#define crWaitUntil(c) do { crReturn(0); } while (!(c))
extern struct ssh_cipher ssh_3des;
+extern struct ssh_cipher ssh_3des_ssh2;
extern struct ssh_cipher ssh_des;
extern struct ssh_cipher ssh_blowfish;
/* for ssh 2; we miss out single-DES because it isn't supported */
-struct ssh_cipher *ciphers[] = { &ssh_3des, &ssh_blowfish };
+struct ssh_cipher *ciphers[] = { &ssh_3des_ssh2, &ssh_blowfish };
extern struct ssh_kex ssh_diffiehellman;
struct ssh_kex *kex_algs[] = { &ssh_diffiehellman };
/*
* Check the MAC.
*/
- if (scmac && !scmac->verify(pktin.data, incoming_sequence++, len+4))
+ if (scmac && !scmac->verify(pktin.data, len+4, incoming_sequence))
fatalbox("Incorrect MAC received on packet");
+ incoming_sequence++; /* whether or not we MACed */
pktin.savedpos = 6;
pktin.type = pktin.data[5];
}
void ssh2_pkt_send(void) {
int cipherblk, maclen, padding, i;
- unsigned long outgoing_sequence = 0;
+ static unsigned long outgoing_sequence = 0;
/*
* Add padding. At least four bytes, and must also bring total
pktout.data[pktout.length + i] = random_byte();
PUT_32BIT(pktout.data, pktout.length + padding - 4);
if (csmac)
- csmac->generate(pktout.data, outgoing_sequence++,
- pktout.length + padding);
+ csmac->generate(pktout.data, pktout.length + padding,
+ outgoing_sequence);
+ outgoing_sequence++; /* whether or not we MACed */
if (cscipher)
cscipher->encrypt(pktout.data, pktout.length + padding);
maclen = csmac ? csmac->len : 0;
ssh2_mkkey(K, exchange_hash, 'E', keyspace); csmac->setcskey(keyspace);
ssh2_mkkey(K, exchange_hash, 'F', keyspace); scmac->setsckey(keyspace);
+ /*
+ * Now we're encrypting. Send a test packet (FIXME).
+ */
+ crWaitUntil(!ispkt);
+ ssh2_pkt_init(SSH2_MSG_IGNORE);
+ ssh2_pkt_addstring("oo-er");
+ ssh2_pkt_send();
+
crWaitUntil(0);
crFinish(1);