nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-07-02 03:52:49 -05:00
Code Issues Projects Releases Wiki Activity

SSH CRC attack detector now uses a dynamically allocated context.

Browse Source 
[originally from svn r2132]
This commit is contained in:
Simon Tatham
2002-10-25 12:58:21 +00:00
parent 8f91f07599
commit 107d1d875d
3 changed files with 45 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
ssh.c
View File

@ -560,6 +560,7 @@ struct ssh_tag {
int remote_bugs;
const struct ssh_cipher *cipher;
void *v1_cipher_ctx;
void *crcda_ctx;
const struct ssh2_cipher *cscipher, *sccipher;
void *cs_cipher_ctx, *sc_cipher_ctx;
const struct ssh_mac *csmac, *scmac;
@ -809,7 +810,8 @@ static int ssh1_rdpkt(Ssh ssh, unsigned char **data, int *datalen)
st->to_read -= st->chunk;
}
if (ssh->cipher && detect_attack(ssh->pktin.data, st->biglen, NULL)) {
if (ssh->cipher && detect_attack(ssh->crcda_ctx, ssh->pktin.data,
st->biglen, NULL)) {
bombout(("Network attack (CRC compensation) detected!"));
crReturn(0);
}
@ -2377,6 +2379,9 @@ static int do_ssh1_login(Ssh ssh, unsigned char *in, int inlen, int ispkt)
logevent(buf);
}
ssh->crcda_ctx = crcda_make_context();
logevent("Installing CRC compensation attack detector");
crWaitUntil(ispkt);
if (ssh->pktin.type != SSH1_SMSG_SUCCESS) {
@ -5801,6 +5806,7 @@ static char *ssh_init(void *frontend_handle, void **backend_handle,
ssh->s = NULL;
ssh->cipher = NULL;
ssh->v1_cipher_ctx = NULL;
ssh->crcda_ctx = NULL;
ssh->cscipher = NULL;
ssh->cs_cipher_ctx = NULL;
ssh->sccipher = NULL;