nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-10 09:58:01 +00:00
Code Issues Projects Releases Wiki Activity

When emitting SSH_MSG_IGNORE to protect against known-IV attacks on CBC,

Browse Source 
remember to put an empty string in it rather than sending a completely
empty packet.  This should help with those servers (notably RomSShell)
that actually check the contents of SSH_MSG_IGNORE.

[originally from svn r7236]
This commit is contained in:
Ben Harris 2007-02-06 13:57:27 +00:00
parent 9c35141162
commit 91694cb3a2
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ssh.c
View File

@ -1864,6 +1864,7 @@ static void ssh2_pkt_defer_noqueue(Ssh ssh, struct Packet *pkt, int noignore)
* get encrypted with a known IV. * get encrypted with a known IV.
*/ */
struct Packet *ipkt = ssh2_pkt_init(SSH2_MSG_IGNORE); struct Packet *ipkt = ssh2_pkt_init(SSH2_MSG_IGNORE);
ssh2_pkt_addstring_start(ipkt);
ssh2_pkt_defer_noqueue(ssh, ipkt, TRUE); ssh2_pkt_defer_noqueue(ssh, ipkt, TRUE);
} }
len = ssh2_pkt_construct(ssh, pkt); len = ssh2_pkt_construct(ssh, pkt);