version 1.49, 2001/02/08 19:30:52 |
version 1.50, 2001/02/11 12:59:25 |
|
|
#include "ssh1.h" |
#include "ssh1.h" |
#include "ssh2.h" |
#include "ssh2.h" |
|
|
#include <openssl/bn.h> |
|
#include <openssl/dh.h> |
|
#include <openssl/hmac.h> |
|
#include "cipher.h" |
#include "cipher.h" |
#include "kex.h" |
#include "kex.h" |
#include "hmac.h" |
#include "mac.h" |
#include "log.h" |
#include "log.h" |
#include "canohost.h" |
#include "canohost.h" |
|
|
|
|
void |
void |
packet_send2(void) |
packet_send2(void) |
{ |
{ |
|
static u_int32_t seqnr = 0; |
u_char *macbuf = NULL; |
u_char *macbuf = NULL; |
char *cp; |
char *cp; |
u_int packet_length = 0; |
u_int packet_length = 0; |
u_int i, padlen, len; |
u_int i, padlen, len; |
u_int32_t rand = 0; |
u_int32_t rand = 0; |
static u_int seqnr = 0; |
|
int type; |
int type; |
Enc *enc = NULL; |
Enc *enc = NULL; |
Mac *mac = NULL; |
Mac *mac = NULL; |
|
|
|
|
/* compute MAC over seqnr and packet(length fields, payload, padding) */ |
/* compute MAC over seqnr and packet(length fields, payload, padding) */ |
if (mac && mac->enabled) { |
if (mac && mac->enabled) { |
macbuf = hmac( mac->md, seqnr, |
macbuf = mac_compute(mac, seqnr, |
(u_char *) buffer_ptr(&outgoing_packet), |
(u_char *) buffer_ptr(&outgoing_packet), |
buffer_len(&outgoing_packet), |
buffer_len(&outgoing_packet)); |
mac->key, mac->key_len |
|
); |
|
DBG(debug("done calc MAC out #%d", seqnr)); |
DBG(debug("done calc MAC out #%d", seqnr)); |
} |
} |
/* encrypt packet and append to output buffer. */ |
/* encrypt packet and append to output buffer. */ |
|
|
int |
int |
packet_read_poll2(int *payload_len_ptr) |
packet_read_poll2(int *payload_len_ptr) |
{ |
{ |
|
static u_int32_t seqnr = 0; |
|
static u_int packet_length = 0; |
u_int padlen, need; |
u_int padlen, need; |
u_char buf[8], *macbuf; |
u_char buf[8], *macbuf; |
u_char *ucp; |
u_char *ucp; |
char *cp; |
char *cp; |
static u_int packet_length = 0; |
|
static u_int seqnr = 0; |
|
int type; |
int type; |
int maclen, block_size; |
int maclen, block_size; |
Enc *enc = NULL; |
Enc *enc = NULL; |
|
|
* increment sequence number for incoming packet |
* increment sequence number for incoming packet |
*/ |
*/ |
if (mac && mac->enabled) { |
if (mac && mac->enabled) { |
macbuf = hmac( mac->md, seqnr, |
macbuf = mac_compute(mac, seqnr, |
(u_char *) buffer_ptr(&incoming_packet), |
(u_char *) buffer_ptr(&incoming_packet), |
buffer_len(&incoming_packet), |
buffer_len(&incoming_packet)); |
mac->key, mac->key_len |
|
); |
|
if (memcmp(macbuf, buffer_ptr(&input), mac->mac_len) != 0) |
if (memcmp(macbuf, buffer_ptr(&input), mac->mac_len) != 0) |
packet_disconnect("Corrupted MAC on input."); |
packet_disconnect("Corrupted MAC on input."); |
DBG(debug("MAC #%d ok", seqnr)); |
DBG(debug("MAC #%d ok", seqnr)); |