tyler.durden/openssh-portable
1
0
Fork 0
mirror of https://github.com/PowerShell/openssh-portable.git synced 2025-07-28 16:24:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

- markus@cvs.openbsd.org 2008/11/21 15:47:38

Browse Source 
[packet.c]
     packet_disconnect() on padding error, too.  should reduce the success
     probability for the CPNI-957037 Plaintext Recovery Attack to 2^-18
     ok djm@
This commit is contained in:
Darren Tucker 2008-12-01 21:40:48 +11:00
parent 83795d61d2
commit 99d11a3ed2
2 changed files with 14 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
ChangeLog
View File

@ -2,6 +2,12 @@
- (dtucker) [contrib/cygwin/{Makefile,ssh-host-config}] Add new doc files - (dtucker) [contrib/cygwin/{Makefile,ssh-host-config}] Add new doc files
and tweak the is-sshd-running check in ssh-host-config. Patch from and tweak the is-sshd-running check in ssh-host-config. Patch from
vinschen at redhat com. vinschen at redhat com.
- (dtucker) OpenBSD CVS Sync
- markus@cvs.openbsd.org 2008/11/21 15:47:38
[packet.c]
packet_disconnect() on padding error, too. should reduce the success
probability for the CPNI-957037 Plaintext Recovery Attack to 2^-18
ok djm@
20081123 20081123
- (dtucker) [monitor_fdpass.c] Reduce diff vs OpenBSD by moving some - (dtucker) [monitor_fdpass.c] Reduce diff vs OpenBSD by moving some
@ -4936,5 +4942,5 @@
OpenServer 6 and add osr5bigcrypt support so when someone migrates OpenServer 6 and add osr5bigcrypt support so when someone migrates
passwords between UnixWare and OpenServer they will still work. OK dtucker@ passwords between UnixWare and OpenServer they will still work. OK dtucker@
$Id: ChangeLog,v 1.5145 2008/12/01 10:34:28 dtucker Exp $ $Id: ChangeLog,v 1.5146 2008/12/01 10:40:48 dtucker Exp $

11
packet.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: packet.c,v 1.157 2008/07/10 18:08:11 markus Exp $ */ /* $OpenBSD: packet.c,v 1.158 2008/11/21 15:47:38 markus Exp $ */
/* /*
* Author: Tatu Ylonen <ylo@cs.hut.fi> * Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -1152,7 +1152,8 @@ packet_read_poll2(u_int32_t *seqnr_p)
#ifdef PACKET_DEBUG #ifdef PACKET_DEBUG
buffer_dump(&incoming_packet); buffer_dump(&incoming_packet);
#endif #endif
packet_disconnect("Bad packet length %u.", packet_length); packet_disconnect("Bad packet length %-10u",
packet_length);
} }
DBG(debug("input: packet len %u", packet_length+4)); DBG(debug("input: packet len %u", packet_length+4));
buffer_consume(&input, block_size); buffer_consume(&input, block_size);
@ -1161,9 +1162,11 @@ packet_read_poll2(u_int32_t *seqnr_p)
need = 4 + packet_length - block_size; need = 4 + packet_length - block_size;
DBG(debug("partial packet %d, need %d, maclen %d", block_size, DBG(debug("partial packet %d, need %d, maclen %d", block_size,
need, maclen)); need, maclen));
if (need % block_size != 0) if (need % block_size != 0) {
fatal("padding error: need %d block %d mod %d", logit("padding error: need %d block %d mod %d",
need, block_size, need % block_size); need, block_size, need % block_size);
packet_disconnect("Bad packet length %-10u", packet_length);
}
/* /*
* check if the entire packet has been received and * check if the entire packet has been received and
* decrypt into incoming_packet * decrypt into incoming_packet