version 1.109.2.1, 2004/02/28 03:51:33 |
version 1.109.2.2, 2004/08/19 22:37:31 |
|
|
fatal("packet_set_connection: cannot load cipher 'none'"); |
fatal("packet_set_connection: cannot load cipher 'none'"); |
connection_in = fd_in; |
connection_in = fd_in; |
connection_out = fd_out; |
connection_out = fd_out; |
cipher_init(&send_context, none, "", 0, NULL, 0, CIPHER_ENCRYPT); |
cipher_init(&send_context, none, (const u_char *)"", |
cipher_init(&receive_context, none, "", 0, NULL, 0, CIPHER_DECRYPT); |
0, NULL, 0, CIPHER_ENCRYPT); |
|
cipher_init(&receive_context, none, (const u_char *)"", |
|
0, NULL, 0, CIPHER_DECRYPT); |
newkeys[MODE_IN] = newkeys[MODE_OUT] = NULL; |
newkeys[MODE_IN] = newkeys[MODE_OUT] = NULL; |
if (!initialized) { |
if (!initialized) { |
initialized = 1; |
initialized = 1; |
|
|
packet_set_nonblocking(void) |
packet_set_nonblocking(void) |
{ |
{ |
/* Set the socket into non-blocking mode. */ |
/* Set the socket into non-blocking mode. */ |
if (fcntl(connection_in, F_SETFL, O_NONBLOCK) < 0) |
set_nonblock(connection_in); |
error("fcntl O_NONBLOCK: %.100s", strerror(errno)); |
|
|
|
if (connection_out != connection_in) { |
if (connection_out != connection_in) |
if (fcntl(connection_out, F_SETFL, O_NONBLOCK) < 0) |
set_nonblock(connection_out); |
error("fcntl O_NONBLOCK: %.100s", strerror(errno)); |
|
} |
|
} |
} |
|
|
/* Returns the socket used for reading. */ |
/* Returns the socket used for reading. */ |
|
|
u_char buf[8], *cp; |
u_char buf[8], *cp; |
int i, padding, len; |
int i, padding, len; |
u_int checksum; |
u_int checksum; |
u_int32_t rand = 0; |
u_int32_t rnd = 0; |
|
|
/* |
/* |
* If using packet compression, compress the payload of the outgoing |
* If using packet compression, compress the payload of the outgoing |
|
|
cp = buffer_ptr(&outgoing_packet); |
cp = buffer_ptr(&outgoing_packet); |
for (i = 0; i < padding; i++) { |
for (i = 0; i < padding; i++) { |
if (i % 4 == 0) |
if (i % 4 == 0) |
rand = arc4random(); |
rnd = arc4random(); |
cp[7 - i] = rand & 0xff; |
cp[7 - i] = rnd & 0xff; |
rand >>= 8; |
rnd >>= 8; |
} |
} |
} |
} |
buffer_consume(&outgoing_packet, 8 - padding); |
buffer_consume(&outgoing_packet, 8 - padding); |
|
|
Comp *comp; |
Comp *comp; |
CipherContext *cc; |
CipherContext *cc; |
u_int64_t *max_blocks; |
u_int64_t *max_blocks; |
int encrypt; |
int crypt_type; |
|
|
debug2("set_newkeys: mode %d", mode); |
debug2("set_newkeys: mode %d", mode); |
|
|
if (mode == MODE_OUT) { |
if (mode == MODE_OUT) { |
cc = &send_context; |
cc = &send_context; |
encrypt = CIPHER_ENCRYPT; |
crypt_type = CIPHER_ENCRYPT; |
p_send.packets = p_send.blocks = 0; |
p_send.packets = p_send.blocks = 0; |
max_blocks = &max_blocks_out; |
max_blocks = &max_blocks_out; |
} else { |
} else { |
cc = &receive_context; |
cc = &receive_context; |
encrypt = CIPHER_DECRYPT; |
crypt_type = CIPHER_DECRYPT; |
p_read.packets = p_read.blocks = 0; |
p_read.packets = p_read.blocks = 0; |
max_blocks = &max_blocks_in; |
max_blocks = &max_blocks_in; |
} |
} |
|
|
mac->enabled = 1; |
mac->enabled = 1; |
DBG(debug("cipher_init_context: %d", mode)); |
DBG(debug("cipher_init_context: %d", mode)); |
cipher_init(cc, enc->cipher, enc->key, enc->key_len, |
cipher_init(cc, enc->cipher, enc->key, enc->key_len, |
enc->iv, enc->block_size, encrypt); |
enc->iv, enc->block_size, crypt_type); |
/* Deleting the keys does not gain extra security */ |
/* Deleting the keys does not gain extra security */ |
/* memset(enc->iv, 0, enc->block_size); |
/* memset(enc->iv, 0, enc->block_size); |
memset(enc->key, 0, enc->key_len); */ |
memset(enc->key, 0, enc->key_len); */ |
|
|
u_char padlen, pad; |
u_char padlen, pad; |
u_int packet_length = 0; |
u_int packet_length = 0; |
u_int i, len; |
u_int i, len; |
u_int32_t rand = 0; |
u_int32_t rnd = 0; |
Enc *enc = NULL; |
Enc *enc = NULL; |
Mac *mac = NULL; |
Mac *mac = NULL; |
Comp *comp = NULL; |
Comp *comp = NULL; |
|
|
/* random padding */ |
/* random padding */ |
for (i = 0; i < padlen; i++) { |
for (i = 0; i < padlen; i++) { |
if (i % 4 == 0) |
if (i % 4 == 0) |
rand = arc4random(); |
rnd = arc4random(); |
cp[i] = rand & 0xff; |
cp[i] = rnd & 0xff; |
rand >>= 8; |
rnd >>= 8; |
} |
} |
} else { |
} else { |
/* clear padding */ |
/* clear padding */ |
|
|
return interactive_mode; |
return interactive_mode; |
} |
} |
|
|
u_int |
int |
packet_set_maxsize(u_int s) |
packet_set_maxsize(u_int s) |
{ |
{ |
static int called = 0; |
static int called = 0; |
|
|
void |
void |
packet_send_ignore(int nbytes) |
packet_send_ignore(int nbytes) |
{ |
{ |
u_int32_t rand = 0; |
u_int32_t rnd = 0; |
int i; |
int i; |
|
|
packet_start(compat20 ? SSH2_MSG_IGNORE : SSH_MSG_IGNORE); |
packet_start(compat20 ? SSH2_MSG_IGNORE : SSH_MSG_IGNORE); |
packet_put_int(nbytes); |
packet_put_int(nbytes); |
for (i = 0; i < nbytes; i++) { |
for (i = 0; i < nbytes; i++) { |
if (i % 4 == 0) |
if (i % 4 == 0) |
rand = arc4random(); |
rnd = arc4random(); |
packet_put_char(rand & 0xff); |
packet_put_char(rnd & 0xff); |
rand >>= 8; |
rnd >>= 8; |
} |
} |
} |
} |
|
|
#define MAX_PACKETS (1<<31) |
#define MAX_PACKETS (1U<<31) |
int |
int |
packet_need_rekeying(void) |
packet_need_rekeying(void) |
{ |
{ |