projects
/
u
/
mdw
/
putty
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
SSH CRC attack detector now uses a dynamically allocated context.
[u/mdw/putty]
/
ssh.c
diff --git
a/ssh.c
b/ssh.c
index
9689fd2
..
677ff87
100644
(file)
--- a/
ssh.c
+++ b/
ssh.c
@@
-560,6
+560,7
@@
struct ssh_tag {
int remote_bugs;
const struct ssh_cipher *cipher;
void *v1_cipher_ctx;
int remote_bugs;
const struct ssh_cipher *cipher;
void *v1_cipher_ctx;
+ void *crcda_ctx;
const struct ssh2_cipher *cscipher, *sccipher;
void *cs_cipher_ctx, *sc_cipher_ctx;
const struct ssh_mac *csmac, *scmac;
const struct ssh2_cipher *cscipher, *sccipher;
void *cs_cipher_ctx, *sc_cipher_ctx;
const struct ssh_mac *csmac, *scmac;
@@
-809,7
+810,8
@@
static int ssh1_rdpkt(Ssh ssh, unsigned char **data, int *datalen)
st->to_read -= st->chunk;
}
st->to_read -= st->chunk;
}
- if (ssh->cipher && detect_attack(ssh->pktin.data, st->biglen, NULL)) {
+ if (ssh->cipher && detect_attack(ssh->crcda_ctx, ssh->pktin.data,
+ st->biglen, NULL)) {
bombout(("Network attack (CRC compensation) detected!"));
crReturn(0);
}
bombout(("Network attack (CRC compensation) detected!"));
crReturn(0);
}
@@
-2377,6
+2379,9
@@
static int do_ssh1_login(Ssh ssh, unsigned char *in, int inlen, int ispkt)
logevent(buf);
}
logevent(buf);
}
+ ssh->crcda_ctx = crcda_make_context();
+ logevent("Installing CRC compensation attack detector");
+
crWaitUntil(ispkt);
if (ssh->pktin.type != SSH1_SMSG_SUCCESS) {
crWaitUntil(ispkt);
if (ssh->pktin.type != SSH1_SMSG_SUCCESS) {
@@
-5801,6
+5806,7
@@
static char *ssh_init(void *frontend_handle, void **backend_handle,
ssh->s = NULL;
ssh->cipher = NULL;
ssh->v1_cipher_ctx = NULL;
ssh->s = NULL;
ssh->cipher = NULL;
ssh->v1_cipher_ctx = NULL;
+ ssh->crcda_ctx = NULL;
ssh->cscipher = NULL;
ssh->cs_cipher_ctx = NULL;
ssh->sccipher = NULL;
ssh->cscipher = NULL;
ssh->cs_cipher_ctx = NULL;
ssh->sccipher = NULL;