Commit 769b4cb0 authored by Niels Möller's avatar Niels Möller
Browse files

* src/transport.c (oop_write_ssh): Updated call to

transport_write_flush.
(transport_send_packet): Updated calls to transport_write_packet
and transport_write_flush.
(transport_send_kexinit): Updated to new make_kexinit interface.

* src/transport_write.c (make_ignore_packet): Deleted randomness
argument.
(transport_write_packet): Likewise.
(transport_write_flush): Likewise.

* src/transport_read.c (decode_packet): Use random_add, to mix the
received random padding into the pool.

* src/transport.h (class transport_context): Deleted randomness
attribute.

Rev: src/transport.c:1.12
Rev: src/transport.h:1.10
Rev: src/transport_read.c:1.8
Rev: src/transport_write.c:1.3
parent bc7b0d64
......@@ -553,7 +553,7 @@ oop_write_ssh(oop_source *source UNUSED,
assert(event == OOP_WRITE);
assert(fd == connection->ssh_output);
status = transport_write_flush(connection->writer, fd, connection->ctx->random);
status = transport_write_flush(connection->writer, fd);
switch(status)
{
default:
......@@ -647,10 +647,9 @@ transport_send_packet(struct transport_connection *connection,
writer = connection->writer;
if (packet)
status = transport_write_packet(writer, connection->ssh_output,
flags, packet, connection->ctx->random);
flags, packet);
else
status = transport_write_flush(writer, connection->ssh_output,
connection->ctx->random);
status = transport_write_flush(writer, connection->ssh_output);
switch (status)
{
case TRANSPORT_WRITE_OVERFLOW:
......@@ -707,7 +706,7 @@ transport_send_kexinit(struct transport_connection *connection)
/* This is a reexchange; no more data can be sent */
connection->event_handler(connection, TRANSPORT_EVENT_STOP_APPLICATION);
kex = MAKE_KEXINIT(connection->ctx->kexinit, connection->ctx->random);
kex = connection->ctx->kexinit->make(connection->ctx->kexinit);
connection->kex.kexinit[is_server] = kex;
assert(kex->first_kex_packet_follows == !!kex->first_kex_packet);
......
......@@ -151,7 +151,7 @@ make_transport_write_state(void);
enum transport_write_status
transport_write_packet(struct transport_write_state *self,
int fd, enum transport_write_flag flags,
struct lsh_string *packet, struct randomness *random);
struct lsh_string *packet);
enum transport_write_status
transport_write_line(struct transport_write_state *self,
......@@ -168,7 +168,7 @@ transport_write_new_keys(struct transport_write_state *self,
packet */
enum transport_write_status
transport_write_flush(struct transport_write_state *self,
int fd, struct randomness *random);
int fd);
/* Fixed state used by all connections. */
/* GABA:
......@@ -176,7 +176,6 @@ transport_write_flush(struct transport_write_state *self,
(name transport_context)
(vars
(is_server . int)
(random object randomness)
(algorithms object alist)
(kexinit object make_kexinit)))
*/
......
......@@ -41,6 +41,7 @@
#include "compress.h"
#include "io.h"
#include "lsh_string.h"
#include "randomness.h"
#include "ssh.h"
#include "werror.h"
#include "xalloc.h"
......@@ -192,7 +193,7 @@ decode_packet(struct transport_read_state *self,
decrypt directly into the output buffer, avoiding an extra
copying at the end.
FIXME: But for simplixity, that's not yet implemented, we do
FIXME: But for simplicity, that's not yet implemented, we do
everything in place and copy at the end. */
if (self->crypto && crypt_left > 0)
......@@ -221,6 +222,11 @@ decode_packet(struct transport_read_state *self,
self->super.start += self->total_length;
self->super.length -= self->total_length;
if (self->crypto)
random_add(RANDOM_SOURCE_REMOTE,
self->padding,
data + self->total_length - mac_size - self->padding);
/* Reset for next header */
self->total_length = 0;
......@@ -233,7 +239,7 @@ decode_packet(struct transport_read_state *self,
return SSH_READ_COMPLETE;
}
/* First reads the entire packet into the input_buffer, decrypting it
in place. Next, reads the mac and verifies it. */
enum ssh_read_status
......
......@@ -181,20 +181,18 @@ write_flush(struct transport_write_state *self, int fd)
}
static struct lsh_string *
make_ignore_packet(struct transport_write_state *self,
uint32_t length, struct randomness *random)
make_ignore_packet(struct transport_write_state *self, uint32_t length)
{
uint32_t pad_start;
struct lsh_string *packet;
packet = ssh_format("%c%r", SSH_MSG_IGNORE, length, &pad_start);
lsh_string_write_random(packet, pad_start, random, length);
lsh_string_write_random(packet, pad_start, length);
packet = encrypt_packet(packet,
self->deflate,
self->crypto,
self->mac,
random,
self->seqno++);
return packet;
......@@ -207,7 +205,7 @@ make_ignore_packet(struct transport_write_state *self,
enum transport_write_status
transport_write_packet(struct transport_write_state *self,
int fd, enum transport_write_flag flags,
struct lsh_string *packet, struct randomness *random)
struct lsh_string *packet)
{
uint32_t length;
uint8_t msg;
......@@ -229,7 +227,6 @@ transport_write_packet(struct transport_write_state *self,
self->deflate,
self->crypto,
self->mac,
random,
self->seqno++);
length = lsh_string_length(packet);
......@@ -243,7 +240,7 @@ transport_write_packet(struct transport_write_state *self,
if (status < 0)
return status;
packet = make_ignore_packet(self, TRANSPORT_PADDING_SIZE, random);
packet = make_ignore_packet(self, TRANSPORT_PADDING_SIZE);
flags |= TRANSPORT_WRITE_FLAG_IGNORE;
}
......@@ -266,8 +263,7 @@ transport_write_line(struct transport_write_state *self,
}
enum transport_write_status
transport_write_flush(struct transport_write_state *self,
int fd, struct randomness *random)
transport_write_flush(struct transport_write_state *self, int fd)
{
if (!self->ignore && self->crypto
&& self->super.length < self->threshold)
......@@ -275,7 +271,7 @@ transport_write_flush(struct transport_write_state *self,
enum transport_write_status status;
struct lsh_string *packet;
packet = make_ignore_packet(self, TRANSPORT_PADDING_SIZE, random);
packet = make_ignore_packet(self, TRANSPORT_PADDING_SIZE);
status = write_data(self, fd, TRANSPORT_WRITE_FLAG_IGNORE, STRING_LD(packet));
lsh_string_free(packet);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment