diff options
author | Matt Johnston <matt@ucc.asn.au> | 2009-02-26 13:21:14 +0000 |
---|---|---|
committer | Matt Johnston <matt@ucc.asn.au> | 2009-02-26 13:21:14 +0000 |
commit | 4b37932ba17eb23cdf5cd3125c4cece945e18db0 (patch) | |
tree | 1b68a40a677aec7d498848f9e124f4efcf1a2375 | |
parent | d1bfb6bfb7a346715a66318ec9d1e860903c8245 (diff) | |
parent | 35f3d2ff907c5060b092f6222f73e2667d65db11 (diff) |
merge of 'e1c100e6366c5d607af08f4abdbb0f4281df4fa9'
and 'fe8161b0698c9816b98f79e3cab2b9d59f2be71b'
--HG--
extra : convert_revision : 23e1a99e40fc3baad5216b2a7e7318f8243f86a3
-rw-r--r-- | Makefile.in | 2 | ||||
-rw-r--r-- | configure.in | 3 | ||||
-rw-r--r-- | packet.c | 48 | ||||
-rw-r--r-- | sysoptions.h | 5 |
4 files changed, 30 insertions, 28 deletions
diff --git a/Makefile.in b/Makefile.in index 3e6c855..4c8441f 100644 --- a/Makefile.in +++ b/Makefile.in @@ -25,7 +25,7 @@ COMMONOBJS=dbutil.o buffer.o \ SVROBJS=svr-kex.o svr-algo.o svr-auth.o sshpty.o \ svr-authpasswd.o svr-authpubkey.o svr-authpubkeyoptions.o svr-session.o svr-service.o \ svr-chansession.o svr-runopts.o svr-agentfwd.o svr-main.o svr-x11fwd.o\ - svr-tcpfwd.o svr-authpam.o + svr-tcpfwd.o svr-authpam.o @CRYPTLIB@ CLIOBJS=cli-algo.o cli-main.o cli-auth.o cli-authpasswd.o cli-kex.o \ cli-session.o cli-service.o cli-runopts.o cli-chansession.o \ diff --git a/configure.in b/configure.in index 52a75e0..c7149e8 100644 --- a/configure.in +++ b/configure.in @@ -82,7 +82,8 @@ AC_CHECK_DECL(__UCLIBC__, ],,,) # Checks for libraries. -AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt") +AC_CHECK_LIB(crypt, crypt, CRYPTLIB="-lcrypt") +AC_SUBST(CRYPTLIB) # Check if zlib is needed AC_ARG_WITH(zlib, @@ -240,17 +240,16 @@ void decrypt_packet() { buf_setpos(ses.decryptreadbuf, blocksize); /* decrypt it */ - while (ses.readbuf->pos < ses.readbuf->len - macsize) { - if (ses.keys->recv_crypt_mode->decrypt( - buf_getptr(ses.readbuf, blocksize), - buf_getwriteptr(ses.decryptreadbuf, blocksize), - blocksize, - &ses.keys->recv_cipher_state) != CRYPT_OK) { - dropbear_exit("error decrypting"); - } - buf_incrpos(ses.readbuf, blocksize); - buf_incrwritepos(ses.decryptreadbuf, blocksize); + len = ses.readbuf->len - macsize - ses.readbuf->pos; + if (ses.keys->recv_crypt_mode->decrypt( + buf_getptr(ses.readbuf, len), + buf_getwriteptr(ses.decryptreadbuf, len), + len, + &ses.keys->recv_cipher_state) != CRYPT_OK) { + dropbear_exit("error decrypting"); } + buf_incrpos(ses.readbuf, len); + buf_incrwritepos(ses.decryptreadbuf, len); /* check the hmac */ buf_setpos(ses.readbuf, ses.readbuf->len - macsize); @@ -454,7 +453,7 @@ void encrypt_packet() { buffer * writebuf; /* the packet which will go on the wire */ buffer * clearwritebuf; /* unencrypted, possibly compressed */ unsigned char type; - unsigned int clear_len; + unsigned int len; type = ses.writepayload->data[0]; TRACE(("enter encrypt_packet()")) @@ -474,12 +473,12 @@ void encrypt_packet() { /* Encrypted packet len is payload+5, then worst case is if we are 3 away * from a blocksize multiple. In which case we need to pad to the * multiple, then add another blocksize (or MIN_PACKET_LEN) */ - clear_len = (ses.writepayload->len+4+1) + MIN_PACKET_LEN + 3; + len = (ses.writepayload->len+4+1) + MIN_PACKET_LEN + 3; #ifndef DISABLE_ZLIB - clear_len += ZLIB_COMPRESS_INCR; /* bit of a kludge, but we can't know len*/ + len += ZLIB_COMPRESS_INCR; /* bit of a kludge, but we can't know len*/ #endif - clearwritebuf = buf_new(clear_len); + clearwritebuf = buf_new(len); buf_setlen(clearwritebuf, PACKET_PAYLOAD_OFF); buf_setpos(clearwritebuf, PACKET_PAYLOAD_OFF); @@ -531,17 +530,16 @@ void encrypt_packet() { writebuf = buf_new(clearwritebuf->len + macsize); /* encrypt it */ - while (clearwritebuf->pos < clearwritebuf->len) { - if (ses.keys->trans_crypt_mode->encrypt( - buf_getptr(clearwritebuf, blocksize), - buf_getwriteptr(writebuf, blocksize), - blocksize, - &ses.keys->trans_cipher_state) != CRYPT_OK) { - dropbear_exit("error encrypting"); - } - buf_incrpos(clearwritebuf, blocksize); - buf_incrwritepos(writebuf, blocksize); - } + len = clearwritebuf->len; + if (ses.keys->trans_crypt_mode->encrypt( + buf_getptr(clearwritebuf, len), + buf_getwriteptr(writebuf, len), + len, + &ses.keys->trans_cipher_state) != CRYPT_OK) { + dropbear_exit("error encrypting"); + } + buf_incrpos(clearwritebuf, len); + buf_incrwritepos(writebuf, len); /* now add a hmac and we're done */ writemac(writebuf, clearwritebuf); diff --git a/sysoptions.h b/sysoptions.h index c98e1ec..2de1184 100644 --- a/sysoptions.h +++ b/sysoptions.h @@ -202,5 +202,8 @@ #define IS_DROPBEAR_CLIENT 1 #else -#error You must compiled with either DROPBEAR_CLIENT or DROPBEAR_SERVER selected +/* Just building key utils? */ +#define IS_DROPBEAR_SERVER 0 +#define IS_DROPBEAR_CLIENT 0 + #endif |