| version 1.61.2.2, 2001/11/15 00:15:19 |
version 1.61.2.3, 2001/11/15 22:51:15 |
|
|
| /* Session key information for Encryption and MAC */ |
/* Session key information for Encryption and MAC */ |
| Newkeys *newkeys[MODE_MAX]; |
Newkeys *newkeys[MODE_MAX]; |
| |
|
| |
/* roundup current message to extra_pad bytes */ |
| |
static u_char extra_pad = 0; |
| |
|
| /* |
/* |
| * Sets the descriptors used for communication. Disables encryption until |
* Sets the descriptors used for communication. Disables encryption until |
| * packet_set_encryption_key is called. |
* packet_set_encryption_key is called. |
|
|
| { |
{ |
| static u_int32_t seqnr = 0; |
static u_int32_t seqnr = 0; |
| u_char type, *ucp, *macbuf = NULL; |
u_char type, *ucp, *macbuf = NULL; |
| |
u_char padlen, pad; |
| char *cp; |
char *cp; |
| u_int packet_length = 0; |
u_int packet_length = 0; |
| u_int i, padlen, len; |
u_int i, len; |
| u_int32_t rand = 0; |
u_int32_t rand = 0; |
| Enc *enc = NULL; |
Enc *enc = NULL; |
| Mac *mac = NULL; |
Mac *mac = NULL; |
|
|
| padlen = block_size - (len % block_size); |
padlen = block_size - (len % block_size); |
| if (padlen < 4) |
if (padlen < 4) |
| padlen += block_size; |
padlen += block_size; |
| |
if (extra_pad) { |
| |
/* will wrap if extra_pad+padlen > 255 */ |
| |
extra_pad = roundup(extra_pad, block_size); |
| |
pad = extra_pad - ((len + padlen) % extra_pad); |
| |
debug("packet_send2: adding %d (len %d padlen %d extra_pad %d)", |
| |
pad, len, padlen, extra_pad); |
| |
padlen += pad; |
| |
extra_pad = 0; |
| |
} |
| buffer_append_space(&outgoing_packet, &cp, padlen); |
buffer_append_space(&outgoing_packet, &cp, padlen); |
| if (enc && enc->cipher->number != SSH_CIPHER_NONE) { |
if (enc && enc->cipher->number != SSH_CIPHER_NONE) { |
| /* random padding */ |
/* random padding */ |
|
|
| return s; |
return s; |
| } |
} |
| |
|
| |
/* roundup current message to pad bytes */ |
| |
void |
| |
packet_add_padding(u_char pad) |
| |
{ |
| |
extra_pad = pad; |
| |
} |
| |
|
| /* |
/* |
| * 9.2. Ignored Data Message |
* 9.2. Ignored Data Message |
| * |
* |
|
|
| * required to send them. This message can be used as an additional |
* required to send them. This message can be used as an additional |
| * protection measure against advanced traffic analysis techniques. |
* protection measure against advanced traffic analysis techniques. |
| */ |
*/ |
| /* size of current + ignore message should be n*sumlen bytes (w/o mac) */ |
|
| void |
|
| packet_inject_ignore(int sumlen) |
|
| { |
|
| int blocksize, padlen, have, need, nb, mini, nbytes; |
|
| Enc *enc = NULL; |
|
| |
|
| if (compat20 == 0) |
|
| return; |
|
| |
|
| have = buffer_len(&outgoing_packet); |
|
| debug2("packet_inject_ignore: current %d", have); |
|
| if (newkeys[MODE_OUT] != NULL) |
|
| enc = &newkeys[MODE_OUT]->enc; |
|
| blocksize = enc ? enc->cipher->block_size : 8; |
|
| padlen = blocksize - (have % blocksize); |
|
| if (padlen < 4) |
|
| padlen += blocksize; |
|
| have += padlen; |
|
| have /= blocksize; /* # of blocks for current message */ |
|
| |
|
| nb = roundup(sumlen, blocksize) / blocksize; /* blocks for both */ |
|
| mini = roundup(5+1+4+4, blocksize) / blocksize; /* minsize ignore msg */ |
|
| need = nb - (have % nb); /* blocks for ignore */ |
|
| if (need <= mini) |
|
| need += nb; |
|
| nbytes = (need - mini) * blocksize; /* size of ignore payload */ |
|
| debug2("packet_inject_ignore: block %d have %d nb %d mini %d need %d", |
|
| blocksize, have, nb, mini, need); |
|
| |
|
| /* enqueue current message and append a ignore message */ |
|
| packet_send(); |
|
| packet_send_ignore(nbytes); |
|
| } |
|
| |
|
| void |
void |
| packet_send_ignore(int nbytes) |
packet_send_ignore(int nbytes) |
| { |
{ |
![[BACK]](/icons/back.gif){kind=icon}
Return to packet.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh