| version 1.223, 2016/01/29 02:42:46 |
version 1.224, 2016/01/29 02:54:45 |
|
|
| struct packet_state p_read, p_send; |
struct packet_state p_read, p_send; |
| |
|
| /* Volume-based rekeying */ |
/* Volume-based rekeying */ |
| u_int64_t max_blocks_in, max_blocks_out; |
u_int64_t max_blocks_in, max_blocks_out, rekey_limit; |
| u_int32_t rekey_limit; |
|
| |
|
| /* Time-based rekeying */ |
/* Time-based rekeying */ |
| u_int32_t rekey_interval; /* how often in seconds */ |
u_int32_t rekey_interval; /* how often in seconds */ |
|
|
| max_blocks = &state->max_blocks_in; |
max_blocks = &state->max_blocks_in; |
| } |
} |
| if (state->newkeys[mode] != NULL) { |
if (state->newkeys[mode] != NULL) { |
| debug("set_newkeys: rekeying"); |
debug("set_newkeys: rekeying, input %llu bytes %llu blocks, " |
| |
"output %llu bytes %llu blocks", |
| |
state->p_read.bytes, state->p_read.blocks, |
| |
state->p_send.bytes, state->p_send.blocks); |
| if ((r = cipher_cleanup(cc)) != 0) |
if ((r = cipher_cleanup(cc)) != 0) |
| return r; |
return r; |
| enc = &state->newkeys[mode]->enc; |
enc = &state->newkeys[mode]->enc; |
|
|
| if (state->rekey_limit) |
if (state->rekey_limit) |
| *max_blocks = MIN(*max_blocks, |
*max_blocks = MIN(*max_blocks, |
| state->rekey_limit / enc->block_size); |
state->rekey_limit / enc->block_size); |
| |
debug("rekey after %llu blocks", *max_blocks); |
| return 0; |
return 0; |
| } |
} |
| |
|
|
|
| } |
} |
| |
|
| void |
void |
| ssh_packet_set_rekey_limits(struct ssh *ssh, u_int32_t bytes, time_t seconds) |
ssh_packet_set_rekey_limits(struct ssh *ssh, u_int64_t bytes, time_t seconds) |
| { |
{ |
| debug3("rekey after %lld bytes, %d seconds", (long long)bytes, |
debug3("rekey after %llu bytes, %d seconds", (unsigned long long)bytes, |
| (int)seconds); |
(int)seconds); |
| ssh->state->rekey_limit = bytes; |
ssh->state->rekey_limit = bytes; |
| ssh->state->rekey_interval = seconds; |
ssh->state->rekey_interval = seconds; |
|
|
| if ((r = kex_to_blob(m, ssh->kex)) != 0 || |
if ((r = kex_to_blob(m, ssh->kex)) != 0 || |
| (r = newkeys_to_blob(m, ssh, MODE_OUT)) != 0 || |
(r = newkeys_to_blob(m, ssh, MODE_OUT)) != 0 || |
| (r = newkeys_to_blob(m, ssh, MODE_IN)) != 0 || |
(r = newkeys_to_blob(m, ssh, MODE_IN)) != 0 || |
| (r = sshbuf_put_u32(m, state->rekey_limit)) != 0 || |
(r = sshbuf_put_u64(m, state->rekey_limit)) != 0 || |
| (r = sshbuf_put_u32(m, state->rekey_interval)) != 0 || |
(r = sshbuf_put_u32(m, state->rekey_interval)) != 0 || |
| (r = sshbuf_put_u32(m, state->p_send.seqnr)) != 0 || |
(r = sshbuf_put_u32(m, state->p_send.seqnr)) != 0 || |
| (r = sshbuf_put_u64(m, state->p_send.blocks)) != 0 || |
(r = sshbuf_put_u64(m, state->p_send.blocks)) != 0 || |
|
|
| if ((r = kex_from_blob(m, &ssh->kex)) != 0 || |
if ((r = kex_from_blob(m, &ssh->kex)) != 0 || |
| (r = newkeys_from_blob(m, ssh, MODE_OUT)) != 0 || |
(r = newkeys_from_blob(m, ssh, MODE_OUT)) != 0 || |
| (r = newkeys_from_blob(m, ssh, MODE_IN)) != 0 || |
(r = newkeys_from_blob(m, ssh, MODE_IN)) != 0 || |
| (r = sshbuf_get_u32(m, &state->rekey_limit)) != 0 || |
(r = sshbuf_get_u64(m, &state->rekey_limit)) != 0 || |
| (r = sshbuf_get_u32(m, &state->rekey_interval)) != 0 || |
(r = sshbuf_get_u32(m, &state->rekey_interval)) != 0 || |
| (r = sshbuf_get_u32(m, &state->p_send.seqnr)) != 0 || |
(r = sshbuf_get_u32(m, &state->p_send.seqnr)) != 0 || |
| (r = sshbuf_get_u64(m, &state->p_send.blocks)) != 0 || |
(r = sshbuf_get_u64(m, &state->p_send.blocks)) != 0 || |
![[BACK]](/icons/back.gif){kind=icon}
Return to packet.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh