is_cbc(const Cipher *);
 
 u_int	 cipher_get_number(const Cipher *);
 void	 cipher_get_keyiv(CipherContext *, u_char *, u_int);
-- 
cgit v1.2.3