SSH CRC attack detector now uses a dynamically allocated context.

[u/mdw/putty] / ssh.h

diff --git a/ssh.h b/ssh.h
index 76954a4..bf57b8f 100644 (file)
--- a/ssh.h
+++ b/ssh.h
@@ -75,7 +75,10 @@ unsigned long crc32(const void *s, size_t len);
 unsigned long crc32_update(unsigned long crc_input, const void *s, size_t len);
 
 /* SSH CRC compensation attack detector */
-int detect_attack(unsigned char *buf, uint32 len, unsigned char *IV);
+void *crcda_make_context(void);
+void crcda_free_context(void *handle);
+int detect_attack(void *handle, unsigned char *buf, uint32 len,
+                 unsigned char *IV);
 
 typedef struct {
     uint32 h[4];
@@ -123,22 +126,26 @@ void SHA512_Final(SHA512_State * s, unsigned char *output);
 void SHA512_Simple(const void *p, int len, unsigned char *output);
 
 struct ssh_cipher {
-    void (*sesskey) (unsigned char *key);      /* for ssh 1 */
-    void (*encrypt) (unsigned char *blk, int len);
-    void (*decrypt) (unsigned char *blk, int len);
+    void *(*make_context)(void);
+    void (*free_context)(void *);
+    void (*sesskey) (void *, unsigned char *key);      /* for ssh 1 */
+    void (*encrypt) (void *, unsigned char *blk, int len);
+    void (*decrypt) (void *, unsigned char *blk, int len);
     int blksize;
+    char *text_name;
 };
 
 struct ssh2_cipher {
-    void (*setcsiv) (unsigned char *key);      /* for ssh 2 */
-    void (*setcskey) (unsigned char *key);     /* for ssh 2 */
-    void (*setsciv) (unsigned char *key);      /* for ssh 2 */
-    void (*setsckey) (unsigned char *key);     /* for ssh 2 */
-    void (*encrypt) (unsigned char *blk, int len);
-    void (*decrypt) (unsigned char *blk, int len);
+    void *(*make_context)(void);
+    void (*free_context)(void *);
+    void (*setiv) (void *, unsigned char *key);        /* for ssh 2 */
+    void (*setkey) (void *, unsigned char *key);/* for ssh 2 */
+    void (*encrypt) (void *, unsigned char *blk, int len);
+    void (*decrypt) (void *, unsigned char *blk, int len);
     char *name;
     int blksize;
     int keylen;
+    char *text_name;
 };
 
 struct ssh2_ciphers {
@@ -147,10 +154,11 @@ struct ssh2_ciphers {
 };
 
 struct ssh_mac {
-    void (*setcskey) (unsigned char *key);
-    void (*setsckey) (unsigned char *key);
-    void (*generate) (unsigned char *blk, int len, unsigned long seq);
-    int (*verify) (unsigned char *blk, int len, unsigned long seq);
+    void *(*make_context)(void);
+    void (*free_context)(void *);
+    void (*setkey) (void *, unsigned char *key);
+    void (*generate) (void *, unsigned char *blk, int len, unsigned long seq);
+    int (*verify) (void *, unsigned char *blk, int len, unsigned long seq);
     char *name;
     int len;
 };
@@ -227,7 +235,7 @@ extern char sshver[];
  * that fails. This variable is the means by which scp.c can reach
  * into the SSH code and find out which one it got.
  */
-extern int ssh_fallback_cmd;
+extern int ssh_fallback_cmd(void *handle);
 
 #ifndef MSCRYPTOAPI
 void SHATransform(word32 * digest, word32 * data);
@@ -238,8 +246,11 @@ void random_add_noise(void *noise, int length);
 void random_add_heavynoise(void *noise, int length);
 
 void logevent(char *);
-void *new_sock_channel(Socket s); // allocates and register a new channel for port forwarding
-void ssh_send_port_open(void *channel, char *hostname, int port, char *org);
+
+/* Allocate and register a new channel for port forwarding */
+void *new_sock_channel(void *handle, Socket s);
+void ssh_send_port_open(void *handle, void *channel,
+                       char *hostname, int port, char *org);
 
 Bignum copybn(Bignum b);
 Bignum bn_power_2(int n);